Mail Transfer Agent
Since retrieving messages from the Internet is the key, we must first set up a Mail Transfer Agent. Different distributions have different default MTA, for example Ubuntu and openSuSE have Postfix as the default MTA, whereas Red Hat implements Sendmail. The configurations of the programs are more or less the same for the experienced users, but for the sake of easiness, we will assume an Ubuntu Server installation with Postfix to get you going without changing the default MTA configuration.
Make sure that you have the root account access, or you will not be able to save what we do here.
Before we get our hands dirty with configuration, we have to make a note of our system mail name. I will assume mailserver.mycompany.com and also we can send/receive mails from mycompany.com, localhost.mycompany.com, and localhost. The address for localhost is 127.0.0.1 with Netmask 255.255.255.0 (127.0.0.1/8 for short.) The easiest way to configure Postfix will be to go through the /etc/postfix/main.cf file. Before changing anything, back up the configuration file with cp /etc/postfix/main.cf /etc/postfix/main.cf.old so that if we mess something up, we can easily revert to the original file.
Let’s define our system mail configuration:
myhostname = mailserver.mycompany.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mailserver.mycompany.com,mycompany.com, localhost, mycompany.com, localhost
mynetworks = 127.0.0.0/8
To secure our e-mail sending, we proceed to add SMTP (Simple Mail Transfer Protocol) Authentication:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
But we need to edit the /etc/postfix/sasl/smtpd.conf file also. This is simple: append the following configuration parameters at the end of the file:
mech_list: plain login
And we configure Postfix to impose TLS encryption both to incoming and outgoing e-mails:
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/private/smtpd.key
smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
smtpd_tls_CAfile = /etc/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
After making all the configurations, give Postfix a restart by /etc/init.d/postfix restart.