Well, I setup a linux vm at work running Ubuntu with a static ip and an internal domain (devteam.grp) to use for our source control and PM web app (Subversion with Redmine).

I also needed a mail server for sending and receiving mail for the devteam.grp domain. I wanted a mail server that could handle multiple domains yet have a simple installation; and the only thing that I fould was Citadel which was a very good but had way too many features for what I needed. Ubuntu has a package for it which made it easy to install but I ran into other issues afterwards.

• I wasn't able to send to external domains from localhost.
• I could only send mail to other local accounts from localhost.
• I couldn't receive any emails from the company email accounts.

I decided I didn't need to have the feature rich Citadel so I opted for the Dovecot/Postfix combination for pop3/imap and smtp. I ended up un/installing the pair a number of times over the last few days to figure out the problems through trial and error. A lot of the time was spent googling and some of the links that helped me in my search for a solution were:

• iptables - https://help.ubuntu.com/community/IptablesHowTo
• ufw firewall - https://help.ubuntu.com/8.04/serverguide/C/firewall.html
• Postfix SMTP relay and access control - http://www.postfix.org/SMTPD_ACCESS_README.html
• Selectively relaying emails using postfix - http://techsk.blogspot.com/2009/04/selectively-relay-emails-using-postfix.html
• Can't send mail through Postfix server - http://ubuntuforums.org/showthread.php?t=1128025
• Setting up SMTP Authentication over TLS with Postfix - http://rene.bz/node/4
• Basic Postfix configuration and preparation for SMTP AUTH - http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_configuration.html

My fix was to:

• Completely uninstall Dovecot and Postfix including configuration files.
• Flushed the iptables (iptables -F) and allowed all access for now then configure it later.
• Disabled the firewall (ufw - enabled it later and only allowed access to the required ports).
• Made sure there was an MX record for the mail server.
• I had to get the network admin to allow relays for the domain (devteam.grp) in MS Exchange.
• Reinstall Dovecot from Synaptic Package Manager in Ubuntu (dovcot-common, dovecot-pop3d, dovcot-imapd and dovecot-postfix packages)
• In the /etc/postfix/main.cf config file, I made sure that the "mydestination" parameter contained my domain name (devteam.grp) as well as the computer name (along with the other defaults). I also placed all the company domains in the "relay_domains" parameter.

Here's my config:
##########################################################

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = fcsbungaydevlinux
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = devteam.grp, fcsbungaydevlinux, localhost.localdomain, localhost
relayhost =
relay_domains = $mydestination, company1.ca, company2.grp, company3.ca
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_received_header = yes
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom
########################################################## 

In the /etc/dovecot/dovecot-postfix.conf file, I set the "protocols" to "pop3 imap" and the "disable_plaintext_auth" to "no". I didn't make any other changes.

It seems like such a quick thing to setup now that I write down my process but it took a while to figure out what needed to be done in the first place LOL

The only problem I'm having right now is that mail I send from my company email on the network to devteam.grp is returned undeliveralbe:

 
This message was created automatically by the SMTP relay on mail.company1.ca.
  
A message that you sent could not be delivered to all of its recipients.
The following address(es) failed:
 
  santosh@devteam.grp
    Unrouteable address

Strange thing is that another company domain on the network don't have this problem.  Well it's not quite that strange; we've got multiple MS Exchange servers setup for the various company domains and it's probable that the relaying on exchange server for company1.ca hasn't been configured.

I think RC's (one of our network admins) going to get sick of all my emails