Configuring a Mail Server on SLES

Applies To:

• SUSE Linux Enterprise Server 9

This article aims to demonstrate how to use the YaST modules in SLES to create a very functional mail server. Users for the server are stored in a LDAP directory, and the server offers them access via POP3, IMAP, and SMTP. This set-up requires the combined efforts of several modules including:

• LDAP Server
• LDAP Client
• DNS Server
• Mail Server
• Edit and Create Users/Groups

Several underlying projects are used to accomplish this configuration. The major ones include:

• LDAP
• Bind
• Postfix
• Cyrus

Because the configuration relies on a LDAP database, it works well with the user authentication scheme described in the article, .

Step 1: Create LDAP Users

The server needs to be configured with a LDAP database to store the user information. The easiest way to accomplish this is to select LDAP user authentication while installing the system. This is the default behavior while installing SLES. In addition, the mail server should have a static IP address, and be assigned a DNS name.

Following is a brief overview of the recommended installation settings.

1. Proceed with a nomal SLES installation. When network configuration is reached, make sure that the server has a static IP address, and is configured with its designated DNS name. In this example the DNS name is mail.example.com.

   Figure 1: Static IP Address

   Figure 2: Hostname

2. Be sure to create a certificate and LDAP database (this is the default behavior). If the defaults are accepted, the database has a base DN of dc=example,dc=com, an administrator user cn=Administrator, and a password matching the root password already given.

   Figure 3: Certificate and LDAP Database

3. Make sure that the system is configured to authenticate users via LDAP (default).

   Figure 4: User Authentication Method

4. No changes should need to be made in the LDAP Client Configuration, but note that Create Default Configuration Objects must be selected under Advanced Configuration.

   Figure 5: LDAP Client Configuration

   Figure 6: Advanced Configuration

5. Proceed through the rest of the installation, creating any users which are needed. Mail users can be added now and configured as such later. If the mail users should not be allowed to log-in locally to the server, be sure to change their Login Shell to /bin/false in the Details... screen.

Step 2: Configure the DNS Server

The mail server requires that the Bind DNS server is running, it stores its information in the LDAP database, and that it has at least one zone configured with a MX entry. These tasks are all easily accomplished through the YaST DNS Server module, accessible under Network Services > DNS Server.

Note: It is important to remember that the following DNS configuration is only one possible set-up. This example only demonstrates the most basic configuration necessary to get the mail server running. Specific requirements may necessitate a more complex configuration.

1. After Launching the DNS Server module the package bind may be installed it it is not already.

2. The first step is to set-up forwarders. For this example, just hit Next.

   Figure 7: Forwarders

3. Next, add a new master zone. In this case example.com was added as a master zone. When the zone is added select Edit Zone and add a MX record for mail.example.com. Press OK and Next to continue.

   Figure 8: DNS Zones

   Figure 9: Adding a MX Record

4. On the final screen, enable the DNS server on start-up, and enable LDAP support. When the LDAP support check box is activated additional packages may be installed. When Finish is selected the LDAP configuration is written. This may require the LDAP password to be entered.

   Figure 10: Finish Wizard

Step 3: Configure the Mail Server

Now that the LDAP and DNS servers are configured the mail server can be installed.

1. By default there is no Mail Server module in YaST. There is a Mail Transfer Agent module, but it serves a different purpose than a mail server. Begin by using the Install and Remove Software module in YaST to remove the Mail Transfer Agent module (yast2-mail) and install the Mail Server module (yast2-mail-server). Then, launch the module.

   Figure 11: Install and Remove Software

2. Because it depends on a LDAP database, the LDAP password is prompted for. Next, a menu is presented to configure the different components of the mail server.

   Figure 12: Mail Server Components

3. The first component is the Global Settings. It allows for the configuration of:

   • The server identification given for SMTP requests.
   • Maximum message size.
   • Method of relaying outgoing mail, along with encryption settings (TLS).

   Figure 13: Global Settings

4. Next, the method users receive their mail is configured. To enable IMAP and POP3, select Cyrus IMAP. Other settings, such as encryption and quotas can be set.

   Figure 14: Local Delivery

5. The next module allows local transports to be configured. This setting allows mail to be routed to another server. For a simple server no transports are necessary.

   Figure 15: Mail Transports

6. The mail server can be configured with black-lists, virus scanning, etc. This module allows for configuration of these tools.

   Figure 16: Mailserver Prevention

7. The next screen allows trusted networks to be defined. These networks are allowed to relay non-local mail.

   Figure 17: Mailserver Relaying

8. If mail needs to be fetched from another server, this configuration is accomplished in this screen.

   Figure 18: Fetching Mail

9. The next screen lets the domains that this server considers itself the final destination to be defined.

   Figure 19: Mailserver Domains

10. When the desired settings are complete, select OK to commit them. Congratulations, the mail server is now configured!

Configuring Mail Users

Adding mail users is simply done through the Edit and Create Users module. Any LDAP user can be configured to use the mail server. To do so simply add or edit a LDAP user, and select Details.... Select Next to proceed to the Additional User Settings screen. Make sure that the Edit user mail parameters plug-in is active (gray box on the left). If the mail server is already configured and the user is now being added for the first time the plug-in is active by default. Launching the plug-in allows the mail aliases and quotas to be established.

Figure 20: Enable Mail Plug-in.

Figure 21: Mail Parameters

Using the Mail Server

Configuring a client to use the mail server is simple. In the above example the configuration for the user geekowould be:

• E-Mail address: geeko@mail.example.com
• IMAP 
• server: mail.example.com:143
• Ecryption: TLS
• Authentication: Clear Text
• POP3 
• sever: mail.example.com:110
• Encryption: TLS
• Authentication: Clear Text
• SMTP sever: mail.example.com:25
• Encryption: TLS

Conclusion

SLES makes creating a mail server easy and painless. This walk through just showed a basic configuration involving a single mail server with a local LDAP database. This example can be expanded on to create a very flexible and powerful mail system.