SMTP setup in VM
hostnamectl set-hostname your-fqdn
ivnilv@sa584:~$ dig MX gomastodon.social
; <<>> DiG 9.16.1-Ubuntu <<>> MX gomastodon.social
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9541
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;gomastodon.social. IN MX
;; ANSWER SECTION:
gomastodon.social. 1528 IN MX 15 eforward4.registrar-servers.com.
gomastodon.social. 1528 IN MX 20 eforward5.registrar-servers.com.
gomastodon.social. 1528 IN MX 10 eforward3.registrar-servers.com.
gomastodon.social. 1528 IN MX 10 eforward2.registrar-servers.com.
gomastodon.social. 1528 IN MX 10 eforward1.registrar-servers.com.
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jan 28 17:46:05 CET 2023
;; MSG SIZE rcvd: 197
ivnilv@sa584:~$
✔ ~/projects/blog [main|…2]
17:28 $ host gomastodon.social
gomastodon.social has address 217.79.189.227
gomastodon.social mail is handled by 10 mail.gomastodon.social.
✔ ~/projects/blog [main|…3]
18:45 $ dig MX gomastodon.social
; <<>> DiG 9.18.1-1ubuntu1.3-Ubuntu <<>> MX gomastodon.social
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46282
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;gomastodon.social. IN MX
;; ANSWER SECTION:
gomastodon.social. 60 IN MX 10 mail.gomastodon.social.
;; Query time: 48 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Sat Jan 28 18:47:15 EET 2023
;; MSG SIZE rcvd: 67
✔ ~/projects/blog [main|…3]
Postfix⌗
sudo apt-get update
sudo apt-get install postfix -y
root@sa584:/etc/haproxy# ss -tunap | grep LISTEN | grep haproxy
tcp LISTEN 0 4096 0.0.0.0:25 0.0.0.0:* users:(("haproxy",pid=14327,fd=9))
tcp LISTEN 0 4096 0.0.0.0:80 0.0.0.0:* users:(("haproxy",pid=14327,fd=8))
root@sa584:/etc/haproxy#
root@sa584:/etc/haproxy# telnet localhost 25
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
10.229.71.207:25 inet n - - - 1 postscreen
-o postscreen_upstream_proxy_protocol=haproxy
-o postscreen_cache_map=btree:$data_directory/postscreen_2525_cache
-o syslog_name=postfix/25
Delivered-To: support@uptimelite.com
Received-SPF: none (zohomail.eu: 217.79.189.227 is neither permitted nor denied by domain of gomastodon.social) client-ip=217.79.189.227; envelope-from=root@gomastodon.social; helo=gomastodon.social;
Authentication-Results: mx.zohomail.eu;
spf=none (zohomail.eu: 217.79.189.227 is neither permitted nor denied by domain of gomastodon.social) smtp.mailfrom=root@gomastodon.social
Return-Path: <root@gomastodon.social>
Received: from gomastodon.social (sa584.saturn.dedi.server-hosting.expert [217.79.189.227]) by mx.zoho.eu
with SMTPS id 1674998620420845.576018803501; Sun, 29 Jan 2023 14:23:40 +0100 (CET)
Received: by gomastodon.social (Postfix, from userid 0)
id 038D316778; Sun, 29 Jan 2023 14:23:39 +0100 (CET)
Message-Id: <20230129132340.038D316778@gomastodon.social>
Date: Sun, 29 Jan 2023 14:23:39 +0100 (CET)
From: root <root@gomastodon.social>
test email4
Delivered-To: support@uptimelite.com
Received-SPF: pass (zohomail.eu: domain of gomastodon.social designates 217.79.189.227 as permitted sender) client-ip=217.79.189.227; envelope-from=root@gomastodon.social; helo=gomastodon.social;
Authentication-Results: mx.zohomail.eu;
spf=pass (zohomail.eu: domain of gomastodon.social designates 217.79.189.227 as permitted sender) smtp.mailfrom=root@gomastodon.social
Return-Path: <root@gomastodon.social>
Received: from gomastodon.social (sa584.saturn.dedi.server-hosting.expert [217.79.189.227]) by mx.zoho.eu
with SMTPS id 1675004395621445.36709948522514; Sun, 29 Jan 2023 15:59:55 +0100 (CET)
Received: by gomastodon.social (Postfix, from userid 0)
id E6E4D16774; Sun, 29 Jan 2023 15:58:19 +0100 (CET)
Message-Id: <20230129145954.E6E4D16774@gomastodon.social>
Date: Sun, 29 Jan 2023 15:58:19 +0100 (CET)
From: root <root@gomastodon.social>
test email5
SPF and DKIM⌗
v=spf1 ip4:217.79.189.227/32 ~all
IMAP⌗
certbot certonly -a nginx --agree-tos --no-eff-email --staple-ocsp --email root@gomastodon.social -d mail.gomastodon.social
#Enable TLS Encryption when Postfix receives incoming emails
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.gomastodon.social/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.gomastodon.social/privkey.pem
smtpd_tls_security_level=may
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#Enable TLS Encryption when Postfix sends outgoing emails
smtp_tls_security_level = may
smtp_tls_loglevel = 1
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#Enforce TLSv1.3 or TLSv1.2
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
apt install dovecot-core dovecot-imapd
ssl_cert = </etc/letsencrypt/live/mail.gomastodon.social/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.gomastodon.social/privkey.pem
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
Roundcube⌗
apt install php-net-ldap2 php-net-ldap3 php-imagick php8.1-common php8.1-gd php8.1-imap php8.1-mysql php8.1-curl php8.1-zip php8.1-xml php8.1-mbstring php8.1-bz2 php8.1-intl php8.1-gmp php8.1-redis
CREATE USER roundcube@localhost IDENTIFIED BY '0ePuCwWoZZvUuo0p6xt1';
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost;
server {
listen 80;
listen [::]:80;
server_name mail.gomastodon.social;
root /usr/share/nginx/html/;
location ~ /.well-known/acme-challenge {
allow all;
}
}
server {
listen 80;
listen [::]:80;
server_name mail.example.com;
root /usr/share/nginx/html/;
index index.php index.html index.htm;
error_log /var/log/nginx/roundcube.error;
access_log /var/log/nginx/roundcube.access;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /.well-known/acme-challenge {
allow all;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(bin|SQL)/ {
deny all;
}
# A long browser cache lifetime can speed up repeat visits to your page
location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
access_log off;
log_not_found off;
expires 360d;
}
}
Note: Don’t forget to add the user with adduser
command and set a password so that IMAP login can work !
Configure RoundCube⌗
More errors…
2023/02/16 18:59:15 [error] 66090#66090: *4979 FastCGI sent in stderr: "PHP message: PHP Warning: file_put_contents(/usr/share/nginx/html/logs/errors.log): Failed to open stream: Permission denied in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1381PHP message: PHP Warning: Invalid response code received from server in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1504PHP message: PHP Warning: file_put_contents(/usr/share/nginx/html/logs/errors.log): Failed to open stream: Permission denied in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1381PHP message: PHP Warning: Invalid response code received from server in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1504PHP message: PHP Warning: file_put_contents(/usr/share/nginx/html/logs/errors.log): Failed to open stream: Permission denied in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1381PHP message: PHP Warning: Failed to set sender 'ivnilv@gomastodon.social': 5.7.0 Must issue a STARTTLS command first (Code: 530) in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1504" while reading response header from upstream, client: 10.229.71.1, server: mail.example.com, request: "POST /?_task=mail&_unlock=loading1676570355645&_framed=1 HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.1-fpm.sock:", host: "mail.gomastodon.social", referrer: "http://mail.gomastodon.social/?_task=mail&_action=compose&_id=148318659863ee6ed354cd6"
2023/02/16 19:05:53 [error] 66090#66090: *5004 FastCGI sent in stderr: "PHP message: PHP Warning: file_put_contents(/usr/share/nginx/html/logs/errors.log): Failed to open stream: Permission denied in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1381PHP message: PHP Warning: Failed to connect socket: in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1504PHP message: PHP Warning: file_put_contents(/usr/share/nginx/html/logs/errors.log): Failed to open stream: Permission denied in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1381PHP message: PHP Warning: Connection failed: (Code: -1) in /usr/share/nginx/html/program/lib/Roundcube/rcube.php on line 1504" while reading response header from upstream, client: 10.229.71.1, server: mail.example.com, request: "POST /?_task=mail&_unlock=loading1676570753538&_framed=1 HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.1-fpm.sock:", host: "mail.gomastodon.social", referrer: "http://mail.gomastodon.social/?_task=mail&_action=compose&_id=142873075963ee7071e1bbf"
Read other posts