Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 9.10)

Version 1.0
Author: Falko Timme
Follow me on Twitter
Last edited 11/26/2009

This tutorial is Copyright (c) 2009 by Falko Timme. It is derived from a tutorial from Christoph Haas which you can find at You are free to use this tutorial under the Creative Commons license 2.5 or any later version.

This document describes how to install a mail server based on Postfix that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses.

The resulting Postfix server is capable of SMTP-AUTH and TLS and quota (quota is not built into Postfix by default, I'll show how to patch your Postfix appropriately). Passwords are stored in encrypted form in the database (most documents I found were dealing with plain text passwords which is a security risk). In addition to that, this tutorial covers the installation of Amavisd, SpamAssassin and ClamAV so that emails will be scanned for spam and viruses. I will also show how to install SquirrelMail as a webmail interface so that users can read and send emails and change their passwords.

The advantage of such a "virtual" setup (virtual users and domains in a MySQL database) is that it is far more performant than a setup that is based on "real" system users. With this virtual setup your mail server can handle thousands of domains and users. Besides, it is easier to administrate because you only have to deal with the MySQL database when you add new users/domains or edit existing ones. No more postmap commands to create db files, no more reloading of Postfix, etc. For the administration of the MySQL database you can use web based tools like phpMyAdmin which will also be installed in this howto. The third advantage is that users have an email address as user name (instead of a user name + an email address) which is easier to understand and keep in mind.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!


1 Preliminary Note

This tutorial is based on Ubuntu 9.10 Server (Karmic Koala), so you should set up a basic Ubuntu 9.10 server installation before you continue with this tutorial (e.g. as shown on the pages 1 - 3 in this tutorial: The Perfect Server - Ubuntu Karmic Koala (Ubuntu 9.10) [ISPConfig 2]). The system should have a static IP address. I use as my IP address in this tutorial and as the hostname.

Make sure that you are logged in as root (type in

sudo su

to become root), because we must run all the steps from this tutorial as root user.

It is very important that you make /bin/sh a symlink to /bin/bash...

dpkg-reconfigure dash

Install dash as /bin/sh? <-- No

... and that you disable AppArmor:

/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
aptitude remove apparmor apparmor-utils


2 Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin

To install Postfix, Courier, Saslauthd, MySQL, and phpMyAdmin, we simply run

aptitude install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl phpmyadmin apache2 libapache2-mod-php5 php5 php5-mysql libpam-smbpass

You will be asked a few questions:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword
Create directories for web-based administration? <-- No
General type of mail configuration: <-- Internet Site
System mail name: <--
SSL certificate required <-- Ok
Web server to reconfigure automatically: <-- apache2
Configure database for phpmyadmin with dbconfig-common? <-- No


3 Apply The Quota Patch To Postfix

We have to get the Postfix sources, patch it with the quota patch, build new Postfix .deb packages and install those .deb packages:

aptitude build-dep postfix

cd /usr/src
apt-get source postfix

(Make sure you use the correct Postfix version in the following commands. I have Postfix 2.6.5 installed. You can find out your Postfix version by running

postconf -d | grep mail_version

The output should look like this:

root@server1:/usr/src# postconf -d | grep mail_version
mail_version = 2.6.5
milter_macro_v = $mail_name $mail_version


gunzip postfix-2.6.5-vda-ng.patch.gz
cd postfix-2.6.5
patch -p1 < ../postfix-2.6.5-vda-ng.patch

Now we go one directory up, that's where the new .deb packages have been created:

cd ..

The command

ls -l

shows you the available packages:

root@server1:/usr/src# ls -l
total 6248
drwxr-xr-x 23 root root    4096 2009-10-29 15:29 linux-headers-2.6.31-14
drwxr-xr-x  7 root root    4096 2009-10-29 15:29 linux-headers-2.6.31-14-server
drwxr-xr-x 19 root root    4096 2009-11-26 15:42 postfix-2.6.5
-rw-r--r--  1 root src     3824 2009-11-26 15:43 postfix_2.6.5-3_amd64.changes
-rw-r--r--  1 root src  1392702 2009-11-26 15:43 postfix_2.6.5-3_amd64.deb
-rw-r--r--  1 root src   231126 2009-11-26 15:39 postfix_2.6.5-3.diff.gz
-rw-r--r--  1 root src     1191 2009-11-26 15:39 postfix_2.6.5-3.dsc
-rw-r--r--  1 root src  3325444 2009-09-01 16:08 postfix_2.6.5.orig.tar.gz
-rw-r--r--  1 root src    58389 2009-09-14 15:15 postfix-2.6.5-vda-ng.patch
-rw-r--r--  1 root src    41908 2009-11-26 15:43 postfix-cdb_2.6.5-3_amd64.deb
-rw-r--r--  1 root src   145016 2009-11-26 15:43 postfix-dev_2.6.5-3_all.deb
-rw-r--r--  1 root src   977806 2009-11-26 15:43 postfix-doc_2.6.5-3_all.deb
-rw-r--r--  1 root src    50252 2009-11-26 15:43 postfix-ldap_2.6.5-3_amd64.deb
-rw-r--r--  1 root src    43942 2009-11-26 15:43 postfix-mysql_2.6.5-3_amd64.deb
-rw-r--r--  1 root src    43956 2009-11-26 15:43 postfix-pcre_2.6.5-3_amd64.deb
-rw-r--r--  1 root src    43996 2009-11-26 15:43 postfix-pgsql_2.6.5-3_amd64.deb

Pick the postfix and postfix-mysql packages and install them like this:

dpkg -i postfix_2.6.5-3_amd64.deb postfix-mysql_2.6.5-3_amd64.deb


4 Create The MySQL Database For Postfix/Courier

Now we create a database called mail:

mysqladmin -u root -p create mail

Next, we go to the MySQL shell:

mysql -u root -p

On the MySQL shell, we create the user mail_admin with the passwort mail_admin_password (replace it with your own password) who has SELECT,INSERT,UPDATE,DELETE privileges on the mail database. This user will be used by Postfix and Courier to connect to the mail database:

GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost' IDENTIFIED BY 'mail_admin_password';
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost.localdomain' IDENTIFIED BY 'mail_admin_password';

Still on the MySQL shell, we create the tables needed by Postfix and Courier:

USE mail;

CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )

CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )

email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
quota INT(10) DEFAULT '10485760',

CREATE TABLE transport (
domain varchar(128) NOT NULL default '',
transport varchar(128) NOT NULL default '',
UNIQUE KEY domain (domain)


As you may have noticed, with the quit; command we have left the MySQL shell and are back on the Linux shell.

The domains table will store each virtual domain that Postfix should receive emails for (e.g.


The forwardings table is for aliasing one email address to another, e.g. forward emails for to

source destination

The users table stores all virtual users (i.e. email addresses, because the email address and user name is the same) and passwords (in encrypted form!) and a quota value for each mail box (in this example the default value is 10485760 bytes which means 10MB).

email password quota No9.E4skNvGa. ("secret" in encrypted form) 10485760

The transport table is optional, it is for advanced users. It allows to forward mails for single users, whole domains or all mails to another server. For example,

domain transport smtp:[]

would forward all emails for via the smtp protocol to the server with the IP address (the square brackets [] mean "do not make a lookup of the MX DNS record" (which makes sense for IP addresses...). If you use a fully qualified domain name (FQDN) instead you would not use the square brackets.).

BTW, (I'm assuming that the IP address of your mail server system is you can access phpMyAdmin over in a browser and log in as mail_admin. Then you can have a look at the database. Later on you can use phpMyAdmin to administrate your mail server.

Share this page:

18 Comment(s)

Add comment


From: batterycentury at: 2009-12-11 08:54:30

Good, new Ubuntu, seems Ubuntu has updated quickly.

From: sky7 at: 2010-06-15 02:43:36


how to integrate with postfixadmin to maintain the virtual domains? 

No missing clue using your guidance. Many thanks

From: Robsbots at: 2011-11-11 16:19:02

Top job. Works like a dream........

assuming it dosn't take three days to find a typo made when creating a file. My typo, not yours ;)

Thanks for the great How-To.

I am now contactable on several email addresses hosted as virtual domains on my server.

You Rock.


From: Kamil Frydryszek at: 2010-04-14 12:56:22

where is e-mails storage defined?

i can connect with server but i can not read email

i also can not send mail


From: Jamie Strandboge at: 2009-12-28 15:41:32

I noticed that this tutorial recommends to disable all of AppArmor. Unless you have a very specific need to do so, this is not recommended. The apparmor profiles shipped in Ubuntu are designed to work with the default installation. If a particular profile is causing you trouble, please disable the profile or put it in complain mode, and leave the other profiles that are not causing problems to do their jobs. Better yet, file a bug. :) See my blog entry at for details.

From: Anonymous at: 2010-01-30 17:25:59


I think, that it's necessary to add in line:


 without this mail is not delivered to mailbox


I'm not sure that, but it works with this option :)

From: Mikael at: 2010-01-14 19:05:28

First i create user and domain name in the database and then use mailx and send email, but no results. When i try to login i have message  ERROR: Connection dropped by IMAP server. If i try to use another username i read unknown user. If i send email from hotmail it return  "unknown user" . So no user is created when i send mail to postfix. If i use webmin i don't see mail or usermap and if  i search tail /var/log/mail.log....the user have been created. Ports are open, i telnet to localhost and everything seems to be ok.

So pls guide me ...Mikael

From: Yes at: 2010-01-23 17:55:51

Same problem here.

 /var/log/mail.err says:

Jan 23 18:27:01 ubuntu imapd: chdir No such file or directory
Jan 23 18:27:01 ubuntu imapd: my_account@ No such file or directory

It seems as IMAPD doesn't know that we are using virtual users in MySQL database instead of physical unix users.

From: Bozola at: 2010-01-31 18:47:22

You've got to manually create the mail directories under the /home/vmail directory, 'cause they ain't getting created.


Try this (replace "" with your domain):

Step 1 - create directory for the domain. You must create one for each of your domains. Must have an corresponding entry in the "domains" table.

mkdir /home/vmail/


 Steps 2 & 3 - Add new account name and grant permissions. Repeat these for every account you want. Note that these all must have a corresponding entry in the MySQL database "mail", table "users".

maildirmake /home/vmail/

chown -R vmail.vmail /home/vmail/


If I wasn't so lazy I'd include a script to sync the directory creation process with the SQL insertion/update, but there it is....

From: jaman at: 2011-07-02 04:58:20

Hi all, i have the problem about my mail server

if i sign in to my mail server always blank page and i try to show in mail log

tail -f /var/log/mail.log

Jul  2 11:50:28 mentari imapd: Connection, ip=[::ffff:]
Jul  2 11:50:28 mentari imapd: LOGIN,, ip=[::ffff:], port=[40149], protocol=IMAP
Jul  2 11:50:28 mentari imapd: LOGOUT,, ip=[::ffff:], headers=0, body=0, rcvd=30, sent=238, time=0

can anybody help me please?


From: Ryan at: 2010-02-09 00:03:51

I can confirm that this tutorial does work properly, but without logs its going to be difficult to help you.  Some of the things I noticed is that only in one place he does tell you to change the mail_admin_password to your own password and other places he doesnt.  Therefore, if you created the user acct in mysql with "secret" as a password but all your files are using mail_admin_password you should see login errors in the mail.log log.  If these passwords are different you will get the connection dropped by IMAP error.

 In regards to Bozola fix... YES, It is required but I dont think leaving that out would give you an IMAP error... your mail will just not be delivered and you will see permissions errors in your logs saying that it cannot write to a directory that does not exist.

 Anyway.. I would recommend tailing your log

#tail -f /var/log/mail.log

trying to log in via squirrelmail.. and posting the results.

From: Bung at: 2010-02-01 10:57:01

This comment was made on p4, but incase you missed it, i spent time slamming my head on the desk with this one.

 In /etc/postfix/ you might also want to add:

mailbox_transport = virtual
virtual_transport = virtual


From: Anonymous at: 2010-02-02 01:27:42

Proposed fix didn't work either.

From: radensun at: 2010-02-11 12:21:50

I also had a couple of times to get an error message like that, and found the problem only in the transport field in the table 'transports' which is in mysql. So, you just replace the be ":" (without the quotes). And you will like it. :D

I thank the author of this tutorial, because it is very useful for me.

From: micheldp at: 2010-03-02 00:53:26


Your proposed solution don't work neither ....

I verified everything ...and can't login to squirrelmail

If it works for anybody, pls give me a sign


From: at: 2010-03-11 21:01:25

wrong answer removed

From: at: 2010-05-15 16:04:33

i configured emil system as above. installed fine.

but when i send email to myself from:, to i wont received that email.

mail Log as follws:

May 15 08:41:29 mail amavis[1742]: (01742-02) Blocked SPAM, LOCAL [] [] <> -> <>, quarantine: m/spam-mVSvUVWn4KBW.gz, Message-ID: <002801caf445$0a1a58a0$1e4f09e0$@com>, mail_id: mVSvUVWn4KBW, Hits: 6.396, size: 2990, 15698 ms
May 15 08:41:29 mail postfix/smtp[1988]: 269BC226B9: to=<>, relay=[]:10024, delay=16, delays=0.07/0.01/0.04/16, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=01742-02 - SPAM)
May 15 08:41:29 mail postfix/qmgr[1674]: 269BC226B9: removed
mail postfix/smtp[1988]: 269BC226B9: to=<>, relay=[]:10024, delay=16, delays=0.07/0.01/0.04/16, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=01742-02 - SPAM)
May 15 08:41:29 mail postfix/qmgr[1674]: 269BC226B9: removed



please help me to solve this

From: Sick Person at: 2012-01-05 10:41:00

How to add autoresponder? i install courier-maildrop but it seems not working . Did also need recompile it coz ubuntu package seems not support mysql for maildrop (maildrop -v)