Cara menginstal dan mengkonfigurasi Mail server di Ubuntu Server 20.04 menggunakan Postfix dan dovecot serta mengaktifkan SSL Certificate pada mail server. Sebelumnya pastikan rekan-rekan sudah mempunyai DNS, jika belum lihat pada link dibawah ini.
1. Installasi Postfix & Dovecot
Tahap pertama yang akan kita lakukan adalah menginstall Postfix dan Dovecot, untuk installsi postfix dan dovecot jalankan perintah berikut ini.root@mail:~# apt -y install postfix sasl2-bin dovecot-core dovecot-pop3d dovecot-imapd
Pada pilihan mail configuration pilih No configuration
2. Konfigurasi Postfix
Sebelum kita konfigurasi postfix ada baiknya kita backup terlebih dahulu file utama postfix yaitu file main.cf silahkan jalankan perintah berikut untuk backup file main.cf.root@mail:~# cp /usr/share/postfix/main.cf.dist /etc/postfix/main.cf
root@mail:~# vi /etc/postfix/main.cf
Pada halaman vi ketik : set number untuk menampilkan Number lalu Edit pada bagian bagian dibawah ini
78 mail_owner = postfix
94 myhostname = mail.aspal.com
102 mydomain = aspal.com
123 myorigin = $mydomain
137 inet_interfaces = all
185 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
228 local_recipient_maps = unix:passwd.byname $alias_maps
270 mynetworks_style = subnet
287 mynetworks = 127.0.0.0/8, 192.168.22.0/24
407 alias_maps = hash:/etc/aliases
418 alias_database = hash:/etc/aliases
440 home_mailbox = Maildir/
576 #smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
577 smtpd_banner = $myhostname ESMTP
650 sendmail_path = /usr/sbin/postfix
655 newaliases_path = /usr/bin/newaliases
660 mailq_path = /usr/bin/mailq
666 setgid_group = postdrop
670 #html_directory =
674 #manpage_directory =
679 #sample_directory =
683 #readme_directory =
Tambahkan pada bagian baris akhir
# limit email size 10M
message_size_limit = 10485760
mailbox_size_limit = 1073741824
# SMTP-Auth setting
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, \ permit_sasl_authenticated, reject
Simpan perubahan
root@mail:~# newaliases
Restart posftix
root@mail:~# systemctl restart postfix
3. Konfigurasi Dovecot
Dovecot adalah server IMAP dan POP3 open-source untuk sistem operasi mirip Unix, yang ditulis terutama dengan mempertimbangkan keamanan. Bagian ini menjelaskan cara mengaturnya sebagai server IMAP atau POP3.
Edit file dovecot.conf
root@mail:~# vi /etc/dovecot/dovecot.conf
# line 30: uncomment
listen = *, ::
Edit file 10-auth.conf
root@mail:~# vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change ( allow plain text auth )
disable_plaintext_auth = no
# line 100: add
auth_mechanisms = plain login
Edit file 10-mail.conf
[root@srv1 ~]# vi /etc/dovecot/conf.d/10-mail.conf
# line 30: change to Maildir
mail_location = maildir:~/Maildir
Edit file 10-master.conf
root@mail:~# vi /etc/dovecot/conf.d/10-master.conf
# line 96-98: uncomment and add
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
Restart Dovecot
root@mail:~# systemctl restart dovecot
4. SSL Certificate
Selanjutnya kita akan membuat Self sign Certificate jalankan perintah berikut.
root@mail:/home/kris# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/sertificate.key -out /etc/ssl/certs/sertificate.crt
Generating a RSA private key
................+++++
.............................+++++
writing new private key to '/etc/ssl/private/sertificate.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Indonesia
Locality Name (eg, city) []:Jakarta
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PT.Nama_pt
Organizational Unit Name (eg, section) []:sysadmin
Common Name (e.g. server FQDN or YOUR name) []:aspal.com
Email Address []:sysadmin@aspal.com
root@mail:/home/kris#
Certificate akan masuk pada direktori /etc/ssl/certs dan /etc/ssl/private
Edit file postfix main.cf
root@mail:~# vi /etc/postfix/main.cf
Lalu tambahkan pada bagian akhir
# add Certificate
smtpd_use_tls = yes
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_cert_file = /etc/ssl/certs/sertificate.crt
smtpd_tls_key_file = /etc/ssl/private/sertificate.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
Edit file master.cf
root@mail:~# vi /etc/postfix/master.cf
# line 17-21: uncomment like follows
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
Edit file 10-ssl.conf
root@mail:~# vi /etc/dovecot/conf.d/10-ssl.conf
# line 6: ganti
ssl = yes
# line 12,13: uncomment dan masukan direktori penyimpanan certificates
ssl_cert = </etc/ssl/certs/sertificate.crt
ssl_key = </etc/ssl/private/sertificate.key
Restart service postfix dan dovecot
root@mail:~# systemctl restart postfix dovecot
Tambahkan beberapa user dengan perintah
root@mail:~# adduser user1
root@mail:~# passwd user1
5. Pengetesan
Testing menggunakan Mozila Thunderbird pada Client Windows
Testing menggunakan Mozila Thunderbird pada Client Ubuntu
Tesing Kirim Email
Email diterima di Client Windows
Balas Email
Email diterima