Sunday, 14 February 2021

Cara Install Mail Server di Ubuntu 20.04

Cara menginstal dan mengkonfigurasi Mail server di Ubuntu Server 20.04 menggunakan Postfix dan dovecot serta mengaktifkan SSL Certificate pada mail server. Sebelumnya pastikan rekan-rekan sudah mempunyai DNS, jika belum lihat pada link dibawah ini.

1. Installasi Postfix & Dovecot
Tahap pertama yang akan kita lakukan adalah menginstall Postfix dan Dovecot, untuk installsi postfix dan dovecot jalankan perintah berikut ini.root@mail:~# apt -y install postfix sasl2-bin dovecot-core dovecot-pop3d dovecot-imapd

Pada pilihan mail configuration pilih No configuration


2. Konfigurasi Postfix
Sebelum kita konfigurasi postfix ada baiknya kita backup terlebih dahulu file utama postfix yaitu file main.cf silahkan jalankan perintah berikut untuk backup file main.cf.root@mail:~# cp /usr/share/postfix/main.cf.dist /etc/postfix/main.cf root@mail:~# vi /etc/postfix/main.cf
Pada halaman vi ketik : set number untuk menampilkan Number lalu Edit pada bagian bagian dibawah ini
78 mail_owner = postfix 94 myhostname = mail.aspal.com 102 mydomain = aspal.com 123 myorigin = $mydomain 137 inet_interfaces = all 185 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain 228 local_recipient_maps = unix:passwd.byname $alias_maps 270 mynetworks_style = subnet 287 mynetworks = 127.0.0.0/8, 192.168.22.0/24 407 alias_maps = hash:/etc/aliases 418 alias_database = hash:/etc/aliases 440 home_mailbox = Maildir/ 576 #smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 577 smtpd_banner = $myhostname ESMTP 650 sendmail_path = /usr/sbin/postfix 655 newaliases_path = /usr/bin/newaliases 660 mailq_path = /usr/bin/mailq 666 setgid_group = postdrop 670 #html_directory = 674 #manpage_directory = 679 #sample_directory = 683 #readme_directory =
Tambahkan pada bagian baris akhir
# limit email size 10M message_size_limit = 10485760 mailbox_size_limit = 1073741824 # SMTP-Auth setting smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, \ permit_sasl_authenticated, reject
Simpan perubahan
root@mail:~# newaliases
Restart posftix
root@mail:~# systemctl restart postfix

3. Konfigurasi Dovecot
Dovecot adalah server IMAP dan POP3 open-source untuk sistem operasi mirip Unix, yang ditulis terutama dengan mempertimbangkan keamanan. Bagian ini menjelaskan cara mengaturnya sebagai server IMAP atau POP3.
Edit file dovecot.conf
root@mail:~# vi /etc/dovecot/dovecot.conf # line 30: uncomment listen = *, ::
Edit file 10-auth.conf
root@mail:~# vi /etc/dovecot/conf.d/10-auth.conf # line 10: uncomment and change ( allow plain text auth ) disable_plaintext_auth = no # line 100: add auth_mechanisms = plain login
Edit file 10-mail.conf
[root@srv1 ~]# vi /etc/dovecot/conf.d/10-mail.conf # line 30: change to Maildir mail_location = maildir:~/Maildir
Edit file 10-master.conf
root@mail:~# vi /etc/dovecot/conf.d/10-master.conf # line 96-98: uncomment and add # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix }
Restart Dovecot
root@mail:~# systemctl restart dovecot

4. SSL Certificate
Selanjutnya kita akan membuat Self sign Certificate jalankan perintah berikut.
root@mail:/home/kris# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/sertificate.key -out /etc/ssl/certs/sertificate.crt Generating a RSA private key ................+++++ .............................+++++ writing new private key to '/etc/ssl/private/sertificate.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:IN State or Province Name (full name) [Some-State]:Indonesia Locality Name (eg, city) []:Jakarta Organization Name (eg, company) [Internet Widgits Pty Ltd]:PT.Nama_pt Organizational Unit Name (eg, section) []:sysadmin Common Name (e.g. server FQDN or YOUR name) []:aspal.com Email Address []:sysadmin@aspal.com root@mail:/home/kris#

Certificate akan masuk pada direktori /etc/ssl/certs dan /etc/ssl/private

Edit file postfix main.cf
root@mail:~# vi /etc/postfix/main.cf
Lalu tambahkan pada bagian akhir
# add Certificate smtpd_use_tls = yes smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_cert_file = /etc/ssl/certs/sertificate.crt smtpd_tls_key_file = /etc/ssl/private/sertificate.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
Edit file master.cf
root@mail:~# vi /etc/postfix/master.cf # line 17-21: uncomment like follows submission inet n - y - - smtpd -o syslog_name=postfix/submission # -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes
Edit file 10-ssl.conf
root@mail:~# vi /etc/dovecot/conf.d/10-ssl.conf # line 6: ganti ssl = yes # line 12,13: uncomment dan masukan direktori penyimpanan certificates ssl_cert = </etc/ssl/certs/sertificate.crt ssl_key = </etc/ssl/private/sertificate.key
Restart service postfix dan dovecot
root@mail:~# systemctl restart postfix dovecot
Tambahkan beberapa user dengan perintah
root@mail:~# adduser user1 root@mail:~# passwd user1

5. Pengetesan
Testing menggunakan Mozila Thunderbird pada Client Windows





Testing menggunakan Mozila Thunderbird pada Client Ubuntu




Tesing Kirim Email


Email diterima di Client Windows


Balas Email


Email diterima