Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (CentOS 6.3 x86_64) - Page 3

This tutorial exists for these OS versions

On this page

  1. 9 Configure Saslauthd
  2. 10 Configure Courier
  3. 11 Modify /etc/aliases

9 Configure Saslauthd

Edit /etc/sasl2/smtpd.conf. It should look like this:

vi /etc/sasl2/smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN

Then turn off Sendmail and start Postfix, saslauthd, and courier-authlib:

chmod 755 /var/spool/authdaemon
chkconfig --levels 235 courier-authlib on
/etc/init.d/courier-authlib start

chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start


10 Configure Courier

Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/authlib/authdaemonrc and change the value of authmodulelist so that it reads

vi /etc/authlib/authdaemonrc

#authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

Then edit /etc/authlib/authmysqlrc. It should look exactly like this (again, make sure to fill in the correct database details):

cp /etc/authlib/authmysqlrc /etc/authlib/authmysqlrc_orig
cat /dev/null > /etc/authlib/authmysqlrc
vi /etc/authlib/authmysqlrc

MYSQL_SERVER localhost
MYSQL_PASSWORD mail_admin_password
MYSQL_HOME_FIELD "/home/vmail"

Then restart Courier:

chkconfig --levels 235 courier-imap on
/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart

When courier-imap is started for the first time, it automatically creates the certificate files /usr/lib/courier-imap/share/imapd.pem and /usr/lib/courier-imap/share/pop3d.pem from the /usr/lib/courier-imap/etc/imapd.cnf and /usr/lib/courier-imap/etc/pop3d.cnf files. Because the .cnf files contain the line CN=localhost, but our server is named, the certificates might cause problems when you use TLS connections. To solve this, we delete both certificates...

cd /usr/lib/courier-imap/share
rm -f imapd.pem
rm -f pop3d.pem

... and replace the CN=localhost lines in /usr/lib/courier-imap/etc/imapd.cnf and /usr/lib/courier-imap/etc/pop3d.cnf with

vi /usr/lib/courier-imap/etc/imapd.cnf


vi /usr/lib/courier-imap/etc/pop3d.cnf


Then we recreate both certificates...


... and restart courier-authlib and courier-imap:

/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart

By running

telnet localhost pop3

you can see if your POP3 server is working correctly. It should give back +OK Hello there. (type quit to get back to the Linux shell):

[[email protected] share]# telnet localhost pop3
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
<-- quit
+OK Better luck next time.
Connection closed by foreign host.
[[email protected] share]#


11 Modify /etc/aliases

Now we should open /etc/aliases. Make sure that postmaster points to root and root to your own username or your email address, e.g. like this:

vi /etc/aliases

postmaster: root
root: [email protected]

or like this (if administrator is your own username):

postmaster: root
root: administrator

Whenever you modify /etc/aliases, you must run


afterwards and restart Postfix:

/etc/init.d/postfix restart

Falko Timme

About Falko Timme

Falko Timme is an experienced Linux administrator and founder of Timme Hosting, a leading nginx business hosting company in Germany. He is one of the most active authors on HowtoForge since 2005 and one of the core developers of ISPConfig since 2000. He has also contributed to the O'Reilly book "Linux System Administration".

Share this page:

Suggested articles

1 Comment(s)

Add comment


By: pepo

I had some problems to send email though the server. Checking the maillogs I found these errors:

Apr  5 22:46:06 pepomail postfix/smtpd[23884]: connect from ******.nl[]
Apr  5 22:46:06 pepomail postfix/smtpd[23884]: warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory
Apr  5 22:46:06 pepomail postfix/smtpd[23884]: warning: SASL authentication failure: Password verification failed
Apr  5 22:46:06 pepomail postfix/smtpd[23884]: warning: *****.nl[]: SASL PLAIN authentication failed: generic failure

After a little Googleling I found that the jail of postfix causes this problem. You can solve this by adding a simlink to the authdaemon socket file inside of the chroot:

cd /var/spool/postfix
ln /var/spool/authdaemon/socket courier-authdaemon-socket

Then change the authdaemond_path in your smtpd.conf to just ‘courier-authdaemon-socket’. Restart postfix and it should work

Check for details.

Happy mailing!