Small time IMAP server with Postfix and Dovecot. Apache too.
Prev Part VI.  Assorted servers and services  Next

Small time IMAP server with Postfix and Dovecot. Apache too.

Jurjen Bokma

July 2009

A little vacation project: we need this small time (one or two users) IMAP server. It is going to receive mail via FetchMail only, and send through a smarthost. Oh, and we need webpages to be served from it, too.

Procedure 40.  The webpages: enabling UserDirs in Apache

  1. Installing Apache


      apt-get install apache2 emacs
      (Emacs doesn't have anything to do with Apache, it's just that I use it for editing.)

  2. Enabling userdirs

    Edit /etc/apache2/sites-available/default and append (well, nearly append): 

    Include /etc/apache2/mods-available/userdir.conf

UserDir disabled
UserDir enable jurjen folmer
UserDir http

</VirtualHost>

  3. Making the UserDirs module load during Apache startup

    cd /etc/apache/mods-enabled
    sudo ln -s ../mods-available/userdir.load ./

  4. Reloading Apache

    Well, for good measure, we restart Apache:

    /etc/init.d/apache2 restart

As mentioned above, we want to receive mail through Fetchmail, we want to send outgoing mail to a smarthost, and we want to serve IMAP.

Procedure 41.  Mail configuration

  1. Installing the packages

    sudo apt-get install postfix dovecot-imapd fetchmail

  2. Configuring postfix as an internet-site-with-smarthost.

    In /etc/postfix/main.cf,

    • set mydestination to only the names of the local host,

    • set relay_domains to the empty string

    • set relayhost to the local SMTP server and

    • set mynetworks to only the loopback

    Oh, and set mail_spool_directory to /var/spool/mail/, and don't forget the trailing slash: we want maildir-style mailboxes.

  3. Serving IMAP

    Configure DoveCot: in /etc/dovecot/dovecot.conf, set 

      protocols=imaps

    , 

      disable_plaintext_auth=no

    , and 

      mail_location = maildir:/var/spool/mail/%u:LAYOUT=fs

    The rest is default settings.

  4. Fetching mail onto the server

    Create a ~/.fetchmailrc that says something like: 

    poll your.imapserver.com protocol imap port 993
user "usermail@your.imapserver.com" with password "blah(versysecr3t)" is "johndoe" here ssl;

    Run fetchmail once manually, because fetching a lot of mail from a busy server may take a lot more than one minute.

    Then, as the appropriate user, with crontab -e, create a cron job that says: 

      * * * * * fetchmail >>~/fetchmail.log 2>>~/fetchmail.err

    If you drive the mail admin mad with every-minute IMAP sessions, consider reducing the frequency.

Procedure 42.  Security

  1. Disallow root-ssh

    With an AllowUsers line in /etc/ssh/sshd_config, disallow most users to connect via SSH.

  2. Firewall

    Create a decent firewall config that allows SSH from some hosts, IMAP from any, and that's it. If the machines allowed SSH change a lot, consider tarpitting.

Prev Up Next
Creating a public FOSS mirror Home Setting up a Lire responder (Log Analyzer)