Simple Mailserver With Postfix, Dovecot, And Sieve On CentOS 7

This tutorial will show you how to get a simple mail server on CentOS 7, with Postfix as MTA, Dovecot as MDA, and Sieve for sorting mail – all over an encrypted connection for improved security.

Installation of Mailserver packages

To configure everything, you will first need to install these packages:

yum install postfix dovecot dovecot-pigeonhole mailx

The first configuration step is to add a postmaster address in /etc/dovecot/conf.d/15-lda.conf. This allows people to contact you in case of a failure. We will also be allowing auto-creation of folders and auto-subscription of said folders to avoid an inconsistent state between your mail client and the server:

postmaster_address = yourname@yourdomain.tld
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes

The next step is to assign the correct path for your users’ mailboxes in /etc/dovecot/conf.d/10-mail.conf:

mail_location = maildir:~/Maildir

Ensure there is only one occurrence of mail_location in the file to avoid conflicts. The final step to ensure basic functionality is to configure Postfix to deliver mail via Dovecot. Add the following line to /etc/postfix/main.cf:

mailbox_command = /usr/libexec/dovecot/deliver

Restart both mail servers

Restart both services, and you can send the first test mail:

systemctl restart postfix
systemctl restart dovecot

Since it is considered rude to use the root account for mailing, you should create a separate user for your mailing needs:

useradd -m youruser
passwd youruser

Now, you can test the mail functionality with the following command:

echo "TEST" | mail -s "testmail" youruser@localhost && tail -f /var/log/maillog

If your log files contain a line similar to the following (the last part is the important part):

postfix/local[27114]: 3F63C5B71: to=<youruser@localhost>, orig_to=<youruser@localhost>, relay=local, delay=0.01, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/libexec/dovecot/deliver)

.. then everything is working properly.

At this point, two important components are missing: encryption and mail sorting.

The first can be configured, for Dovecot, in /etc/dovecot/conf.d/10-ssl.conf, assuming you already have a certificate at hand:

ssl = require
ssl_cert = </path/to/your/certificate
ssl_key = </path/to/your/key

For the sieve to work, edit the protocol section in /etc/dovecot/conf.d/15-lda.conf to look like this:

protocol lda {
 mail_plugins = $mail_plugins sieve
}

Restart the service

systemctl restart dovecot

And that’s it. You can now log in securely via IMAP or POP3send encrypted email and write Sieve filters.

It is also important to allow the IMAP, SMTP, and POP3 ports in firewalld as follows

firewall-cmd --permanent --add-service=smtp
firewall-cmd --permanent --add-service=pop3
firewall-cmd --permanent --add-service=imap
firewall-cmd --permanent --add-service=smtps
firewall-cmd --permanent --add-service=pop3s
firewall-cmd --permanent --add-service=imaps
firewall-cmd --reload