Blog is moving

My blog is moving to http://victormendonca.com/blog/. If you are looking for a specific or older post you are in the right place Otherwise check out my new page for more up to date content.

Sunday, June 7, 2009

How to Yahoo IMAP with postfix, fetchmail and dovecot


After doing en extensive research on the net for a similar setup (without finding anything) and spending a full weekend trying to get this working, I've decided to create a tutorial that will provide a base to users that don't have a lot of mail server experience and the same setup.

I'm an email guy so I'm not sure if I'll be able to support in case you run into problems, but I'll try if I can. Also let me know if you think there's some wrong with the tutorial or anything that can be improved and I'll be happy to change.

Here's what I have at home:
- Ubuntu Server 8.10 32-bit (LAMP)
- dyndns
- Yahoo mail (not plus)

1- Getting your emails delivered to your account
1.a - Install fetchmail

$ sudo aptitude install fetchmail

1.b - Create a .fetchmailrc in your home directory with the following info:

$ cd $HOME

$ vim .fetchmailrc
set syslog;
set daemon 90;
set postmaster "[user]@yahoo.ca";

poll "pop.mail.yahoo.ca" port 995 with protocol POP3 user "user@yahoo.ca" password "[yahoo_password]" is "[loginname_to_the_server]" here keep ssl
smtphost "localhost" smtpname "[loginname_to_the_server]@localhost"

Note: Do no use the square brackets. They are there only to indicate that you need to enter something.
- The above file will download only new emails and keep a copy on the server

1.c - Change permission of the file

$ chmod 600 .fetchmailrc

1.d - Run fetchmail and check if new mail has arrived (make sure that there's one unread email on your yahoo account)

$ fetchmail
$ mail

- Press “q” to leave the mail reader

2- Setup postfix to delivery the messages for you
By default postfix should already be installed on your machine. But you still need to configure it do delivery your local emails to your local or Internet accounts.

2.a - Initial postfix configuration

$ sudo dpkg-reconfigure postfix

Answer the questions at the prompt:
General type of mail configuration: Internet Site
NONE doesn't appear to be requested in current config
System mail name: server1.example.com
Root and postmaster mail recipient:
Other destinations for mail: server1.example.com, example.com, localhost.example.com, localhost
Force synchronous updates on mail queue?: No
Local networks: 127.0.0.0/8
Yes doesn't appear to be requested in current config
Mialbox size limit (bytes): 0
Local address extension character: +
Internet protocols to use: all

Once this is set you should be able to send emails locally. Restart postfix and try sending an email to yourself with the following command:

$ sudo /etc/init.d/postfix restart

$ mail [your_user_name]@localhost
Subject: Testing
This is a test # press Ctrl+d to end the message body
Cc: # press enter

$ mail
Mail version 8.1.2 01/15/2001. Type ? for help.
"/var/mail/user": 1 messages 1 new
> N 1 user@hostname Sun Jun 7 20:08 14/464 Testing

2.b - Fine tunning postfix

Check the following file and make sure that it has you server's FQDN

$ cat /etc/mailname
myserver.dyndns.org

Now we need to create an authorization file that will be used for your login and them run postmap on it to create a db file. The file should look like this:

$ sudo cat /etc/poistfix/sasl/smtp_auth
127.0.0.1 [username]@yahoo.ca:[password ]

$ sudo postmap /etc/poistfix/sasl/smtp_auth

Let's edit your postfix mail file to look similar to this:

$ grep -v '#' /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = yes
append_dot_mydomain = no
readme_directory = no
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = [fqdn], [hostname].[domain_name,] localhost.[domain_name], localhost
relayhost = 127.0.0.1:11125 # this will be used with stunnel
mailbox_command = procmail -a "$EXTENSION" DEFAULT=$HOME/Maildir/
MAILDIR=$HOME/Maildir
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl/smtp_auth

If everything went ok we can go to next step and install stunnel and configure for sending the email via port 465 (which is no longer supported by postfix).

3 - Stunnel
3.a - Installing and configuring stunnel

$ sudo aptitude install stunnel

And configure you stunnel.conf to look like this:

$ grep -v ';' /etc/stunnel/stunnel.conf

sslVersion = SSLv3

chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /stunnel4.pid

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

client = yes

[smtps]
accept = 11125
client = yes
connect = smtp.mail.yahoo.ca:465

# Make sure that the following lines are commented out:

;cert = /etc/stunnel/mail.pem
;cert = /etc/stunnel/stunnel.pem
;key = /etc/stunnel/mail.pem

3.b - Starting and testing stunnel

$ sudo /etc/init.d/stunnel4 start

$ telnet 127.0.0.1 11125
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 smtp107.mail.mud.yahoo.com ESMTP
>ehlo
250-smtp107.mail.mud.yahoo.com
250-AUTH LOGIN PLAIN XYMCOOKIE
250-PIPELINING
250 8BITMIME
>quit
221 smtp107.mail.mud.yahoo.com
Connection closed by foreign host.

At this point you should be able to send and receive email from your yahoo account using the mail command. If for some reason you are having problems, check the troubleshooting section at the end of the tutorial for more help and links.

4 - Dovecot
4.a - Installing dovecot

$ sudo aptitude install dovecot-common dovecot-imapd dovecot-pop3d

4.b - Configuring and testing dovecot

Dovecot is very straight forward for configuring. Check that /etc/dovecot/dovecot.conf has the following lines:

protocols = imap imaps pop3 pop3s
protocols = imap imaps pop3 pop3s
mail_privileged_group = mail

Restart it and then we can test it with mutt:

$ sudo /etc/init.d/dovecot restart

$ mutt -f imap://user@127.0.0.1/

5 - Configuring an email client
Most email clients are the same. I'll include here the basic settings that you will need to connect using the settings we have just created

=> Receiving email
Server: FQDN
Username: local username for the server
Security: TLS

=> Sending email
Server: FQDN
Security: No encryption

6 - Troubleshooting
6.a Useful commands

Commands to display and purge emails on the server:

# prints messages in queue
$ postqueue -p

# attempts to send messages - flush
$ postqueue -f

Check your logs for important messages as you attempt to send emails and start services

$ sudo tail -f /var/log/mail.log

6.b - Useful links

- Ubuntu Documentation for postfix
https://help.ubuntu.com/community/Postfix
- Postfix as client only (what we used here)
http://www.postfix.org/SASL_README.html#client_sasl
- Postfix port 465
http://www.postfix.org/TLS_README.html
- Postifx authentication file
http://www.postfix.org/postconf.5.html#smtp_sasl_password_maps
- Relaying to an smtps host with postfix and stunnel
http://www.eglug.org/book/export/html/1923
- Generates pem key for stunnel (we are not using it here)
http://www.stunnel.org/pem/
- Troubleshooting stunnel
http://ubuntuforums.org/showthread.php?t=983926
- Postfix and Dovecot on Ubuntu Dapper Drake
http://adomas.org/2006/08/postfix-dovecot/

5 comments:

Zach Cutlip said...

Got some questions about fetchmail.

Since you're using a .fetchmailrc in your homedir, I'm assuming you're running fetchmail as your user rather than as a system service. Having specified the daemon option in your config, I believe that fetchmail will daemonize when you run it.

Since you're not running it as a system service, how do you ensure that your user's instance of fetchmail is running when the system starts? Do you use a cron job?

Victor said...

Hi Zach,

I haven't implemented any automation because I barely reboot the machine. But a link to a script in /etc/rc.local should take care of the problem. Something like:

ps aux | grep fetchmail | grep -v grep > /dev/null
if [ "$?" != "0" ] ; then
su user -c 'fetchmail'
fi

Add the name of the script to /etc/rc.local and you should be home free.

Another option would be to add the settings under /etc/fetchmailrc, but I did not try that setup. It might actually be easier.

Vic.

Zach Cutlip said...

Vic,

Thanks for the tip. I decided to run fetchmail as a cron job that starts at boot and runs as my user:

@reboot /usr/bin/fetchmail

Anonymous said...

interesting post. I would love to follow you on twitter.

Daftar Yahoo Mail said...

Thank you for the information, I think this article is very useful for all who read it.
.