Install postfix on Debian Wheezy Linux / Postfix mail server with Dovecot and MySQL user storage on Debian Wheezy 7 Linux

postfix Debian GNU Linux logo picture install and configure postfix with dovecot on Wheezy debian 7 Linux

I have recently installed Postfix on a server following ISPMail Tutorial on Debian Wheezy Linux 7. Officially as you can see on their website there is no official guide still for Debian Wheezy yet. Therefore my only option was to follow ISPMail tutorial using Postfix 2.7 (Debian Squeeze).

It was quite a struggle to adapt tutorial for Squeeze deb to Wheezy and it took me an  overall time of about of week (each day spending few hours trying to make various components of tutorial) work. But finally I managed to install it. This is how this article got born in hope that in future it will help others have a decent Postfix install on Wheezy.. 

For those unfamiliar with's ISPMail Postfix Tutorial it is pretty much standard step-by-step installation guide for dummies similar to or Thibs QmailRocks Updated Installation Guide.

In Other words  is probably the best Postfix full featured install tutorial currently online as of time of writting this post. is great for people who want to run full featured; 

Postfix SMTP configured to support;


  • Postfix to support Mail Virtual Domains (store E-mails in MySQL database)
  • Dovecot Secure IMAP / IMAPS / POP3 / POP3s server to offer Pop3 and Imap remote access
  • Support Properly Generated SSL Certificates for POP3s and IMAPs
  • Anti Spam - SMTPD restrictions, SPF,  RBL,  Greylisting
  • Install web frontend to support Web E-mail Domaim / Accounts easy administrations for users stored in MySQL db
  • Amavisd-New (to protect Mail server from Spam)
  • Postfix WebMail frontend with Roundcube or Squirrelmail

Here is the big picture as it gives good idea on how all above components correspond to each other:

how postfix dovecot amavis clamav and spamassassin work postfix the bigpicture

So here we go:

1. Install Postfix necessary  debian packages

a) Install Postfix / MySQL / phpmyadmin and Postfix support for MySQL mail storage deb packs


apt-get update

apt-get upgrade

apt-get install –yes ssh
apt-get install –yes postfix postfix-mysql
apt-get –purge remove 'exim4*'
apt-get install –yes mysql-client mysql-server dovecot-common dovecot-imapd dovecot-pop3d postfix libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl telnet mailutils
apt-get install –yes mysql-server phpmyadmin


b) Install deb packages for Dovecot and Imap Support as well as Roundcube and / or Squirrelmail for Webmail support


apt-get install –yes dovecot-pop3d dovecot-imapd dovecot-lmtpd

c) Install packages deb packages for Anti-spam greylisting (tumgreyspf)


apt-get install –yes tumgreyspf

2. Create necessary MySQL database structures

Next step is toconnect to MySQL as root via MySQL CLI or PhpMyadmin and  CREATE new user "mailuser" and new database "mailserver", then create basic structure for "mailserver" database – i.e. sql tables ("virtual_domains", virtual_users", virtual_aliases")
These user and database is used laters by Dovecot server  to connect and  fetch emails from MySQL on user request via POP3 or IMAP. I've taken all the SQL requests and from's site and placed them in one SQL file:

Below is mysql cli query to import it. If you prefer more user friendliness do it via PhpMyAdmin with a copy / paste from file or with PhpMyAdmin import



 wget -q
mysql -u root -p < create-postfix-mysql-user-database.sql

Link to create-postfix-mysql-user-database.sql is here

3. Setting up Dovecot required users and directories

Next its necessary configure some users and create directories where Dovecot will store its configuration files. Dovecot requires to create its custom files for each existing users in MySQL database. Therefore whenever user receives or sends e-mail or is simply created Dovecot also creates a user directory structure in /var/vmail/, for exmpl.:


# ls -al /var/vmail/
total 20
drwx—— 4 vmail vmail 4096 jul 29 09:15 .
drwx—— 3 vmail vmail 4096 jul 29 07:20 ..
drwx—— 3 vmail vmail 4096 jul 29 09:15 .imap
drwx—— 2 vmail vmail 4096 jul 29 09:15 INBOX
-rw——- 1 vmail vmail   24 jul 29 09:15 .subscriptions

The functions of Dovecot server again are:

  • Get emails from Postfix (MySQL database) and save them to disk
  • Allow mail users to fetch emails using POP3 or IMAP protocol with Outlook / Thunderbird whatever pop3 client

    groupadd -g 5000 vmail
    useradd -g vmail -u 5000 vmail -d /var/vmail -m
    chown -R vmail:vmail /var/vmail
    chmod u+w /var/vmail
    chgrp vmail /etc/dovecot/dovecot.conf
    chmod g+r /etc/dovecot/dovecot.conf
    chown root:root /etc/dovecot/dovecot-sql.conf
    chmod go= /etc/dovecot/dovecot-sql.conf


4. Create self-signed SSL certificate for Postfix mail and Dovecot pop3 server



openssl req -new -x509 -days 3650 -nodes -out /etc/ssl/certs/dovecot.pem -keyout /etc/ssl/private/dovecot.pem
chmod o= /etc/ssl/private/dovecot.pem
/etc/init.d/dovecot restart
openssl req -new -x509 -days 3650 -nodes -out /etc/ssl/certs/postfix.pem -keyout /etc/ssl/private/postfix.pem
chmod o= /etc/ssl/private/postfix.pem


5. Configuring Amavis (Anti Virus frontend) with Clamav AV

To reduce viruses it is a must nowadays to install Antivirus in Qmail I used qmail-scanner (perl script) frontend to Clamav Antivirus to check for Viruses and some messed up e-mails. In Postfix just like in Sendmail, tool that does the same is amavisd-new.  There are some configuration files to do, but as its time consuming to do changes one by one I prefer moving old /etc/amavis/ to /etc/amavis-bak/ and download and untar archive with already set  proper configs


apt-get install –yes amavisd-new
useradd clamav -g amavis
mv /etc/amavis /etc/amavis-old
cd /etc/
tar -zxvvf amavis-config-debian-wheezy-7.tar.gz

/etc/init.d/amavis start
Starting amavisd: amavisd-new.

Amavisd is meant to communicate in two port numbers with Postfix. Postfix passes Input in one (10024) and Output – Scanned File Status in (10025). Thus for normal amavis operation this two ports has to be showing as listening on localhost, e.g.:


netstat -nap | grep -E '10024|10025'
tcp        0      0*               LISTEN      13957/amavisd-new (
tcp        0      0*               LISTEN      9007/master     


6. Placing Dovecot working (properly configured) config files for Debian Wheezy

On there are plenty of configurations to copy paste inside files and how it is explained is a bit complicated thus played a lot mainly with /etc/postfix/ and /etc/postfix/ configurations until I finally had a working version of (SMTP) configured not to be an open relay and receive / sent email OK …
Here are configurations that worked for me:


mv /etc/postfix /etc/postfix-old
cd /etc/
wget -q
tar -zxvvf postfix-configs-debian-wheezy.tar.gz
… …..

[ ok ] Stopping Postfix Mail Transport Agent: postfix.

[ ok ] Starting Postfix Mail Transport Agent: postfix.


To download my good postfixs-debian-wheezy.tar.gz look here

Afterwards only setting you have to change in /etc/postfix/ is:


myhostname =

to your Fully Qualified Domain Name (FQDN), lets say

myhostname =

I find it also useful to remove from SMTP after connect banner reporting that Postfix is running on Debian in change:

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)


smtpd_banner = $myhostname ESMTP $mail_name


7. Placing Dovecot working config files in /etc/

Configuring Dovecot is not an easy task in Debian Linux Squeeze and Lenny, on Postfix ISPMail guide there is a special tutorial for each as there is none yet for Debian Wheezy. It took me long to figure it out how to translate from old config settings for Wheezy's Dovecot 2.1.7-7. Configuration files places has changed for some clarity in Dovecot 2.1.7-7. So many of the Workaround.rog's Squeeze Tutorial suggested changes in /etc/dovecot/dovecot.conf are to be made in files under /etc/dovecot/conf.d

Therefore quickest way to have working Dovecot is to move default config dir /etc/dovecot to /etc/dovecot-old and place tuned configs:

cd /etc/
wget -q
tar -zxvvf dovecot-configs-debian-wheezy.tar.gz


chown -R vmail:dovecot /etc/dovecot
/etc/init.d/dovecot restart

[ ok ] Restarting IMAP/POP3 mail server: dovecot.

To download dovecot-configs-debian-wheezy.tar.gz click here

8.Install Web Interface User / Domain edit Mail Frontend – Mail Admin Tool – Matv1.1

There are 4 web mail admin interfaces suggested by ISPMail tutorial:



  • Matv.1.1 – Mail Admin Tool
  • ISPWebadmin
  • Mailadm
  • VEA

I tried with ISPWebadmin and VEA, but only one that worked for me is MATv1.1. Actually I liked a lot Mail Admin tool it is simple and does support; create new mail domains, create new users in domains and add user aliases.

Mail admin tool login screen screenshot Debian / Ubuntu GNU Linux

mail admin tool matv1 postfix web mail admin tool debian gnu linux wheezy

Here is how to install

cd /var/www;
wget -q
tar -zxvvf MATv1.1.tar.gz
mv "MAT v1.1" mailadmin
cd mailadmin
cd includes
wget -q
mv config.php.txt config.php
cd /var/www/mailadmin
wget -q
mv index-matv1.php.txt index.php
chown -R www-data:www-data /var/www/mailadmin

Now point your browser to:




(where is your local or Internet IP address) and you should see Matt mailadmin popup. I hope my little tutorial will be of use to many. Comments and problems with install steps will be much appreciated and might lead hopefully to improvements of this little Postfix Install Wheezy tutorial Enjoy :)

9. Configuring Web mail access to Mail server Mailboxes with Squirrelmail and Roundcube

a) Configuring Squirrelmail to work with Postfix


apt-get install –yes squirrelmail
ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf

Squirrelmail config options default folder config none postfix debian wheezy linux

(Select option 3) – Folder Defaults

Choose Option 1 – Press 1
and set (Default Folder Prefix) to 'none'.

You can take few minutes to browse to other options too to select for example some meaningful title for your Squirrel Webmail – i.e. organization name or whatever…

That's all now to access Squirrel open in Firefox:

To test squirrel is configured correctly try to login with user with pass summersun

b)Configure Roundcube + Postfix + Dovecot

Edit /etc/roundcube/apache.conf and uncomment:

#Alias /roundcube /var/lib/roundcube


Alias /roundcube /var/lib/roundcube
Then restart Apache:


/etc/init.d/apache2 restart

 10. Testing if everything works fine together

a) Testing if mail server defined domain has properly configured DNS – PTR, MX and TXT records

First I assume here that mailserver has proper configured PTR record and it is defined properly in DNS to be MX (Mail Exchange server). You will have to contact your ISP (Internet Service Provider) and ask them to create new PTR record corresponding to hostname of mail server defined in myhostname var in /etc/postfix/
To test whether you have PTR record run:

host has address mail is handled by 0
root@websrv:/etc/dovecot# host domain name pointer

In above example you see my domain has proper defined PTR record. To test you have defined in domain DNS server (zone files) proper MX record issue:

host -t MX mail is handled by 0

Again for sake of testing you see has defined MX with priority of 0 (which in those case is highest), since there are no other defined MX domains and priorities.

It is good practice that domain name has also proper SPF record this is done with DNS server zone record of type TXT. 
Once again here is SPF record defined for

host -t TXT descriptive text "google-site-verification=j9d4Bt5c_1ukGf4WBng0i4esOqJtbxSFVkG144dFqv4" descriptive text "spf1 a mx ptr ip4: -all"

You see 2nd line is the actual SPF record descriptive text "spf1 a mx ptr ip4: -all"

First line command returns is actually Domain DKIM key. I tried configuring DKIM keys following ISPMail tutorial unsuccesfully so by installing Postfix by my tutorial you will not have to have  DKIM keys (soft) installed or TXT records for Domain Keys defined.

b) Testing if mail server is able to send (deliver) mails to other MTA's correctly Next to test whether postfix is sending mails properly use:

mail -s "This is a simple test mail, no need to reply"

Do you get this mail
Hope so :)

Note that after writing the email you have to press "." and then Enter to send the mail.

To check everything is fine with sending the mail check in /var/log/mail.log, there should be something like;

Aug 2 08:29:56 websrv postfix/smtpd[16228]: connect from localhost[]
Aug 2 08:29:57 websrv postfix/smtpd[16228]: 0D323662499: client=localhost[]
 Aug 2 08:29:57 websrv postfix/cleanup[16224]: 0D323662499: message-id=<>
 Aug 2 08:29:57 websrv postfix/qmgr[14241]: 0D323662499: from=<>, size=749, nrcpt=1 (queue active)
 Aug 2 08:29:57 websrv amavis[13958]: (13958-01) Passed CLEAN {RelayedOpenRelay}, <> -> <>, Message-ID: <>, mail_id: 1oIcE-Zc9MND, Hits: -, size: 369, queued_as: 0D323662499, 828 ms
Aug 2 08:29:57 websrv postfix/smtp[16226]: 3C4A766249B: to=<>, relay=[]:10024, delay=1, delays=0.2/0.01/0.01/0.83, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[]:10025): 250 2.0.0 Ok: queued as 0D323662499)
Aug 2 08:29:57 websrv postfix/qmgr[14241]: 3C4A766249B: removed
Aug 2 08:29:57 websrv postfix/smtp[16235]: connect to[2a00:1450:4013:c01::1b]:25: Network is unreachable
Aug 2 08:29:58 websrv postfix/smtp[16235]: 0D323662499: to=<>,[]:25, delay=1.2, delays=0.08/0.01/0.65/0.49, dsn=2.0.0, status=sent (250 2.0.0 OK 1375450198 a48si4827663eep.113 – gsmtp)
Aug 2 08:29:58 websrv postfix/qmgr[14241]: 0D323662499: removed

As you see from above output gmail server returned status of  "Success" – 250 2.0.0 Ok: quequed as 0D323662499 – this means email is delivered OK and if the mail server IP from which you're sending is not listed in some Mailserver IPs Blacklist mail should arrive in a sec.

c) Testing if Dovecot POP3 and IMAP protocol are accessible by SQL kept mail accounts

Last thing to test is Dovecot (for Qmail users for sake of comparison – Dovecot is like Couirier IMAP and Courier POP3 mail server):

To test IMAP and POP3 easiest way is to use simple telnet connections. I've earlier written a small article on How to test if IMAP and POP3 mail service is working with telnet connections, so if you never done this take 2 mins to read it. By default ISPMail adds an email with username with password summersun

telnet localhost pop3
Trying ::1…
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
PASS summersun
+OK Logged in.
+OK Logging out.
Connection closed by foreign host.

To test IMAP protocol login

telnet localhost imap
Trying ::1…
Connected to localhost.
Escape character is '^]'.
01 login summersun
telnet> quit
Connection closed.

Well this is the end my friend :) You should now have a properly running Postfix + Dovecot + Virtual Domains in SQL. Please drop me a thank you comment if it worked for you. If it doesn't drop a comment so I can integrate it and improve this tutorial. Happy Hacking ;)

Share this on

Tags: , , , , , , , , , , , , , , , , ,

8 Responses to “Install postfix on Debian Wheezy Linux / Postfix mail server with Dovecot and MySQL user storage on Debian Wheezy 7 Linux”

  1. Steffan says:

    I am the creator of Mail Admin Tool (MAT) and i noticed this guide..
    I would like to ask what have you changed in the index.php file, since you make the readers download an edited copy from your site?
    If any improvements, please send them to me so i can make a V1.2 so other people can benefit of theese improvements

    also, please post a link to and not only the .tar.gz file directly, because the filename will change when i make a v1.2!

  2. rouven says:

    First of all thanks for that Tutorial.
    There is an Error in the file: create-postfix-mysql-user-database.sql
    => Line 37 should be INSERT instead of NSERT.

  3. admin Mozilla Firefox Windows says:

    If you get error; Postfix SASL via dovecot fails with: no SASL authentication mechanism

    You probably forgot to install something!

    Try as fix to install following bunch of packages:

    apt-get install –yes mysql-client mysql-server dovecot-common dovecot-imapd dovecot-pop3d postfix libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl telnet mailutils

    Cheers :)

  4. André says:

    first of all: Thank you! ;) Just a few things you should mention:
    - /etc/amavis/conf.d/05-node_id: Change "$myhostname" to your needs. (This is for the "BANNED" mail you recieve.)
    - Outcomment EVERY line in /etc/dovecot/conf.d/auth-system.conf.ext for PAM:
    #passdb {
      #driver = pam
      # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
      # [cache_key=<key>] [<service name>]
      #args = dovecot
    This fixes the slow login, because dovecot would first try PAM before MySQL.
    - The .sql preset for the database is a bit buggy. If I remember correctly, you should first create the database, then grant permissions. I also think there was an error with the "grant all on bla" command.

  5. Ruben says:

    hello, thank you very much for the tutorial, I was able to configure my server with mysql, postfix and dovecot to perfection.

  6. Brian says:

    I am not able to get into MAT,

    [Tue Feb 11 12:17:35 2014] [error] [client] PHP Warning: mysql_connect(): Access denied for user ‘mailuser’@'localhost’ (using password: YES) in /var/www/mailadmin/includes/class_db.php on line 8, referer: http://xx.xx.xx.xx:81/mailadmin/
    [Tue Feb 11 12:17:35 2014] [error] [client] PHP Warning: mysql_select_db() expects parameter 2 to be resource, boolean given in /var/www/mailadmin/includes/class_db.php on line 9, referer: http://xx.xx.xx.xx:81/mailadmin/
    [Tue Feb 11 12:17:35 2014] [error] [client] PHP Warning: mysql_real_escape_string(): Access denied for user ‘www-data’@'localhost’ (using password: NO) in /var/www/mailadmin/includes/class_db.php on line 28, referer: http://xx.xx.xx.xx:81/mailadmin/
    [Tue Feb 11 12:17:35 2014] [error] [client] PHP Warning: mysql_real_escape_string(): A link to the server could not be established in /var/www/mailadmin/includes/class_db.php on line 28, referer: http://xx.xx.xx.xx:81/mailadmin/
    [Tue Feb 11 12:17:35 2014] [error] [client] PHP Warning: mysql_real_escape_string(): Access denied for user ‘www-data’@'localhost’ (using password: NO) in /var/www/mailadmin/includes/class_db.php on line 28, referer: http://xx.xx.xx.xx:81/mailadmin/
    [Tue Feb 11 12:17:35 2014] [error] [client] PHP Warning: mysql_real_escape_string(): A link to the server could not be established in /var/www/mailadmin/includes/class_db.php on line 28, referer: http://xx.xx.xx.xx:81/mailadmin/

    What user should be being used?

Leave a Reply