Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

02-basic-email-system.md #1865

Merged
merged 1 commit into from
Mar 4, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 20 additions & 20 deletions docs/guides/email/02-basic-email-system.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ contributors: Ganna Zhyrnova

# Overview

This document aims to provide the reader with a detailed understanding of the various components of an email system, including installation, basic configuration, and association. The recommendation is that you use an open source email server(s) in a production environment.
This document aims to provide the reader with a detailed understanding of the various components of an email system, including installation, basic configuration, and association. The recommendation is to use an open-source email server(s) in a production environment.

All commands in this document are executed using **root(uid=0)**.

Expand Down Expand Up @@ -57,7 +57,7 @@ zone "rockylinux.me" IN {

!!! question

**What is DNS zone?** A DNS zone is the specific portion of a DNS namespace that's hosted on a DNS server. A DNS zone contains resource records, and the DNS server responds to queries for records in that namespace. A DNS server can have multiple DNS zones. Simply put, a DNS zone is the equivalent of a book catalog.
**What is the DNS zone?** A DNS zone is the specific portion of a DNS namespace hosted on a DNS server. A DNS zone contains resource records, and the DNS server responds to queries for records in that namespace. A DNS server can have multiple DNS zones. Simply put, a DNS zone is the equivalent of a book catalog.

```bash
# Modify data file
Expand Down Expand Up @@ -225,7 +225,7 @@ Main standards:

In the SHA-2 encryption standard, the number in the algorithm refers to the digest length in bits.

It is well known that in RockyLinux 8 and other RHEL 8 variants, the algorithm used to encrypt user passwords is SHA-512.
It is well known that in Rocky Linux 8 and other RHEL 8 variants, the algorithm used to encrypt user passwords is SHA-512.

```bash
Shell(192.168.100.5) > grep -i method /etc/login.defs
Expand All @@ -241,8 +241,8 @@ $6$8jpmvCw8RqNfHYW4$pOlsEZG066eJuTmNHoidtvfWHe/6HORrKkQPwv4eyFxqGXKEXhep6aIRxAtv

Use the $ sign to separate the output text information.

* 6: It means id. For the SHA-512 encryption algorithm, it is fixed at 6.
* 8jpmvCw8RqNfHYW4: Also known as "salt". Its main function is to increase the security and improve the difficulty of cracking. The system can randomly generate it or it can be specified manually.
* 6: It means id. The SHA-512 encryption algorithm is fixed at 6.
* 8jpmvCw8RqNfHYW4: Also known as "salt". Its main function is to increase security and improve the difficulty of cracking. The system can randomly generate it, or it can be specified manually.
* pOlsEZG066eJuTmNHoidtvfWHe/6HORrKkQPwv4eyFxqGXKEXhep6aIRxAtv7FDDIq/ojIY1SfWAQkk7XACeZ0: 86 fixed number of characters. Refers to ciphertext passwords generated by using encryption algorithms.

### Install and configure `postfix`
Expand All @@ -251,10 +251,10 @@ Use the $ sign to separate the output text information.
Shell(192.168.100.6) > dnf -y install postfix postfix-mysql
```

After installing Postfix, the following files need to be know:
After installing Postfix, the following files need to be known:

* **/etc/postfix/main.cf**. The main and most important configuration file
* **/etc/postfix/master.cf**. Used to set runtime parameters for each component. In general, no changes are required, except when performance optimization is required.
* **/etc/postfix/master.cf**. Used to set runtime parameters for each component. No changes are generally required, except when performance optimization is required.
* **/etc/postfix/access**. Access control file for SMTP.
* **/etc/postfix/transport**. Maps email addresses to relay hosts.

Expand Down Expand Up @@ -328,7 +328,7 @@ shlib_directory = /usr/lib64/postfix
* **alias_database = hash:/etc/aliases**. The database to be used by aliases.
* **<font color="red">home_mailbox = Maildir/</font>**. Important parameters that have been commented out. This indicates where the local mailbox is stored.
* **debug_peer_level = 2**. Level of log records.
* **setgid_group = postdrop**. The group identifier used to submit emails or manage queues.
* **setgid_group = postdrop**. The group identifier is used to submit emails or manage queues.

Except for the parameter items mentioned or displayed above, some parameters are hidden and can be viewed through the `postconf` command. The most important parameters are:

Expand Down Expand Up @@ -503,7 +503,7 @@ smtps inet n - n - - smtpd
...
```

Finally execute the `systemctl restart postfix.service` command. At this point, the configuration of postfix is over.
Finally, execute the `systemctl restart postfix.service` command. At this point, the configuration of the postfix is over.

### Install and configure `dovecot`

Expand Down Expand Up @@ -545,35 +545,35 @@ Shell(192.168.100.6) > tree /etc/dovecot/
└── dovecot.conf
```

Yes, both Postfix and Dovecot have very complex configurations, so it is recommended that most GNU/Linux system administrators use open source email servers.
Yes, both Postfix and Dovecot have very complex configurations, so it is recommended that most GNU/Linux system administrators use open-source email servers.

As with postfix, enter the `doveconf` command to view the complete configuration.

The file description is as follows:

* **dovecot.conf**: The main configuration file of dovecot.

* Load sub configuration files through the method of `!include conf.d/*.conf`. Dovecot doesn’t care which settings are in which files.
* The Numeral prefix of the sub configuration file is to facilitate human understanding of its parsing order.
* Due to historical reasons there are still some config files that are external to the main `dovecot.conf`, which are typically named `*.conf.ext`.
* In the configuration file, you can use variables, which are divided into **Global variables** and **User variables**, starting with `%`. See [here](https://doc.dovecot.org/configuration_manual/config_file/config_variables/#config-variables).
* Load subconfiguration files through the `!include conf.d/*.conf` method. Dovecot doesn’t care which settings are in which files.
* The Numeral prefix of the subconfiguration file facilitates human understanding of its parsing order.
* Due to historical reasons, some config files are still external to the main `dovecot.conf`, which are typically named `*.conf.ext`.
* In the configuration file, you can use variables divided into **Global variables** and **User variables**, starting with `%`. See [here](https://doc.dovecot.org/configuration_manual/config_file/config_variables/#config-variables).

* **10-auth.conf**. Configuration related to identity authentication.
* **10-logging.conf**. Log related configuration. It can be very useful in performance analysis, software debugging, etc.
* **10-mail.conf**. Configuration of mailbox locations and namespaces. By default, the value of the user's mailbox location is empty, which means that Dovecot automatically looks for the mailbox location. When the user does not have any mail, you must explicitly tell Dovecot the location of all mailboxes.
* **10-logging.conf**. Log-related configuration. It can be very useful in performance analysis, software debugging, etc.
* **10-mail.conf**. Configuration of mailbox locations and namespaces. By default, the value of the user's mailbox location is empty, which means that Dovecot automatically looks for the mailbox location. When the user has no mail, you must explicitly tell Dovecot the location of all mailboxes.
* **10-metrics.conf**. Configuration related to statistical information.
* **15-mailboxes.conf**. Configuration of mailbox definition.
* **auth-sql.conf.ext**. Authentication for SQL users.

#### Some important configuration file parameters

* `protocols = imap pop3 lmtp submission`. Dovecot supported protocols.
* `listen = *, ::`. A comma separated list of IPs or hosts where to listen in for connections. "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
* `listen = *, ::`. A comma-separated list of IPs or hosts where to listen in for connections. "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
* `disable_plaintext_auth = yes`. Whether to turn off the plaintext password for authentication.
* `auth_mechanisms = `. The type of authentication mechanism whose values can be multiple and separated by Spaces. Values: plain, login, digest-md5, cram-md5, ntlm, rpa, apop, anonymous, gssapi, otp, skey, gss-spnego.
* `login_trusted_networks= `. Which clients (MUA) are allowed to use Dovecot. It can be a separate IP address, it can be a network segment, or it can be mixed and separated by spaces. Like this-- `login_trusted_networks = 10.1.1.0/24 192.168.100.2`
* `mail_location = `. For an empty value, Dovecot attempts to find the mailboxes automatically (looking at ~/Maildir, /var/mail/username, ~/mail, and ~/Mail, in that order). However, auto-detection commonly fails for users whose mail directory hasn’t yet been created, so you should explicitly state the full location here, if possible.
* `mail_privileged_group = `. This group is enabled temporarily for privileged operations. Currently, this is used only with the INBOX when either its initial creation or dotlocking fails. Typically, this is set to "mail" to access /var/mail.
* `mail_privileged_group = `. This group is enabled temporarily for privileged operations. This is used only with the INBOX when its initial creation or dotlocking fails. Typically, this is set to "mail" to access /var/mail.

#### Modify multiple files

Expand Down Expand Up @@ -621,7 +621,7 @@ userdb {

!!! warning

Don't write the above grammar on one line, such as this--"userdb {driver = sql args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n}". Otherwise, it won't work.
Don't write the above grammar in one line, such as "userdb {driver = sql args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n}". Otherwise, it won't work.

Create /etc/dovecot/dovecot-sql.conf.ext file and write related content:

Expand Down Expand Up @@ -732,7 +732,7 @@ Mysql > insert into virtual_users(id,email,password,domain_id) values(2,'leeo@ma

#### User's authentication

Use another Windows10 computer and change its preferred DNS to 192.168.100.7. The author uses foxmail as the mail client here.
Use another Windows 10 computer and change its preferred DNS to 192.168.100.7. The author uses foxmail as the mail client here.

On the main screen, select "Other Mailbox" --> "Manual" --> Enter the relevant content to complete. --> "Create"

Expand Down
Loading