Courier IMAP / ESMTP Setup
The Courier mail package is a single software implementation of mail, imap, pop, etc. I find it attractive because of the consolidated setup (the various packages work well together, using a single authentication backend) and relative simplicity of the setup (at least once you know what you are doing!)
On this page I have documented my setup procedure. This approach is best suited for small organizations and home servers, as I will be using the userdb authentication backend, instead of the more powerful SQL / LDAP backends. Included in the tutorial are instructions for the ESMTP and IMAP servers (with SSL enabled versions of both). Other components such as POP may be similar, but I don't cover them here.
This document assumes you are running on a Debian server (specifically Debian Stable 5 - Lenny), although you should be able to adapt the instructions to any server platform. You must first have the following courier packages installed:
courier-imap-ssl courier-mta-ssl
This should install all required dependencies.
Configuration
- Enable authuserdb authentication backend:
- Edit /etc/courier/authdaemonrc
authmodulelist="authuserdb"
- Edit /etc/courier/authdaemonrc
- Create a user 'foo' who will receive email for domain 'example.com':
- Create the folder /var/spool/mail/foo, and create a mail directory in this folder. Assign ownership of this folder to the user responsible for mail (in Debian, this can normally be assigned to mail:mail).
mkdir /var/spool/mail/foo
maildirmake /var/spool/mail/foo/Maildir
chown -R mail:mail /var/spool/mail/foo - Make note of the UID and GID of the account used in the previous step; for the mail account, this will likely be 8:8.
- Add the user to the userdb file and set the system password (system password will work for all services: ESMTP, IMAP, POP, etc; you can also add a password for a specific service type):
Note the uid and gid parameters; these must be the same as the mail account as noted in the previous step.userdb "foo@example.com" set home=/var/spool/mail/foo uid=8 gid=8
userdbpw | userdb "foo@example.com" set systempw - Compile changes to userdb file by running command
makeuserdb - Add alias foo@example.com to /etc/courier/aliases/system as an alias for postmaster. Compile changes with command
makealiases
- Create the folder /var/spool/mail/foo, and create a mail directory in this folder. Assign ownership of this folder to the user responsible for mail (in Debian, this can normally be assigned to mail:mail).
- Define which domain(s) this server will be hosting mail for
- Create file '/etc/courier/hosteddomains' containing one line 'example.com', and compile changes to config:
(The courier man page says that hosted domains should be used to for virtual accounts (which we are using in this document). For local accounts, which map directly to a system account, you should use the locals folder instead of hosteddomains.)echo 'example.com' > /etc/courier/hosteddomains
makehosteddomains - Add your mail domain to the accepted mail route so that we can recieve mail sent to @example.com
- Create file '/etc/courier/esmtpacceptmailfor.dir' containing one line 'example.com', and compile changes to config:
(Note that you could also use a directory of the same name, with one or more text files inside of it, instead of the file named esmtpacceptmailfor.dir)echo 'example.com' > /etc/courier/esmtpacceptmailfor.dir
makeacceptmailfor
- Create file '/etc/courier/esmtpacceptmailfor.dir' containing one line 'example.com', and compile changes to config:
- Configure authentication for all services; in this document we are only setting up ESMTP and IMAP, but you would need to follow similar procedures for other services such as POP.
- In /etc/courier/esmtpd set the following:
ESMTPAUTH="PLAIN LOGIN CRAM-MD5 CRAM-SHA1" - In /etc/courier/esmtpd-ssl set the following:
AUTH_REQUIRED=1 - In /etc/courier/imapd set the following:
This will effectively disable plain text IMAP from authenticatingADDRESS='127.0.0.1'
- In /etc/courier/esmtpd set the following:
- Create file '/etc/courier/hosteddomains' containing one line 'example.com', and compile changes to config:
- If you want to use a smarthost to send mail, you need to set up a default route and (optionally) client authentication:
- To set up a default route, create the file /etc/courier/esmtproutes and include the lines
where mail.smarthost.com is the name of your smarthost SMTP server, and example.com is your domain.example.com:127.0.0.1
:mail.smarthost.com - If your smarthost requires authentication, create the file /etc/courier/esmtpauthclient with the line
where mail.smarthost.com is the same mail server as you specified in the route, username is the username for authenticating against this smarthost, and password is the password.mail.smarthost.com username password
- To set up a default route, create the file /etc/courier/esmtproutes and include the lines
- Optionally create file /etc/courier/sizelimit with a number (in bytes) of the largest email which will be accepted. Defaults to 10MB (?).
- Optionally include extra options "-nodnslookup -noidentlookup" in /etc/courier/esmtpd, on the TCPDOPTS line, to speed up mail delivery. (Thanks to crazysquirrel.com for pointing this out).
- Optionally (if you are using SSL), create better self signed certificates with the correct information. Edit /etc/courier/imapd.cnf and esmtpd.cnf, delete the existing imapd.pem and esmtpd.pem files, then run the command
mkimapdcert
mkesmtpdcert - Once you are finished, verify that your authentication is set up correctly and that you are not an open relay for spammers. There are many pages which will check this for you, including http://www.abuse.net/relay.html.
Congratulations! You should now have a working mail server which accepts mail for your domain, sends to any domain, and supports virtual users.