Postfix main cf file configuration Introduction
In this tutorial Postfix main cf configuration in Linux for SMTP server we will learn about how to configure Postfix to set as an SMTP server in Linux. Postfix is an alternative to sendmail. It is a free and open-source MTA. Postfix works as an SMTP server and provide defence against malware and spambots. However, postfix has a very limited features and requires third-party software. Postfix uses SMTP and Milter(Mail Filter) for full control over message and content.
It works as a pipeline of processes, it means if one process fails in delivering the message, postfix passes the task to other process and the other process draws back and retries the process later. This makes postfix very flexible.
If you have a plan for configuring postfix in a server in your work station, you should also consider creating SSL certificate in Linux. The tutorial How to create ssl certificate in Linux will guide you step by step.
- We will learn how to edit postfix main.cf file to setup SMTP server using relayhost
- We will also learn to set up local postfix SMTP server by editing postfix main cf file.
- We will see how to configure SMTP recipient restriction in Postfix.
- Set the mail size limit in postfix main cf file for users.
---Setup postfix SMTP server using relayhost---
Installing required packages
The package mailx and cyrus-sasl-plain must be installed with postfix.
# yum install postfix mailx cyrus-sasl-plain
If you have a Debian based system, type the below command to install postfix and other packages.
# apt-get install postfix mailx cyrus-sasl-plain
You must start the postfix service when it is installed.
# systemctl start postfix
# service postfix start
Now check postfix status by the following command
# systemctl status postfix.service Postfix.service - Postfix Mail Transport Agent Loaded: loaded (/usr/lib/systemd/system/postfix.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2017-02-13 18:20:10 IST; 9s ago Process: 7993 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS) Process: 7989 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS) Process: 7972 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS) Main PID: 8097 (master) CGroup: /system.slice/postfix.service ├─8097 /usr/libexec/postfix/master -w ├─8098 pickup -l -t unix -u ├─8099 qmgr -l -t unix -u ├─8110 cleanup -z -t unix -u ├─8117 trivial-rewrite -n rewrite -t unix -u ├─8134 smtp -t unix -u ├─8149 bounce -z -t unix -u ├─8151 local -t unix ├─8156 cleanup -z -t unix -u ├─8157 local -t unix ├─8158 bounce -z -t unix -u ├─8159 local -t unix ├─8160 smtp -t unix -u ├─8161 cleanup -z -t unix -u └─8162 local -t unix
Sendmail is a service which is used for the purpose of email routing. It supports SMTP and transfer mails. Sendmail is installed by default. But in this tutorial we are not going to use sendmail so, stop and remove sendmail service from your system.
# service sendmail stop
# yum remove sendmail
Enable boot start of postfix
To enable the postfix service to start at boot time use the below command
# systemctl enable postfix
# chkconfig postfix on
Postfix configuration and using relay host
Configure your postfix main cf file as given below. The relay host we are using here is smtp for Gmail, because we will be carrying out postfix configuration to send email via Gmail smtp server.
What is relay host or relay server? Postfix uses relay host to send email. It passes the mail from one mail server to another mail server.
Change the hostname to your server hostname. See below, copy and paste the rest of the line at the bottom your postfix main cf file.
# vi /etc/postfix/main.cf
myhostname = mail.mailmania.com
relayhost = [smtp.gmail.com]:587 smtp_sasl_password_maps = hash:/etc/postfix/pass_sasl smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sasl_auth_enable = yes smtp_use_tls = yes
Create sasl file for postfix
Create a file and name it 'pass_sasl' under postfix directory as given below. Edit the file and give any valid Gmail id and it's password.
# vi /etc/postfix/pass_sasl
Generate postfix lookup table
The postmap command is used to create a postfix database file. Postfix uses this database file as a lookup table. These lookup tables are used to store information for access control.
# postmap /etc/postfix/pass_sasl
Securing sasl_passwd file
Change the user and group ownership permission for the given file because we don't want any intruders to gain access of our secure 'pass_sasl' file. See the below examples for changing permission.
Change the user and group ownership as given below.
# chown root:postfix /etc/postfix/pass_sasl*
Change the file permission.
# chmod 640 /etc/postfix/pass_sasl*
You need to reload postfix after configuring postfix main cf file.
# systemctl reload postfix
# service postfix reload
Setup postfix as default
By now I assume you are done with postfix configuration and reloaded the postfix service.
So, if you have more than one MTA installed on the smtp server, you have to set postfix as default MTA. Verify it by the below command and type selection number to choose postfix.
# alternatives --config mta
There are 2 programs which provide 'mta'. Selection Command ----------------------------------------------- * 1 /usr/sbin/sendmail.postfix + 2 /usr/sbin/sendmail.ssmtp Enter to keep the current selection[+], or type selection number:1
In the above choose '1' to select postfix as default MTA.
Test your mail by echo command to check if postfix working.
# echo "Testing mail." | mail -s "TEST" firstname.lastname@example.org
---Set up local postfix SMTP server---
Edit hosts file and enter your hostname
Edit your server hosts file.
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.8 smtp.mytestserver.local smtp
'smtp.mytestserver.local' is the hostname of my server. Add your own server hostname in the hosts file along with IP address of the server.
Now follow the above given steps.
Now. edit your postfix main.cf file and change the following lines as given.
Line 77: Uncomment this and add your server host name
myhostname = smtp.mytestserver.local
Line 83: Uncomment the line and add domain name
mydomain = mytestserver.local
Line 99: Uncomment the line
myorigin = $mydomain
Line 113: Uncomment the line and change it to all
inet_interfaces = all
Line 119: Uncomment and set it to all
inet_protocols = all
Line 164: Comment this line
#mydestination = $myhostname, localhost.$mydomain, localhost
Line 165: Uncomment the line
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
Line 264: Edit it and set your IP address
mynetworks = 192.168.0.8/24, 127.0.0.0/8
Line 418: Comment this line
#home_mailbox = Mailbox
Line 419: Uncomment the line
home_mailbox = Maildir/
When the above change is done, then restart the postfix.service.
# service postfix restart
# systemctl restart postfix
Add a user for your postfix
# useradd roan
# passwd roan
Now, Send a test mail to roan. using 'mail' command
$ mail -s "new mail" email@example.com This is a test mail EOT
Check roan new mail inside the given directory.
$ cd /home/roan/Maildir/new
--- Configure smtp recepient restrictions---
To configure smtp recipient restriction go the the following lines in you postfix main cf file and edit as given.
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_recipient_access hash:/etc/postfix/block_domains, permit_auth_destination reject,
Let me explain these rules one by one.
This rule allow postfix to authenticate user which are outside of the network and let the sender pass through SASL.
With this rules you can allow those hosts which are specified in $mynetworks.
This rule allows you to block specified domains listed in the file.
It permits other authorized mail server to send mail to you.
---Configure mail size limit---
To limit a mail size a user can send, edit the following line. In the given line, message size limit is set in bytes 15728640.
# limit an email size for 15M message_size_limit = 15728640
Limit the mailbox size for the users with the following lines in postfix main cf file.
# limit a mailbox for 2G mailbox_size_limit = 2147483648
That's it with the article Postfix main cf file configuration in Linux for SMTP server. Please don't forget to share.