59 lines
1.7 KiB
Plaintext
59 lines
1.7 KiB
Plaintext
paru -S postfix dovecot certbot certbot-nginx postfix-mysql roundcubemail postfixadmin
|
|
|
|
sudo certbot --nginx -d mail.turboteam.run
|
|
# Postfix
|
|
|
|
sudo vim /etc/postfix/main.cf
|
|
----
|
|
myhostname = mail.turboteam.run
|
|
mydomain = turboteam.run
|
|
|
|
# Secure SMTP
|
|
|
|
smtp_tls_security_level = may
|
|
smtpd_use_tls = yes
|
|
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.turboteam.runpath/fullchain.pem
|
|
smtpd_tls_key_file = /etc/letsencrypt/live/mail.turboteam.run/privkey.pem
|
|
----
|
|
|
|
sudo vim /etc/postfix/master.cf
|
|
----
|
|
submission inet n - n - - smtpd
|
|
# Uncommented for Dovecot auth
|
|
-o smtpd_tls_security_level=encrypt
|
|
-o smtpd_sasl_auth_enable=yes
|
|
|
|
# Added for Dovecot auth
|
|
-o smtpd_sasl_type=dovecot
|
|
-o smtpd_sasl_path=private/auth
|
|
-o smtpd_sasl_security_options=noanonymous
|
|
-o smtpd_sasl_local_domain=$myhostname
|
|
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
|
-o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
|
|
----
|
|
|
|
# Dovecot SSL
|
|
sudo cp /usr/share/doc/dovecot/dovecot-openssl.cnf /etc/ssl/dovecot-openssl.cnf
|
|
sudo vim /etc/ssl/dovecot-openssl.cnf
|
|
----
|
|
# Common Name (*.example.com is also possible)
|
|
CN=imap.turboteam.run
|
|
|
|
# E-mail contact
|
|
emailAddress=postmaster@turboteam.run
|
|
----
|
|
sudo /usr/lib/dovecot/mkcert.sh
|
|
sudo cp /etc/ssl/certs/dovecot.pem /etc/ca-certificates/trust-source/anchors/dovecot.crt
|
|
sudo trust extract-compat
|
|
|
|
sudo systemctl restart postfix
|
|
sudo systemctl enable postfix --now
|
|
|
|
# Dovecot config
|
|
sudo mkdir /etc/dovecot
|
|
sudo cp /usr/share/doc/dovecot/example-config/dovecot.conf /etc/dovecot/
|
|
sudo cp -r /usr/share/doc/dovecot/example-config/conf.d/ /etc/dovecot/
|
|
|
|
sudo vim /etc/dovecot/conf.d/10-mail.conf
|
|
mail_location = maildir:/var/mail/%u/Maildir
|