How To Setup a DavMail Exchange Gateway on a Debian 7 VPS


In case your workplace uses  Microsoft Exchange for E-mail, and you want to  Exchange E-mail account from those E-mail clients who do not provide support to Exchange protocol.

DavMail offers a solution by converting Microsoft Exchange to open protocols like IMAP,POP, SMTP, Carddav, LDAP and Caldav.


requires dependencies  by Davmail for proper working. These can be installed with apt:

sudo apt-get install default-jre libswt-gtk-3-java libswt-cairo-gtk-3-jni

Debian package has been made available by theDavMail project on their website through [SourceForge (

To download the latest packages:


Now DavMail can be installed with dpkg:

sudo dpkg -i davmail_4.4.1-2225-1_all.deb

Basic Configuration

By default, the configuration file of DavMail does not exist. You can use any text editor of yours for creating one:

sudo vi /etc/

DavMail should be set to server mode so that X11 is not required by it:


Now remote mode needs to be enabled and bind address needs to be set to the IP address of your server or it can be set blank:


Set davmail.url  to your Outlook Web Access/ Outlook Web App URL, that generally ends in/owa:


Your connection mode should be set to:


These are the ports options:


Now save and close the configuration file.

Create A SSL Certificate

you need SSL private key to enable the SSL encryption, a SSL certificate in PEM format. In case the certificate has been bought from a Certificate Authority, then you should already possess your key and certificate. If this is the case, then continue to the section of Configuring SSL below. Alternatively, a self-signed certificate can be generated by following the steps given.

Use OpenSSL for generating a RSA key:

sudo openssl genrsa -out /usr/lib/ssl/private/davmail.key 2048

Ensure that root owns the key and all the permissions are properly set:

sudo chown root:root /usr/lib/ssl/private/davmail.key
sudo chmod 600 /usr/lib/ssl/private/davmail.key

Now, a certificate signing request is to be created:

sudo openssl req -new -key /usr/lib/ssl/private/davmail.key -out /usr/lib/ssl/certs/davmail.csr

Multiple questions will now be asked by OpenSSL.

Jstt follow the steps below:

Common Nameis the only important field that needs to be set to your server’s IP address or its domain name which email clients (like or can then access.You can leave all the other fields with anything or can set them to their defaults just by just pressing enter:

You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:Pokhara
Locality Name (eg, city) [Default City]:Kathmandu
Organization Name (eg, company) [Default Company Ltd]:Tech-firm
Organizational Unit Name (eg, section) []:Keyboard Cat Department
Common Name (eg, your name or your server's hostname) []
Email Address []:[email protected]

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Use your private key for signing the certificate and the expiration date can be set using the -days argument:

sudo openssl x509 -req -signkey /usr/lib/ssl/private/davmail.key -in /usr/lib/ssl/certs/davmail.csr -out /usr/lib/ssl/certs/davmail.crt -days 365

The certificate will expire in a year (365 days) with these settings.

Now you possess an SSL certificate of your own!

Configuring SSL

Since you now possess your own SSL certificate, convert it to a format that can be understood by DavMail. The examples that follow will utilize the certificate and key that were generated above. In case a certificate is purchased from a Certificate Authority, then those files should be utilized instead of davmail.key and davmail.crt.

You need to begin by joining cat with yourkey and certificate file:

sudo -s cat /usr/lib/ssl/private/davmail.key /usr/lib/ssl/certs/davmail.crt > /usr/lib/ssl/certs/davmail.pem

Again, permissions need to be set so that key file can only be accessed by the root:

sudo chown root:root /usr/lib/ssl/certs/davmail.pem
sudo chmod 600 /usr/lib/ssl/certs/davmail.pem

Now your combined certificate and key needs to be converted to a pkcs12 file:

sudo openssl pkcs12 -export -in /usr/lib/ssl/certs/davmail.pem -out /usr/lib/ssl/certs/davmail.p12 -name “davmail”

Prompt will be given for entering an export password and this field can not be left blank!

A password must be set for DavMail to work properly.

Permissions can be set by:

sudo chown root:root /usr/lib/ssl/certs/davmail.pem
sudo chmod 600 /usr/lib/ssl/certs/davmail.pem

Now to open config file:

sudo vi /etc/

The configuration options provided below inform DavMail of the pkcs12 file’s location that was just generated and the set passphrase:


Both davmail.ssl.keyPass  and davmail.ssl.keystorePass  should possess the exact value. The configuration file needs to be saved.

You can now utilize your SSL certificate as DavMail stands configured.

Start DavMail

As the Debian package that was earlier downloaded does not include an init script, therefore we need to create our own.

A new file can be created using your favored text editor:

sudo vi /etc/init.d/davmail

The following should be copied and pasted into the file:

#! /bin/sh
# Provides:          davmail
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: DavMail Exchange gatway
# Description:       A gateway between Microsoft Exchange and open protocols.


    DESC="Davmail Exchange gateway"

    # Exit if the package is not installed
    [ -x "$DAEMON" ] || exit 0

    # Read configuration variable file if it is present
    [ -r /etc/default/$NAME ] && . /etc/default/$NAME

    # Load the VERBOSE setting and other rcS variables
    . /lib/init/

    # Define LSB log_* functions
    . /lib/lsb/init-functions

    # Function that starts the daemon/service
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
            || return 1
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
            $DAEMON_ARGS >> $LOGFILE 2>&1 &
        [ $? != 0 ] && return 2
        echo $! > $PIDFILE
        exit 0

    # Function that stops the daemon/service
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
        [ "$RETVAL" = 2 ] && return 2.
        start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
        [ "$?" = 2 ] && return 2
        rm -f $PIDFILE
        return "$RETVAL"

    case "$1" in
        [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
        case "$?" in
            0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
            2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
        case "$?" in
            0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
            2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
           status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
        log_daemon_msg "Restarting $DESC" "$NAME"
        case "$?" in
            case "$?" in
                0) log_end_msg 0 ;;
                1) log_end_msg 1 ;; # Old process is still running
                *) log_end_msg 1 ;; # Failed to start
            # Failed to stop
            log_end_msg 1
        echo "Usage: $SCRIPTNAME {start|stop|status|restart| force-reload}" >&2
        exit 3

Now save and close the file.

The script can be marked as executable, the service can be started, and it can be enabled at boot:

sudo chmod +x /etc/init.d/davmail
sudo service davmail start
sudo update-rc.d davmail defaults

Client Configuration

Now server is up and running you can begin configuring your E-mail clients. You can utilize the “manual” options of your E-mail client for creating a new account.

Both the SMTP and IMAP server will be your server’s IP address or domain name, according to the Common Name that you have used on your SSL certificate. Your email address without domain name will be the username for both SMTP and IMAP. For instance: [email protected] is your email ID, so tom is your username. Ensure that both SMTP and IMAP have been set for utilizing SSL/TLS and not STARTTLS.

Some email clients of yours will generate warnings as a self-signed certificate is being used by you. However, since you created it yourself, accepting it is safe in this case.

You can now utilize your Microsoft Exchange E-mail account with open technologies for sending or receiving your E-mail!







KB Admin has written 46 articles