Mail Server Configuration featured image

Mail Server Configuration Tutorial: How to Use Postfix, Dovecot, MySQL, and SpamAssassin


On Ubuntu 20.04, you can use tools like Postfix, Dovecot, MySQL, and SpamAssassin to configure a mail server. The process can be confusing for someone attempting it for the first time. This tutorial aims to simplify the mail server configuration process for you with detailed steps. At the end of this tutorial, you will know how to add virtual domains, users, and aliases. Ultimately, you will make your virtual server more secure from spam hubs.


Before you start with the mail server configuration, there are some prerequisites to take care of. First, make sure that your virtual private server has a domain that is forwarding to your server. You also need to install and configure MySQL. In addition, you need to have a user with root privileges granted and install an SSL certificate. Finally, make sure that your FQDN  is configured and identified.

If you install your packages as the root user, you will have all of the privileges. That is why we recommend it:

Enter your user’s password. At this point, you will see the $ symbol change to #. Next, let’s explore the different aspects of configuration one by one.

Step 1: Installing Packages

We will start off by learning how to install packages:

When the Postfix configuration pops up, select the Internet Site:

Mail Server postfix config

You will be asked about the System mail name. Here, you can use the FQDN or the main domain:

postfix configuration 2

Step 2: Creating a MySQL Database, Virtual Domains, Users, and Aliases

Next, once all the packages are installed, we will move on with the configuration. Our goal is to configure three tables. One will be for domains, one for users, and one for aliases. These will be housed in a MySQL database that we will create.

Let’s say we want to name our database servermail. You are free to use the name of your choice. Here is how we will create it:

You have to log in as the MySQL root user:

Then, enter your password. A successful attempt will show this as a result:

Next, we will make a new user for mail authentication in particular. Give the SELECT permission like so:

After that, reload your MySQL privileges to apply the permissions successfully:

Next, we will use our database to make the tables and enter the data:

We will make individual tables for the specific domains that are recognized as authorized domains:

The goal is to introduce users to the table. Hence, we will be adding the relevant email address and password. Keep in mind that you have to associate each user with a domain:

Next, we will make a table for all of our virtual aliases to specify all the emails that we will forward to the other email:

By the end of this process, you will have successfully made three tables. Next, we have to introduce the data.

  • Virtual Domains

In this section, we will learn how to introduce domains within the virtual_domains table. Specifically, we will focus on how to introduce the primary domain ( and the FQDN (

  • Virtual Emails

Next, enter the email address and associated passwords for each of the domains. Ensure that all of the info is changed with your specific information:

  • Virtual Aliases

Now you can introduce the email address to which you will forward the other email address. The former is the source while the latter is the destination:

Then, you can exit MySQL:

Step 3: Configuring Postfix

It is important to configure Postfix so that it can manage the SMTP connections. It also has to be able to send the messages for all of the users entered in the MySQL database. Let’s start off by making a copy of the default file. This is so that you can easily revert back to the default configuration if and when needed:

Now open the file to modify it:

Start by commenting the TLS parameters and then append any other parameters. In our example, we are using the Free SSL certificates. You can, of course, change the configuration as per your requirements:

Next, you will be appending these parameters below the TLS settings:

After that, we have to comment the mydestination default settings. Then, we will replace it with localhost. With this change, the VPS will be able to use the virtual domains in the MySQL table:

Now use this command to verify that myhostname parameter is set in your FQDN:

Additionally, append this line to have local mail delivery to all virtual domains listed in the table activated:

Lastly, we will be adding the following parameters in order to tell Postfix to configure the virtual domains, users, and aliases:

To make sure there are no errors, compare these changes with the following file:

Once all of that is checked, you will create three files to append in the file. The goal here is to give Postfix instructions on how to connect with MySQL. To do this, we will start by creating the file. Of course, in your file, you will make changes as per your personal configuration:

Next, restart Postfix:

You must ensure that Postfix is able to find your domain. To test this, use this command:

The command will return 1 if it is successful. In this case, you can process by creating the file:

Restart Postfix once again:

Again, we will ensure that Postfix is able to find the first email address. To test this, use the following command:

If it is successful, you will get an output of 1 in return. As such, we will move to create the last file:

This completes the configuration between Postfix and MySQL. Restart Postfix to apply:

To confirm that Postfix is indeed finding your aliases, use this command:

You should ideally receive the mail that is forwarded to the alias as the output. You can also modify the /etc/postfix/ file like this if you want to connect port 587 with email clients safely:

Here is how to uncomment certain lines and append parameters:

Sometimes, you may need to restart Postfix to confirm that the port is open:

This tool can be used to scan the domain ports too. You can use it to verify that ports 25 and 587 are open.

Step 4: Configuring Dovecot

Now it is time to configure Dovecot. For this section, we will have to copy the 7 files you want to modify. This is to ensure you can revert back if needed. Enter this command one by one:

You have to edit the configuration file from Dovecot:

Make sure that the option if uncommented:

Next, we will enable protocols below the !include_try /usr/share/dovecot/protocols.d/*.protocol line. If you want, you can also add pop3:

To ensure there are no mistakes, compare it with this file:

Next, edit the mail confirmation file:

Locate the mail_location line. You need to uncomment it and add this parameter:

After that, locate the mail_privileged_group line. Again, uncomment it and add the mail parameter:

To eliminate any possibility of errors, compare it with this file:

  • Verifying Permissions

To verify the permissions, use this command:

Make sure that your permissions show up like the following:

You can create a folder for each domain. All of these folders will be registered in the MySQL table:

Make a vmail user and group using an id of 5000:

Next, you must change the owner of the /var/mail folder to the vmail user:

Now edit the /etc/dovecot/conf.d/10-auth.conf file:

Add the following line after uncommenting the plain text authentication:

Use this to modify the auth_mechanisms parameter:

Now comment this line:

To enable MySQL authorization, you have to uncomment the following line:

To detect and edit mistakes, use the following file:

Making a /etc/dovecot/dovecot-sql.conf.ext file with your information will allow you to authenticate:

Enter this code in the file:

We will use out custom MySQL information to modify the /etc/dovecot/dovecot-sql.conf.ext file:

Set MySQL as the parameter after uncommenting the driver parameter like this:

You can introduce your MySQL specific information by uncommenting the connect line:

Now you have to uncomment the default_pass_scheme line and change it to SHA-512:

Add the following information after uncommenting password_query:

To detect errors, use this file to compare:

Next, you can change the owner and the group of the dovecot folder to the vmail user:

The next step is to modify the /etc/dovecot/conf.d/10-master.conf file. You have to be extra careful here as different parameters will be changed:

Use the following code to change the unix_listener parameter to service_auth:

Next, you have to edit service auth-worker like so:

Detect errors by comparing to this file:

The next step is for us to modify the SSL configuration file from Dovecot. If you are planning on using the default confirmation, then you can skip past this step onto the next section:

Next, change the ssl parameter to required like this:

We will also modify the path for both ssl_cert and ssl_key:

Restart Dovecot:

Make sure to check that port 993 is open. If you have enabled pop3, then also check on port 995:

If you have completed the steps until this point, congratulations! You have configured your mail server successfully. To make sure you did all the steps correctly, you can test your account with the help of an email client like this:

Port 993 is used for secure IMAP and port 587/port 25 for SMTP.

Step 5: Configuring SpamAssassin

We have finally arrived at the last section of the tutorial where we will configure SpamAssassin. We will start by installing SpamAssassin:

Make a user for SpamAssassasin like this:

You must open and modify the configuration settings to be able to configure SpamAssassin:

Now that you are here, you must change the ENABLED parameter to enable SpamAssassin daemon:

Modify the home and options parameters with this code:

Use this line to specify the PID_File parameter:

Next, use this command to indicate that SpamAssassin’s rules will be updated automatically:

Check for mistakes by comparing with the following document:

If you want to set up the anti-spam rules, then you must open the /etc/spamassassin/ file again:

The way SpamAssassin works is that it scores every mail that is received by the user. It assesses the scores for the emails and if it is greater than 5.0 on its spam check, the mail is marked as spam. Here are the parameters you can use to configure these anti-spam rules:

Once the anti-spam rules are set, you need to tell Postfix that each email is to be checked with SpamAssassin. For this purpose, we need to modify the /etc/postfix/ file:

Find the following line and add the spamassassin filter:

Now you can append these parameters:

Finally, start SpamAssassin and restart Postfix to apply the changes. When you relaunch, Postfix will start to verify spam from emails:

And that is it! You have successfully configured your mail server with Postfix and Dovecot. You also performed MySQL authentication and set up spam filtering with SpamAssassin.


This tutorial outlines the steps you need to follow to perform the configuration of your mail server with the above-mentioned tools. It could be utilized as a comprehensive guide for you to set up your mail server independently. If you are interested in utilizing Google’s SMTP server feature follow along with this tutorial.

Happy Computing!