FreeBSD14.1 ; Mail Server(Postfix,Dovecot) , SSL/TLS

1. Obtaining a certificate for the mail server

Obtain a certificate for the mail server to convert the mail server to SSL/TLS.
Use the certbot that was used when the web server was converted to SSL.
Stop the web server and execute the following command

2. advance preparations

2.1 Ports Collection Update

I'll update the Ports Collection first.

2.2 procmail Install

Mail is sorted by procmail.

Set parameters that are always set when make is executed
Edit pkgtools.conf

2.3 cyrus-sasl2 , cyrus-sasl2-saslauthd Install

Use SASL for SMTP authentication; install Cyrus SASL2 library

3. Postfix

3.1 Install

3.2 Postfix Settings

①main.cf edit

➁master.cf edit

➂saslauthd auto-start configuration

④SMTP AUTH setting
Create the following files

⑤Add SMTP User
Add system user huong as an SMTP user

⑥/usr/local/etc/sasldb2.db Ownership change

⑦Sendmail stopped
FreeBSD has Sendmail running by default, so stop it

Sendmail Auto-Run Cancel

⑧Other
Create new file below

⑨Postfix enable

4. Dovecot

4.1 Install

4.2 dovecot configuration

①Edit dovecot.conf
After installation, the sample dovecot.conf is located in /usr/local/etc/dovecot/example-config/. Copy the entire contents under /usr/local/etc/dovecot/.
Also, set the dovecot.conf permissions to 640.

➁Edit 10-ssl.conf

➂Edit 10-master.conf

④Edit 10-auth.conf

⑤Edit 10-mail.conf

⑥Dovecot start

⑦Rebuild database for mail alias
Set an address to forward mail addressed to root

Reflect settings

5.Create user mail directory

①Create mail directory for existing users (existing user is assumed to be huong)

Once done switch SHELL to bash

➁Create mail directory for new users

SHELL back to original sh

6. Procmail Settings

Set to discard e-mails with "finance" in the subject line.

7.Firewall Settings

Allow the following ports in ipfirewall(ipfw)

• 995 port: (POP3S)
• 993 port:(IMAPS)
• 25 port:(SMTP)
• 587 port:(SMTP)
• 465 port: (SMTPS)

ipfw reload

Port release may be required on the router side

SMTP connection check with Telnet

To set up in your email client Thunderbird
Incoming servers
・IMAP Mail Server Port 993
・Security Settings Connection Protection----SSL/TLS Authentication method ----- normal password authentication
Sending server
・SMTP Server Port 465
・Security Settings Connection Protection----SSL/TLS Authentication method ----- normal password authentication

Copied title and URL