This article is outdated. Updated version on building a mail server on Debian 6 is published as a free eBook here.
To install Courier with support for MySQL authorisation and POP3, POP3-SSL, IMAP and IMAP-SSL access to mailboxes you run:
apt-get install courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl
Since I do not use POP3 I am only installing
apt-get install courier-authdaemon courier-authlib-mysql courier-imap courier-imap-ssl
When asked if you would like to create directories for web-based administration, answer No.
/etc/courier/authdaemonrc and change
Create a backup of the
cd /etc/courier/ cp authmysqlrc authmysqlrc~
cat /dev/null > /etc/courier/authmysqlrc nano /etc/courier/authmysqlrc
And paste the following:
MYSQL_SERVER localhost MYSQL_USERNAME mailadmin MYSQL_PASSWORD newpassword MYSQL_PORT 0 MYSQL_DATABASE mail MYSQL_USER_TABLE mailbox MYSQL_CRYPT_PWFIELD password MYSQL_UID_FIELD 5000 MYSQL_GID_FIELD 5000 MYSQL_LOGIN_FIELD username MYSQL_HOME_FIELD "/home/vmail" MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(username,'@',-1),'/',SUBSTRING_INDEX(username,'@',1),'/') MYSQL_QUOTA_FIELD concat(quota,'S')
Notice that the QUOTE_FIELD has an “S” appended to the value. This is because Postfix Admin stores MailDir quota as an integer, and Courier maildrop expects the quota value to be in the format XXXS, where XXX represent the number of bytes that can be stored in the Maildir, and “S” stands for size.
Maildrop can also use XXXC, where “C” I guess stands for “COUNT” because this value stands for number of messages that MailDir can store.
and change values of TLS_CERTFILE and TLS_TRUSTCERTS to
To restart Courier you have to restart couple of services
/etc/init.d/courier-authdaemon restart /etc/init.d/courier-imap restart /etc/init.d/courier-imap-ssl restart
And if you have it installed POP3 as well
/etc/init.d/courier-pop restart /etc/init.d/courier-pop-ssl restart
If you would like users of every virtual domain on your server to connect to mail.their-domain.com instead of to atlantis.example.com you will have to sign new certificates for every domain and also use a separate IP address for each virtual host. Information on placing certificates for various hosts can be found in
You have to change Firewall rules to allow inbound connections to ports that Courier uses: