Deploy Secure Postfix Messaging Server with OpenLDAP for Addressbook & Identity Management v1.1

Global Open Versity, ICT Labs Build Secure Postfix with OpenLDAP on Linux CentOS5 v1.1

© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada www.globalopenversity.org EBT106 – Postfix Mail Server Administration Training

1

Global Open Versity IT Systems Integration Hands-on Linux Labs Training Manual

Build your own Secure Enterprise Postfix Mail Server

Powered by OpenLDAP Centralized Identity Management

Kefa Rabah Global Open Versity, Vancouver Canada

[email protected] www.globalopenversity.org

Table of Contents Page No.

BUILD YOUR OWN SECURE ENTERPRISE POSTFIX MAIL SERVER POWERED BY OPENLDAP CENTRALIZED IDENTITY MANAGEMENT 1

1.0 Introduction 1

Part 1: What you need to start CentOS5 Installation 5 Step 1: Install CentOS52 5

Part 2: Install & Configure DNS Server 6

Part 3: Install and Configure Postfix Server 7 Step 1: Verify that DNS is working correctly 7 Step 2: Verify if Postfix Server is installed 8 Step 3: Install & Configure Postfix with MySQL in RHEL/CentOS5 9 Step 4: Install Mail Transport Agent Switcher (MTAS) 10 Step 5: Switch to Postfix from Sendmail 10 Step 6: Configure Postfix Server 12 Step 7: Why Postfix Only Listens On the Loopback Interface by Default 13 Step 8: Test Postfix by sending mail through SMTP using Telnet 15

Part 4: Allowing Remote Access to your Mail Server using IMAP/POP 17 Step 1: Install & Configure Dovecot POP3/IMAP Server for RHEL/CentOS 5 17 Step 2: Configure Postfix with Dovecot 18 Step 3: Configure Dovecot – putting it all-together 19 Step 4: Test Dovecot POP3/IMAP 20 Step 5: Test Dovecot IMAP 21 Step 6: Configure Postfix SMTP Authentication with Dovecot 22 Step 7: Accessing your emails from Outside 22

Part 5: Configure Postfix SMTP Authentication and Dovecot SASL 23 Step 1: Configure Postfix with Dovecot SASL 23 Step 2: Test Postfix and Dovecot SASL 24

Part 6: Lock it Down with Clamd Antivirus solution 25 Step 1: Setting up Antivirus and Antispam Connectors 25

Part 7: Lock it Down with MailScanner Antivirus solution 26



2

Step 1: Install & Setup MailScanner on CentOS5/RHE5 26

Part 8: Install and Configure RoundCube Webmail Client 27 Step 1: Install MySQL Server 27 Step 2: Install Roundcube Webmail 27 Step 3: Create Roundcube Database 28 Step 4: Testing Roundcube Webmail 33

Part 9: Setup SquirrelMail Webmail on RHEL/CentOS 5 35 Step 1: Install SquirrelMail 35 Step 2: Testing SquirrelMail 39

Part 10: Configure Postfix to use Mail Clients 41 Step 1: Configure Postfix to use Thunderbird Mail client 41

Part 11: Install & Configure Thunderbird Mail Client 42 Step 1: Install Thunderbird Mail client 42 Step 2: Setup a new Thunderbird email account 43

Part 12: Install and Configure OpenLDAP for Identity Management 48 Step 1: Install OpnLDAP 48 Step 2: OpenLDAP Setup & Configure on Linux CentOS5 48 Step 3: Test Populate our LDAP server 50 Step 4: Configuring Directory Service (LDAP) on Thunderbird Mail client 52 Step 5: Check & Verify Directory Service (LDAP) 54

Part 13: Setup MS Outlook Mail Client 56 Step 1: Install and configure WinXP NIC 57 Step 2: Setup MS Outlook 58 Step 3: Configure the Address Book for LDAP on MS Outlook 2007 62 Step 4: Searching Contact list using LDAP powered Address Book 64

Part 14: Email Migration 66

Part 15: Summary 67

Part 16: Need More Training on Linux: 68 Postfix Server Administration Training 68

Part 17: Hands-on Lab Assignments 68

Linux Administration Training 69

A GOV Open Access Technical Academic Publications Enhancing education & empowering people worldwide through eLearning in the 21st Century



1

Global Open Versity

Systems Integration Hands-on Linux Labs Training Manual

Build your own Secure Enterprise Postfix Mail Server Powered by OpenLDAP Centralized Identity Management

By Kefa Rabah, [email protected] July 10, 2010 GTS Institute

Project: This project will be run as a fully hands-on training: The main aim is to build and deploy a secure enterprise grade Postfix mail server solution powered by OpenLDAP for centralized identity management delivering full Addressbook & contacts search capability. The project begins with a clean install Linux CentOS5 server. Next, students will learn to how setup Bind9 DNS server, setup and test Postfix mail server and Dovecot (POP3/IMAP) server. Lockdown and secure mail server with Clam AntiVirus (ClamAV) and MailScanner against malware. The next sequence of tasks involves deploying mail clients: SquirrelMail and RoundCube for webmail access and Thunderbird mail client with LDAP capable Addressbook. For centralized identity management and Addressbook functionality, you’ll learn how to setup & configure OpenLDAP (LDAP) Service. For those in love with MS Outlook, you will learn how to setup Outlook Addressbook powered by LDAP allowing for enterprise-wide email addresses search, lookup names and other information from corporate-wide directory that are easily viewed in Outlook. Upon completion of this hands-on training you would have gained enough skills & knowledge to start your small business as email service provider, or become a consultant proving mail server installation and support to small to medium business. (Note: MS Outlook is proprietary software from Microsoft for which you must purchase and/or have legitimate license to use it, however, for the training purposes you can download a trial copy) PREQ: Good Linux & MySQL knowledge.

1.0 Introduction

Over the last decade, the popularity of domain hosting has increased exponentially for many companies of all sizes – and more the domain hosting solutions have come down to a level where most businesses of all sizes can afford it. All these domains need to be hosted somewhere, but corporate-level hosting of Web sites and mail domains can still be exorbitantly expensive for start-up and small to medium size businesses. Now, imagine a real world where you can use the pure raw power of Open Source Software to power your entire messaging solutions – that is, have a fully functional suite of open source-driven services available to your enterprise that gives, if not the full functionality of something like MS Exchange messaging, but gives enough so that the users can interact and exchange information cleanly, without having to jump through hoops to pay for it. Today Open Source Software continues to open the door for companies that are looking to keep on growing despite the current economic environment or in the very early days when there still of the days that they will even reach the break-even point. It is a fact that many corporations are starting to consider Open Source technologies as a way to reduce IT spending while taking advantage of existing technologies. Just to mention a few: Starting from e.g., servers like RHEL5/CentOS, Ubuntu 10.04 LTS (Lucid Lynx) for your base OS, then consider Bind9 to power your solid DNS server; Postfix or Sendmail



2

to power your messaging solutions; Alfresco ECM to power your web content management; Moodle LMS for your eLearning, SugarCRM for your CRM solution; Joomla for CMS; ISPConfig for your ISP hosting solution and the list goes on and on! No wonder, today, it is also a fact that more companies are widening Open Source reach to projects that wouldn't have been considered before, opening more possibilities for the community to spread – and we think its great opportunity that we play a major role in helping IT professionals and small to medium businesses to harness the power of Open Source Technologies – thereby allowing them to use the money saved in value added products thereby giving more ability to grow faster without being bogged down with propitiatory software licensing that never stops growing. Messaging solution isn’t good enough without a centralized identity management and authentication solutions that would allowed for single-sign-on (SSO). The idea of a centralized general information repository that could be used for authentication, contacts, and general configuration details is very appealing – if you have cool dollars to spend then head straight for Windows Active Directory integrated with Exchange server plus Outlook to power your messaging solutions. Alternatively, take a quick turn-around and head to the Open Source Technology world and sample the world of technologies at your finger tips – the world of freshness and pure freedom. For example, you can power your messaging solutions with a fully functional integrated Postfix or Sendmail with Dovecot or Courier (POP3/IMAP) servers with Mozilla Thunderbird mail client for Desktop and RoundCube or SquirrelMail for your webmail client and; and your identity management grab OpenLDAP powered LDAP server. For a start, however, be warned, setting up an open source powered LDAP server is not for the weak of heart! And of course, don’t forget to install that cool DNS server powered by Bind9. And finally don’t security, disaster recovery and business continuity aspect – for this consider IPCop Firewall, Astaro SG, or Vyatta for your security and network protection, and the RESTORE backup for disaster recovery and you’re good to go. You’ll still have to spend money for support and some of level of licensing – but it won’t leave a gapping crater in your pocket! Postfix is a free and open source mail transfer agent (MTA), a computer program for the routing and delivery of email. It is intended as a fast, easy-to-administer, and secure alternative to the widely-used Sendmail MTA. One of the biggest strengths of Postfix is its resilience against buffer overflows. Another one is its handling of large amounts of e-mail Postfix is built as a cooperating network of different daemons. Each daemon fulfills a single task using minimum privileges. In this way, if a daemon is compromised, the impact remains limited to that daemon and cannot spread throughout the entire system. There is only one process with root privileges (master), and a few (local, virtual, pipe) that actually write to disk or invoke external programs. Most daemons can be easily chrooted and communicate through named pipes. With the current tremendous growth of the Internet, e-mail has also quickly become the main vehicle to spread information through corporate users and the public at large. As the demand for fast, cheap and reliable e-mail grows, more individuals and business large and small are turning to open source Linux to provide a fast, cheap and reliable solution. And Postfix is at the forefront of this cool messaging technology and it can be easily scaled-up. One of the best solutions is using virtual hosting, which allows multiple domains to be housed on a single server or server cluster. This is a valuable strategy for both a large company with the hardware and bandwidth to host hundreds of domains and a small business with a mere two domains to control its hosting solution with ease. In this Hands-on Lab session, we’ll take a look at how to configure Postfix to work on a single machine, but can also be scaled up to handle more than



3

one domain. There will be need to lock it down from security point of view. Also we’ll give our users’ ability to access their email using SquirrelMail Webmail client via Dovecot POP/IMAP server. Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written primarily with security in mind. Apple Inc. includes Dovecot for email services in Mac OS X 10.6 Snow Leopard Server. Developed by Timo Sirainen, Dovecot was first released in July 2002. Dovecot primarily aims to be a lightweight, fast and easy to set up open source messaging server. It can work with standard mbox, Maildir, and its own experimental native high-performance dbox formats. It is fully compatible with UW IMAP and Courier IMAP servers’ implementation of them, as well as mail clients accessing the mailboxes directly. Dovecot also includes a Mail delivery agent (called Local delivery agent in Dovecot’s documentation), with optional Sieve filtering support. It also supports a variety of authentication schemas for IMAP and POP access including CRAM-MD5 and the more secure DIGEST-MD5. It’s a Mail Delivery Agent is simple and easy to install. In this HowTo guide and lab session, we’ll explain how to set it up as an IMAP or POP3 server. For alternate IMAP/POP3 servers see Courier or Cyrus. We also need to lockdown our Postfix server to secure our messaging server against cyber-criminals and malwares. For this we’ll use Clamd. Clamd which comes integrated with ClamAV and Clamav-db fits the bill for our task. It’s a multi-threaded daemon that uses libclamav to scan files for viruses. The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand for viruses. The daemon is fully configurable via the clamd.conf file. It reads the configuration from /etc/clamd.conf. Clam AntiVirus (ClamAV) is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library. MailScanner is an open source free anti-virus and anti-spam filter protecting over 5 billion e-mails every week, for many millions of users. MailScanner is an email virus scanner, vulnerability protector, and spam tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender, RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners. SquirrelMail is a web-based email application started by Nathan and Luke Ehresman and written in the PHP scripting language. It can be installed on almost all web servers as long as PHP is present and the web server has access to an IMAP and SMTP server. SquirrelMail outputs valid HTML 4.0 for its presentation, making it compatible with a majority of current web browsers. SquirrelMail uses a plug-in architecture to accommodate additional features around the core application, and over 200 plug-ins are available on the SquirrelMail website Licensed under the GNU General Public License, SquirrelMail is free software. It is currently available in over 50 languages. SquirrelMail is included in many major GNU/Linux distributions and is independently downloaded by tens of thousands of people every month. RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder



4

manipulation, message searching and spell checking. RoundCube Webmail is written in PHP and requires a MySQL or Postgres database. The user interface is fully skinnable using XHTML and CSS 2. Thunderbird is a free, open-source and cross-platform mail client for most operating systems including, but not limited to, Windows, Linux and Macintosh. It is based on the Mozilla code base. It is a robust and easy to use client, similar to competing products like Outlook Express, but with some major advantages such as junk mail classification and security. Mozilla Thunderbird is a fully featured, secure and very functional email client and RSS feed reader. It also includes well functional address-book manager. It lets you handle mail efficiently and with style, and Mozilla Thunderbird filters away junk mail too. OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. LDAP is a platform-independent protocol, and is free to download and user for your hands-Labs on projects. Today, LDAP directories and LDAP authentication have become one of the enterprise user infrastructure cornerstones. As the enterprise has digitized and opened itself up to customer, business partner, vendor and wide-spread employee access to pieces of most enterprise applications, the need to know who the user is has significantly increased from a security perspective. Who is the user trying to access an application? What is the strength of authentication by which the application can trust the user trying to access the application? What are the user's authorization privileges? That is, an enterprise-wide LDAP implementation can enable almost any application, running on almost any computer platform, to obtain information from your LDAP directory. And that directory can be used to store a broad range of data: email address and mail routing information, HR data, public security keys, contact lists, and much more. By making an LDAP directory a focal point in your systems integration, you're providing one-stop shopping whenever people go looking for information within your company - even if the primary source of the data lives elsewhere – i.e., they sign in once – via Single-Sign-On (SSO) Identity Management – and thereafter they have access to all LDAP linked services and resources they have permission to. Hands-on Labs In this Hands-on Lab session, you’ll learn how to setup virtual network on VMware (you may also use any other virtual machines like MS VirtualPC, Linux Xen, or VirtualBox from Oracle). In this lab session, we’ll concentrate on installing Postfix server with Dovecot server and SquirrelMail webmail client on a clean install Linux CentOS5 Server. You will an opportunity to learn how to install and configure Webmin to help with configuring DNS server and Dovecot. I’ll also show you how to set static IP address which is required for successful deploying a DNS and messaging servers. Finally, we’ll go through a step-by-step process to install and configure Postfix messaging server, Dovecot POP/IMAP server and SquirrelMail Webmail client. You’ll also learn how to install RoundCube webmail as alternative to SquirrelMail. I’ll show how to install and setup Thunderbird mail client as an alternative to webmail. Next we’ll implement security measures to ensure that our messaging server is safe from cyber-criminals and malware. To give your messaging solution some muscle, we’ll implement OpenLDAP to power our centralized identity management. You’ll also have an opportunity to do some hands-on lab assignments at the end of the lab session. Upon completion of the hands-on labs you’ll have gained a competency level and a capability to



5

be able to plan design implement and deploy an enterprise grade messaging solution using Postfix. However, it’s important that only those who are sincere in carrying out the labs with due diligence can reach competency level herein mentioned. Assumptions It’s assumed that you have a good understanding of Linux operating system and its working environment. It’s also assumed that you know how to install and configure Linux CentOS5, if not go ahead and pop over to Docstoc.com and check out a good Hands-on Labs training manual entitled “Install Configure and Upgrade Linux CentOS5 Server v1.1” to get you started. Other related articles that you may need for this Hands-on Lab session:

1. Using Webmin and Bind9 to Setup DNS Server on Linux

2. Step-by-Step Install Guide for Evolution Mail Client with Addressbook using LDAP on Linux v1.2

3. OpenLDAP for Enterprise Identity Management & SSO v1.0

4. Install Guide IPCop Firewall for Network Security with Spam and Virus Protection

Part 1: What you need to start CentOS5 Installation

1. Download the latest CentOS5 ISOs for DVD or CDs from: http://centos.org 2. A test x86 desktop computer, keyboard, monitor, mouse, and firewalled internet connection. 3. One hour of quite time and a good supply of coffee or tea – but definitely none alcoholic drink

(seriously!)

Step 1: Install CentOS52

1. Install Centos52 from DVD or CDROM configure the entire disk 2. Configure your Fully Qualified Hostname, IP address and Gateway, DNS details 3. Setup your root password 4. Setup the software. Select Server only and Customize Now

• Select only the following components: Editors Text base Internet Development Libraries Development Tools Administration Tools Base System Tools

5. The system will now install and will required CDs 1-6.

6. Once the system reboots disable firewall and SElinux.

7. Make sure your /etc/hosts file has the line:

IP address and FQDN hostname (i.e. 192.168.83.21 linuxc.monstserv.com linuxc).



6

8. Reboot the system (for changes to take effect).

9. Then run yum update to my sure your system is fully up to date.

10. Reboot the system.

11. OS server installation complete and ready for DNS, Postfix and Dovecot servers’ installation and final lockdown setup.

Part 2: Install & Configure DNS Server

1. For your new e-mail server to work, you must first get all the DNS issues straight as we have done in Part 2. First, add the hostname and IP address for the new e-mail server to your DNS server and confirm the address with nslookup and dig command as we’ll see later:

2. Webmin is the most powerful administration tool in its nature. We will use it to set up our DNS, but I

will not go over it in detail because we already know how to use other administrative tools. It is not difficult to use because it is web based, in any event, you should know that you can use it remotely to administrate the system. Checkout a great HowTo by the same author on Docstoc.com for the detailed lab manual: “Using Webmin and Bind9 to Setup DNS Server on Linux”. In this Hands-on manual you will learn how to use Webmin to setup DNS Server and mail, www and ftp aliases on Linux CentOS5 server.

3. While here also note our hostname: linuxc.monstserv.com 4. Other servers are:

mail.monstserv.com www.monstserv.com ftp.monstserv.com

5. Check out /etc/hosts to ensure that you have a correct setup, in our case, it’s as follows:

# Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost 192.168.83.21 linuxc.monstserv.com linuxc mail www ftp ::1 localhost6.localdomain6 localhost6

6. To ensure that your DNS server is installed and configured correctly, perform the following test via

dig and nslookup command:

[root@linuxc ~]# dig linuxc.monstserv.com ; <<>> DiG 9.3.4-P1 <<>> linuxc.monstserv.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1096 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION:



7

;linuxc.monstserv.com. IN A ;; ANSWER SECTION: linuxc.monstserv.com. 38400 IN A 192.168.83.21 ;; AUTHORITY SECTION: monstserv.com. 38400 IN NS linuxc.monstserv.com. ;; Query time: 4 msec ;; SERVER: 192.168.83.21#53(192.168.83.21) ;; WHEN: Sun Oct 25 13:16:03 2009 ;; MSG SIZE rcvd: 68 [root@linuxc ~]# nslookup linuxc.monstserv.com Server: 192.168.83.21 Address: 192.168.83.21#53 Name: linuxc.monstserv.com Address: 192.168.83.21

7. We’re good and ready to move on Part 3, Install and configure Postfix server

Part 3: Install and Configure Postfix Server In this section, we present the steps necessary to successfully install and configure Postfix 2.6.5 on Linux CentOS5. I have used these steps to install Postfix on several pilot testing and production servers and all work perfectly. I hope this hands-on labs manual will save others the time of hunting around forums while carrying out projects or for training session.

Step 1: Verify that DNS is working correctly

1. Now let’s do more tests to ensure that our DNS server is sound & solid:

[root@linuxc ~]# nslookup -sil linuxc.monstserv.com Server: 192.168.83.21 Address: 192.168.83.21#53 Name: linuxc.monstserv.com Address: 192.168.83.21

2. It is also important that your administrator put a reverse DNS entry to prevent delays in mail delivery.

Most modern e-mail servers use reverse lookup as a means of authentication for mail transfer. Again, confirm this setting is correct using the nslookup command on your IP address.

[root@linuxc ~]# nslookup -sil 192.168.83.21 Server: 192.168.83.21 Address: 192.168.83.21#53 21.83.168.192.in-addr.arpa name = linuxc.monstserv.com

3. As you can see, the DNS entries are setup and working correctly, so let's move on to actually

configuring Postfix. By default, Postfix installations on CentOS5 will only allow SMTP traffic on the localhost. The output of netstat -nl will show you all ports that have a dæmon listening; note



8

the line that says 127.0.0.1:25. This means the server is only listening on the loop back interface for connections on port 25 (SMTP).

4. Finally, to test that our MX server is setup correctly, issue the following command:

[root@linuxc ~]# dig mx mail.monstserv.com

Fig. 1 5. We’re done with this section.

Step 2: Verify if Postfix Server is installed

1. You can first verify if the necessary Postfix packages are installed by running:

[root@linuxc ~]# rpm -qa | grep postfix*

2. In case you get blank result as is the case above, then Postfix is not installed. Alternatively, if you get

result then it was installed with CentOS. No worries go to Step 3.



9

Step 3: Install & Configure Postfix with MySQL in RHEL/CentOS5

The version of Postfix that comes with Red Hat Enterprise 5 or CentOS 5 does not support MySQL lookups. You can build your own custom Postfix RPM or get a pre-built RPM from the CentOS Plus repository. You can also use the CentOS repository in RHEL since CentOS is binary compatible with RHEL. This section of the hand-on labs describes how to install Postfix with MySQL lookup table support from the CentOS Plus repository. 1. Use your favorite Text editor to edit the file /etc/yum.repos.d/CentOS-Base.repo or its

equivalent in RHEL and edit the lines below.

[base] exclude=postfix [update] exclude=postfix rpm[centosplus] enabled=1 includepkgs=postfix

Note: If you’re using RHEL, add these lines under the centosplus section.

name=CentOS-$releasever - Plus mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

2. Before we proceed we need to remove the standard version of Postfix. Type:

[root@linuxc ~]# yum remove postfix

3. To install the version of Postfix found in the CentOS Plus repository, issue the command:

[root@linuxc ~]# yum install postfix -y

4. To verify MySQL support; check if mysql is found in the output; issue the command:

[root@linuxc ~]# postconf -m btree cidr environ hash ldap mysql



10

nis pcre pgsql proxy regexp static unix [root@linuxc ~]#

5. You’re done with this section. 6. We’re good to go – MySQL support is included in our installed Postfix messaging server.

Step 4: Install Mail Transport Agent Switcher (MTAS)

By default, Sendmail is the active SMTP server on a Linux machine, so if you have it already installed on your Linux box; then you need to install MTAS to switch between the messaging servers. 1. Installing and setting up Postfix SMTP Server in RHE5 or CentOS5 is easy. Postfix has secure default

settings so we just need to open it up a bit. However, in Linux distros Sendmail is the default active SMTP server, and therefore, we need to be able to switch between Postfix and Sendmail using the MTAS.

2. Install Mail Transport Agent Switcher (MTAS):

• If you did not add system-switch-mail and system-switch-mail-gnome during the initial CentOS installation, you can add them now using Package Manager tool or yum command:

[root@linuxc ~]# yum install system-switch-mail* -y

Note: This should install the two required packages.

3. You’re done with this section.

Step 5: Switch to Postfix from Sendmail

Here’s how to switch between the two mail servers: 1. Click System > Administration, and click Mail Transport Agent Switcher, see Fig. 2



11

Fig. 2 2. This will launch the system-switch-mail window, as shown in Fig. 3. Check Postfix and then click OK.

Fig. 3 3. You should be prompted with an Alert window as shown in Fig. 4. Click OK, to switch to Postfix mail.



12

Fig. 4 4. You’re done with this section.

Step 6: Configure Postfix Server

Inn this section, we going configure our Postfix mail server. To do this, perform the following procedures: 1. Change to /etc/postfix directory. Use your favorite Text editor to open the file main.cf. 2. The two most basic steps in configuring a Postfix server are to modify this file to enable it to listen on

the network request and to accept mail from valid web domains bound to our domain. Also we need to use the maildir which is a better mailbox format than mbox the default.

3. Follow the link to access the full document. The full document has moved to Docstoc.com. You may download it from here: http://www.docstoc.com/docs/46747838/Build-your-own-Secure-Enterprise-Postfix-Mail-Server-Powered-by-OpenLDAP-Centralized-Id-Mgmt ----------------------------------------------- Kefa Rabah is the Founder of Global Technology Solutions Institute. Kefa is knowledgeable in several fields of Science & Technology, Information Security Compliance and Project Management, and Renewable Energy Systems. He is also the founder of Global Open Versity, a place to enhance your educating and career goals using the latest innovations and technologies.

Documents

Deploy Secure Postfix Messaging Server with OpenLDAP for Addressbook & Identity Management v1.1