Tutorial

How To Setup DavMail on CentOS 6

Published on February 14, 2014
author

Jesse TeKrony

How To Setup DavMail on CentOS 6

Status: Deprecated

This article covers a version of CentOS that is no longer supported. If you are currently operating a server running CentOS 6, we highly recommend upgrading or migrating to a supported version of CentOS.

Reason: CentOS 6 reached end of life (EOL) on November 30th, 2020 and no longer receives security patches or updates. For this reason, this guide is no longer maintained.

See Instead: This guide might still be useful as a reference, but may not work on other CentOS releases. If available, we strongly recommend using a guide written for the version of CentOS you are using.

Introduction


If your workplace or school uses Microsoft Exchange for E-mail, you may wish to access your Exchange E-mail account from E-mail clients that do not support the Exchange protocol. DavMail provides a solution, translating Microsoft Exchange to open protocols like POP, IMAP, SMTP, Caldav, Carddav, and LDAP.

Installation


Installing DavMail on CentOS 6 will require adding a 3rd party repository. Download the .repo file and update your yum cache:

sudo curl -o /etc/yum.repos.d/home:marcindulak.repo http://download.opensuse.org/repositories/home:/marcindulak/CentOS_CentOS-6/home:marcindulak.repo
sudo yum update

Then, install DavMail with yum:

sudo yum install davmail

You will have to install an additional package so the included init script functions properly:

sudo yum install redhat-lsb-core

Basic Configuration


DavMail’s configuration file is located at /etc/davmail.properties. Open it in your favorite text editor:

sudo nano /etc/davmail.properties

Set DavMail to server mode so it doesn’t require X11:

davmail.server=true

Enable remote mode and set the bind address to your droplet’s IP address or set it blank:

davmail.allowRemote=true
davmail.bindAddress=

Set davmail.url to your Outlook Web App/Outlook Web Access URL, which usually ends in /owa:

davmail.url=https://yourcompany.com/owa 

The default ports that DavMail uses are non-standard, and you will probably want to change them to ease the process of setting up E-mail clients. To configure DavMail to use the default ports for SSL encrypted IMAP and SMTP, change the davmail.imapPort and davmail.smtpPort options:

davmail.imapPort=993
davmail.smtpPort=465

Save and close the configuration file.

Create A SSL Certificate


In order to enable SSL encryption, you will need a SSL certificate and SSL private key in the PEM format. If you have purchased a certificate from a Certificate Authority, then you should already have your certificate and key. If so, continue to the Configuring SSL section below. Otherwise, you can generate a self-signed certificate by following these steps.

Generate a RSA key with OpenSSL:

sudo openssl genrsa -out /etc/pki/tls/private/davmail.key 2048

Make sure the key is owned by root and permissions are set properly:

sudo chown root:root /etc/pki/tls/private/davmail.key
sudo chmod 600 /etc/pki/tls/private/davmail.key

Now, create a certificate signing request:

sudo openssl req -new -key /etc/pki/tls/private/davmail.key -out /etc/pki/tls/certs/davmail.csr

OpenSSL will now ask you several questions. The only important field is Common Name, which should be set to the domain name or IP address of your droplet which will be accessed by your E-mail clients (for example davmail.mydomain.com or 123.123.123.123). The other fields can be left at their defaults by just pressing enter or can be filled in with anything:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:New York
Locality Name (eg, city) [Default City]:New York City
Organization Name (eg, company) [Default Company Ltd]:Lolcats United
Organizational Unit Name (eg, section) []:Keyboard Cat Department 
Common Name (eg, your name or your server's hostname) []:mydomain.com
Email Address []:me@mydomain.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Sign the certificate request using your private key, setting the expiration date with the -days argument:

sudo openssl x509 -req -signkey /etc/pki/tls/private/davmail.key -in /etc/pki/tls/certs/davmail.csr -out /etc/pki/tls/certs/davmail.crt -days 365

With the settings above, the certificate will expire in 365 days (a year).

You now have your own SSL certificate!

Configuring SSL


Now that you have your SSL certificate, you will have to convert it into a format DavMail understands. The following examples will use the key and certificate we generated above. If you purchased a certificate from a Certificate Authority, then use those files in place of davmail.key and davmail.crt.

Start by combining your certificate and key file with cat:

sudo cat /etc/pki/tls/private/davmail.key /etc/pki/tls/certs/davmail.crt > /etc/pki/tls/certs/davmail.pem

Once again, set permissions so only root can access the key file:

sudo chown root:root /etc/pki/tls/certs/davmail.pem
sudo chmod 600 /etc/pki/tls/certs/davmail.pem

Now convert your combined key and certificate to a pkcs12 file:

openssl pkcs12 -export -in /etc/pki/tls/certs/davmail.pem -out /etc/pki/tls/certs/davmail.p12 -name “davmail”

You will be prompted to enter an export password. This can not be blank! You must set a password, or DavMail will not work properly.

Set permissions:

sudo chown root:root /etc/pki/tls/certs/davmail.pem
sudo chmod 600 /etc/pki/tls/certs/davmail.pem

Now open your DavMail configuration again:

sudo nano /etc/davmail.properties

Add the following configuration options to inform DavMail of the location of the pkcs12 file you just generated and the passphrase you set:

davmail.ssl.keystoreType=PKCS12
davmail.ssl.keystoreFile=/etc/pki/tls/certs/davmail.p12
davmail.ssl.keyPass=password
davmail.ssl.keystorePass=password

Both davmail.ssl.keyPass and davmail.ssl.keystorePass should should have the same value. Save the configuration file.

Start DavMail


Because of the way Linux systems work, the ports we are using (993 and 465) require root access to open. This means the DavMail must be run as root. By default, the init script shipped with the DavMail package starts Davmail as the “davmail” user and will fail to start with our configuration. This can be fixed with a small tweak to the init script.

Make a copy of the default init script:

sudo cp /etc/init.d/davmail /etc/init.d/davmail-root

Open the copy in your favorite text editor:

sudo nano /etc/init.d/davmail-root

Search for the line in the start() function that starts with su - davmail and replace davmail with root. The line should now look like this:

[...]
su - root -s /bin/sh -c "exec nohup $DAVMAIL_HOME/davmail $DAVMAIL_CONF >> $LOGFILE 2>&1 &"
[...]

Save and close the file. Start DavMail using your modified init script:

service davmail-root start

And finally, configure DavMail to start at boot:

chkconfig davmail-root on

Client Configuration

Now that the virtal server is running, you are ready to configure your E-mail clients. Create a new account using the “manual” options of your E-mail client. Both the IMAP and SMTP server will be the domain name or IP address of your droplet, depending on what you used for the Common Name on your SSL certificate. The username for IMAP and SMTP will both be your E-mail address without the domain name. Example: Your E-mail is bob@yourcompany.com, so your username is bob. Make sure both IMAP and SMTP are set to use SSL/TLS and not* STARTTLS.

You will get warnings from your E-mail clients because you are using a self-signed certificate. It is safe to accept the certificate in this case, because you are the one who created it.

Specific instructions for Thunderbird, Mac OSX, and iOS are available at DavMail’s website.

You should now be able to send/recieve E-mail using your Microsoft Exchange E-mail account using open technologies!

<div class=“author”>Submitted by: <a href=“http://jtekrony.com”>Jesse TeKrony</a></div>

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about our products

About the authors
Default avatar
Jesse TeKrony

author

Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
3 Comments


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

It looks like this doesn’t work anymore. Davmail isn’t available in that repo.

AWESOME! Thanks for this!!

For the last command,

should be:

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Join the Tech Talk
Success! Thank you! Please check your email for further details.

Please complete your information!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.