Customize Plesk 11 Mail Settings

Customize Plesk 11 Mail Settings

This tutorial is meant to customise and secure the postfix and dovecot mail servers installed with Plesk 11 on Centos 6.
We are covering the next points:
  • Change Max connections settings
  • Secure and avoid spamming
  • Customize error and bounce messages
  • Change the SSL certificate

Changing max connections to allow several computers from a same office IP address:

vi /etc/courier-imap/imapd

Find next vars and edit them, these values are pretty nice for a quad core server with 8GB RAM and 10-25 domains and 5 email accounts per domain.
MAXDAEMONS = 120
MAXPERIP = 40


To edit Postfix config and secure the server:

vi /etc/postfix/main.cf


#The maximal number of message delivery requests that any client is allowed to make to this service per time unit, regardless of whether or not Postfix actually accepts those messages. The time un        it is specified with the anvil_rate_time_unit configuration parameter.
smtpd_client_message_rate_limit = 40

# The maximum number of recipient addresses that an SMTP client may specify in the time interval specified with anvil_rate_time_unit (default: 60s).
smtpd_client_recipient_rate_limit = 30

# The maximal number of recipients that the Postfix SMTP server accepts per message delivery request. (default:1000).
smtpd_recipient_limit = 30   

# Request that the Postfix SMTP server rejects mail for unknown recipient addresses, even when no explicit reject_unlisted_recipient access restriction is specified. This prevents the Postfix queue from filling up with undeliverable MAILER-DAEMON messages.
 
smtpd_reject_unlisted_recipient = yes
    

# Request that the Postfix SMTP server rejects mail from unknown sender addresses, even when no explicit reject_unlisted_sender access restriction is specified. This can slow down an explosion of forged mail from worms or viruses.
smtpd_reject_unlisted_sender = yes

#Edit default error message for email clients
smtpd_reject_footer = For assistance, contact us at support@YOURDOMAIN.com.
      Please provide the following information in your problem report:  time ($localtime), client ($client_address) and server ($server_name).


Customise postfix Delivery error messages:

Copy this template http://pastebin.com/rhvwnFxT into for example /etc/postfix/bounce.custom.cf
Finally just set the var 


bounce_template_file = /etc/postfix/bounce.custom.cf


To Change the SSL certificate:
It is a good idea since a signed certificate can be found nowadays from 5-10$ a year.

Create your pem file and copy it to the following routes: (to create a PEM file, just paste yuor CSR, CRT, CA and CA2 in a file with .pem extension)
  • /usr/share/imapd.pem 
  • /usr/share/pop3d.pem 
  • /etc/postfix/postfix_default.pem

Restart postfix
service postfix restart

Restart courier
/etc/init.d/courier-authdaemon restart

Share this post