How to Set Up an Email Server with Postfix, Dovecot and Roundcube on Ubuntu 18.04

Postfix is a Mail Transfer Agent(Agent). It is a powerful open-source application that is capable of receiving and sending emails.

Dovecot is a free open-source POP3 and IMAP server that delivers and retrieves emails to local mailboxes on the Linux system.

Roundcube is a web-based email client that works pretty well with Postfix and Dovecot.

While utilizing the POP and IMAP protocol on Dovecot, Roundcube can read emails stored by Dovecot on virtual mailboxes.

At the same time, Roundcube can submit emails to Postfix using the SMTP protocol.

So by harnessing the power of three open source applications (Postfix, Dovecot, and Roundcube), you can create a fully functional send/receive email server.

This is a comprehensive guide for setting up an email server with Postfix, Dovecot, and Roundcube on Ubuntu 18.04 server.

Note: For a better experience with Postfix, Sign up with Digital Ocean and get up to $100 free trial credit. We recommend Digital Ocean because they allow outbound and inbound traffic to port 25.

Prerequisites

To follow along with this guide, you will require the following:

  1. A new VPS(Virtual Private Server) account. Sign up with Digital Ocean and enjoy up to $100 worth of free trial credit.
  2. A domain name(e.g. example.com)
  3. A VPS instance running Ubuntu 18.04 as the operating system
  4. A non-root user that can perform sudo tasks

Step 1: Configuring DNS Server

Your email server must have a fully qualified domain name.

To set up this, you must point the A record of your domain to the public IP address associated with your VPS instance.

You must also set MX records on your domain name DNS records editor. This is done from the control panel of your VPS provider.

Then, you need to change the hostname of your server.

To edit the server hostname, open the /etc/hostname file and change the name to something appropriate e.g., mail

$ sudo nano /etc/hostname

Save the file by pressing CTRL+X, Y and, Enter

The next step is editing the hosts’ file /etc/hosts. Open the file using nano text editor.

$ sudo nano /etc/hosts

Make sure you have the below two entries at the top of the file. Replace example.com with your domain name.

127.0.0.1    localhost
127.0.1.1    mail.example.com mail

Reboot the system

$ sudo reboot

Step 2: Installing Apache Web Server

With the server name and DNS records configured, we will go ahead and install Apache web server.

Apache is primarily needed by Roundcube email client for it to run from a browser like Google Chrome.

Install Apache.

$ sudo apt-get update
$ sudo apt-get install apache2

Press Y and hit Enter when prompted to confirm the installation.

Also, make sure the Mod_Rewrite module is enabled. This will be required for Roundcube to work:

$ sudo a2enmod rewrite

Restart Apache.

$ sudo systemctl restart apache2

Step 3: Installing MySQL Database Server

Roundcube requires MySQL for it to work, so we are going to install the database server.

$ sudo apt-get install mysql-server

Press Y and Enter to confirm the installation.

Next, run the command below to secure MySQL database server.

$ sudo mysql_secure_installation

Step 3: Installing Let’s Encrypt Certificate

In order for the mail server to use SSL, we need to install an SSL certificate.

To do this, run the command below and remember to replace example.com with the exact domain name that you intend to use with your mail server.

$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache
$ sudo certbot --apache -d example.com -d www.example.com

Step 3: Installing PHP Scripting Language

Roundcube is written in PHP. As such, we need to install PHP together with all associated modules required by Roundcube.

$ sudo apt-get install php libapache2-mod-php php-mysql

Again, press Y when prompted to confirm the installation and hit Enter to continue.

Step 4: Installing Postfix MTA

Next, we are going to install Postfix Mail Transfer Agent (MTA). To do this, run the command below:

$ sudo apt-get install postfix

Press Y and hit Enter when prompted to confirm the installation.

On the next screen, hit TAB then Enter to continue.

You will be prompted to select the mail server configuration type. Choose Internet Site and press TAB and Enter to continue.

On the next screen, you should enter the name of your domain without the ‘www’ part.

So, if your domain name is www.example.com, enter example.com on the system mail name field and hit Tab and Enter to continue.

After a few seconds, Postfix will be successfully installed on your Ubuntu 18.04 server

Step 5: Configuring Postfix

Postfix MTA is a very powerful and secure out-of-the-box. However, it requires a few configurations for it to work with Ubuntu 18.04 and Dovecot.

The main Postfix configuration file is located at /etc/postfix/main.cf.

We will back up this file before editing it by running the command below.

$ sudo mv /etc/postfix/main.cf /etc/postfix/main.cf.bk

This ensures that we can go back to the default settings in case we mess up with the Postfix configuration.

Next, we can create a new Postfix configuration file using nano text editor:

$ sudo nano /etc/postfix/main.cf

Paste the below information on the file and remember to replace example.com with your domain name.

# GENERAL SETTINGS

smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no

# SMTP SETTINGS 

smtp_use_tls=yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# SMTPD SETTINGS 

smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_cert_file=/etc/letsencrypt/live/example.com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/example.com/privkey.pem
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,  reject_unauth_destination

# SASL SETTINGS

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

# VIRTUAL MAIL BOX AND LMTP SETTINGS

virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains



# OTHER SETTINGS

myhostname = mail.example.com
myorigin = /etc/mailname
mydestination =  localhost.$mydomain, localhost
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

Once you add the settings above, save and close the file.

Step 6: Creating Virtual Mail Box Domains

Our Postfix configuration file that we created above instructed the mail server to look for virtual mailbox domains from the /etc/postfix/virtual_mailbox_domains file.

We need to add the domains that we intend to use with the mail server on this file. You can add as many domains as you want.

To keep things simple, we are adding the example.com domain.

Open the file:

$ sudo nano /etc/postfix/virtual_mailbox_domains

Then, add the entry below. Please note, the entry MUST be in two parts as shown below.

example.com #domain

Save and close the file when done.

Since Postfix is not configured to read plain text files, we will convert the file to a format that it can understand using the command below:

$ sudo postmap /etc/postfix/virtual_mailbox_domains

Remember, you must run that command each time you edit the /etc/postfix/virtual_mailbox_domains file.

The next step is setting up the Postfix’s master configuration file /etc/postfix/master.cf.

Open the file using nano text editor.

$ sudo nano /etc/postfix/master.cf

Look for the line below.

#submission inet n       -       y       -       -       smtpd

Then, remove the leading # symbol to uncomment it:

submission inet n       -       y       -       -       smtpd

When done, save the file and close it.

Step 7: Installing Dovecot on Ubuntu 18.04

Next, we will install Dovecot and all associated packages necessary for running IMAP, POP and LMTP protocol.

$ sudo apt-get install dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd

Step 8: Configuring Dovecot mail_location

In order for Dovecot to communicate with Postfix and our virtual mailbox domains, we need to make a few changes to its configuration files.

We will start off by editing the /etc/dovecot/conf.d/10-mail.conf file

$ sudo nano /etc/dovecot/conf.d/10-mail.conf

Locate the mail_location parameter :

mail_location = mbox:~/mail:INBOX=/var/mail/%u

Then, change its value as shown below :

mail_location = maildir:/var/mail/vhosts/%d/%n

Save and close the file

In a nutshell, we have instructed Dovecot to look for mails on the /var/mail/vhosts directory.

So for Dovecot to work, we need to create a sub-directory for each domain we intend to use with our email server.

Step 9: Creating Dovecot vhosts Directory

Let’s create the vhosts directory first:

$ sudo mkdir /var/mail/vhosts

Then we can go ahead and create the sub-directory for our domain name.

$ sudo mkdir /var/mail/vhosts/example.com

If you have multiple domains, repeat the command above while replacing the last part of the directory name(example.com) with the name of each domain.

Step 10: Creating Dovecot vmail User and Group

The next step is creating a vmail user and a group. We will also assign the user access to the vhosts directories that we created above.

First, let’s create the group:

$ sudo groupadd -g 5000 vmail

Next, we can create a vmail user and the same to the group that we have created above:

$ sudo useradd -r -g vmail -u 5000 vmail -d /var/mail/vhosts -c "virtual mail user"

Then, we need to assign the ownership of the directories to the vmail user.

$ sudo chown -R vmail:vmail /var/mail/vhosts/

Step 11: Enabling Dovecot for Secure POP3 and IMAP Services

Next we are going to edit the /etc/dovecot/conf.d/10-master.conf file and enable IMAPs and POP3 secure services.

First, open the file

$ sudo nano /etc/dovecot/conf.d/10-master.conf

Then, find the entries below.

inet_listener imaps {
    #port = 993
    #ssl = yes
  }

Change them to:

inet_listener imaps {

    port = 993
    ssl = yes
  }

On the same file, locate the below content.

inet_listener pop3s {

    #port = 995
    #ssl = yes

  }

Change the above to:

inet_listener pop3s {

    port = 995
    ssl = yes

  }

Step 12: Setting up Dovecot LMTP service

On the same file, we need to enable the LMTP service.

Find the entries below:

service lmtp {

unix_listener lmtp {

#mode = 0666

}

And change them to:

service lmtp {

unix_listener /var/spool/postfix/private/dovecot-lmtp {

mode = 0600
user = postfix
group = postfix

 }

Don’t close the file yet.

Step 13: Configuring Dovecot Authentication Socket

We need to configure the authentication socket. So, locate:

service  auth {

...

  # Postfix smtp-auth

  #unix_listener /var/spool/postfix/private/auth {

  #  mode = 0666

  #}



}

And change the above entries to:

service auth {

...

#Postfix smtp-auth

unix_listener /var/spool/postfix/private/auth {

mode = 0666

user=postfix

group=postfix

}

...

Save and close the file when done.

Step 14: Setting Up Dovecot Authentication Process

Next, we will set up Dovecot authentication process by editing the /etc/dovecot/conf.d/10-auth.conf file:

$ sudo nano /etc/dovecot/conf.d/10-auth.conf

Find the entry below.

# disable_plaintext_auth = yes

Then, uncomment it by removing the leading pound symbol

disable_plaintext_auth = yes

Also, we have to change the authentication mechanism from plain to plain login.

On the same file, find the below entry.

auth_mechanisms = plain

And change it to:

auth_mechanisms = plain login

We can now set up the users and passwords configurations.

We will use a password file since it is a flexible method for configuring new users.

First,  disable the default Dovecot behavior for authenticating users using system information.

Locate the line:

!include auth-system.conf.ext

And comment it by adding a pound symbol(#) at the beginning :

#!include auth-system.conf.ext

Then, enable password file configuration. Locate the entry below.

#!include auth-passwdfile.conf.ext

Then, change it to:

!include auth-passwdfile.conf.ext

Save and close the file

Next we will edit the /etc/dovecot/conf.d/auth-passwdfile.conf.ext file.

$ sudo nano /etc/dovecot/conf.d/auth-passwdfile.conf.ext

Make sure the file looks as shown below:

passdb {

  driver = passwd-file

  args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users

}



userdb {

driver = static

args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n



 # Default fields that can be overridden by passwd-file

 #default_fields = quota_rule=*:storage=1G

 # Override fields from passwd-file

 #override_fields = home=/home/virtual/%u

}

Save and close the file.

Step 15: Creating Dovecot Password File

The next step is creating a password file for each user that we intend to assign an email account.

$ sudo nano /etc/dovecot/dovecot-users

Users must be added using the format user@domainname.com  followed by the password.

Example:

admin@example.com:{plain}Mis25sOpdsio

You can add as many users as you want and finally save and close the file.

In order for Dovecot to work with SSL for security reasons, we will make a few changes to the /etc/dovecot/conf.d/10-ssl.conf file

$ sudo nano /etc/dovecot/conf.d/10-ssl.conf

Change the ssl parameter value from no to required.

Locate:

ssl = no

And change it to:

ssl = required

Step 16: Configuring Dovecot to Use Let’s Encrypt Certificate

The next step is to point the Let’s encrypt certificate files that were generated earlier to Dovecot.

Find the below two lines on the /etc/dovecot/conf.d/10-ssl.conf file:

#ssl_cert = </etc/dovecot/dovecot.pem

#ssl_key = </etc/dovecot/private/dovecot.pem

Then change their values to:

ssl_cert = </etc/letsencrypt/live/example.com/fullchain.pem

ssl_key = </etc/letsencrypt/live/example.com/privkey.pem

Save and close the file and restart Apache, Postfix and Dovecot for the changes to be effected:

$ sudo service apache2 restart 
$ sudo service postfix restart 
$ sudo service dovecot restart

Step 17: Installing Roundcube

The next step is installing Roundcube email client on Ubuntu 18.04 server.

Since the Roundcube package is available on the Ubuntu software repository, we are going to run the command below to install it:

$ sudo apt-get install roundcube

Press Y and hit Enter when prompted to confirm the installation.

Next, add Roundcube path to the default SSL configuration file:

$ sudo nano /etc/apache2/sites-enabled/000-default-le-ssl.conf

Add Alias /mail /usr/share/roundcube below ServerAlias www.example.com

Alias /mail /usr/share/roundcube

Save and close the file. Then, restart Apache for the changes to take effect

$ sudo service apache2 restart

Step 18: Testing the Configuration

To test the configuration, visit www.example.com/mail on your server and replace example.com with your domain name.

You should see a page similar to the one shown below.

Enter the username and password that you created on the Dovecot password file to login. On the server field, enter ‘localhost’.

If you have reached this step, congratulations! From this point forward, you can start sending and receiving emails right from the Roudcube dashboard as shown below.

To check Postfix error log file, run the command below.

$ sudo tail -f /var/log/syslog | grep postfix

You can also telnet Gmail servers to make sure outbound traffic from port 25 is allowed from your VPS provider.

$ telnet alt4.gmail-smtp-in.l.google.com 25

In case the port is blocked, contact your VPS provider and ask them to enable it.

They will be more than happy to assist you provided you won’t send SPAM emails from the server.

Conclusion

In this guide, we have shown you how to configure an email server with Postfix, Dovecot, and Roundcube on Ubuntu 18.04 VPS.

We hope you enjoyed the guide. To test out configuring email with Postfix, Dovecot, and Roundcube, Sign up with Digital Ocean today and enjoy up to $100 worth of free cloud credit!