Postfix main cf file configuration in Linux for SMTP server

Postfix main cf file configuration in Linux for SMTP server
Postfix main cf file configuration in Linux for SMTP server

Postfix main cf file configuration Introduction

In this tutorial Postfix main cf configuration in Linux for SMTP server we will learn about how to configure Postfix to set as an SMTP server in Linux. Postfix is an alternative to sendmail. It is a free and open-source MTA. Postfix works as an SMTP server and provide defence against malware and spambots. However, postfix has a very limited features and requires third-party software. Postfix uses SMTP and Milter(Mail Filter) for full control over message and content.
It works as a pipeline of processes, it means if one process fails in delivering the message, postfix passes the task to other process and the other process draws back and retries the process later. This makes postfix very flexible.

If you have a plan for configuring postfix in a server in your work station, you should also consider creating SSL certificate in Linux. The tutorial How to create ssl certificate in Linux will guide you step by step.

Check out a post on postfix basic configuration by postfix.org. Configure postfix and sendmail by linode.com

Summary

  • We will learn how to edit postfix main.cf file to setup SMTP server using relayhost
  • We will also learn to set up local postfix SMTP server by editing postfix main cf file.
  • We will see how to configure SMTP recipient restriction in Postfix.
  • Set the mail size limit in postfix main cf file for users.


                              ---Setup postfix SMTP server using relayhost---


Installing required packages

The package mailx and cyrus-sasl-plain must be installed with postfix.

# yum install postfix mailx cyrus-sasl-plain

If you have a Debian based system, type the below command to install postfix and other related packages.

# apt-get install postfix mailx cyrus-sasl-plain


Start postfix

You must start the postfix service when it is installed.

# systemctl start postfix

or

# service postfix start

 Now check postfix status by the following command

# systemctl status postfix.service
Postfix.service - Postfix Mail Transport Agent
   Loaded: loaded (/usr/lib/systemd/system/postfix.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2017-02-13 18:20:10 IST; 9s ago
  Process: 7993 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
  Process: 7989 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
  Process: 7972 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
 Main PID: 8097 (master)
   CGroup: /system.slice/postfix.service
           ├─8097 /usr/libexec/postfix/master -w
           ├─8098 pickup -l -t unix -u
           ├─8099 qmgr -l -t unix -u
           ├─8110 cleanup -z -t unix -u
           ├─8117 trivial-rewrite -n rewrite -t unix -u
           ├─8134 smtp -t unix -u
           ├─8149 bounce -z -t unix -u
           ├─8151 local -t unix
           ├─8156 cleanup -z -t unix -u
           ├─8157 local -t unix
           ├─8158 bounce -z -t unix -u
           ├─8159 local -t unix
           ├─8160 smtp -t unix -u
           ├─8161 cleanup -z -t unix -u
           └─8162 local -t unix

Stop sendmail

Sendmail is a service which is used for the purpose of email routing. It supports SMTP and transfer mails. Sendmail is installed by default. But in this tutorial we are not going to use sendmail so, stop and remove sendmail service from your system.

# service sendmail stop
# yum remove sendmail


Enable boot start of postfix

To enable the postfix service to start at boot time use the below command

# systemctl enable postfix

or

# chkconfig postfix on

Postfix configuration and using relay host

Configure your postfix main cf file as given below. The relay host we are using here is smtp for Gmail, because we will be carrying out postfix configuration to send email via Gmail smtp server.
What is relay host or relay server? Postfix uses relay host to send email. It passes the mail from one mail server to another mail server.

Change the hostname to your server hostname. See below, copy and paste the rest of the line at the bottom your postfix main cf file.

# vi /etc/postfix/main.cf
myhostname = mail.mailmania.com
relayhost = [smtp.gmail.com]:587
smtp_sasl_password_maps = hash:/etc/postfix/pass_sasl
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_sasl_auth_enable = yes
smtp_use_tls = yes

Create sasl file for postfix

Create a file and name it 'pass_sasl' under postfix directory as given below. Edit the file and give any valid Gmail id and it's password.

# vi /etc/postfix/pass_sasl
[smtp.gmail.com]:587 username:password


Generate postfix lookup table

The postmap command is used to create a postfix database file. Postfix uses this database file as a lookup table. These lookup tables are used to store information for access control.

# postmap /etc/postfix/pass_sasl

Securing sasl_passwd file

Change the user and group ownership permission for the given file because we don't want any intruders to gain access of our secure 'pass_sasl' file. See the below examples for changing permission.


Change the user and group ownership as given below.

# chown root:postfix /etc/postfix/pass_sasl*

Change the file permission.

# chmod 640 /etc/postfix/pass_sasl*

Reload postfix

You need to reload postfix after configuring postfix main cf file.

# systemctl reload postfix

or

# service postfix reload


Setup postfix as default

By now I assume you are done with postfix configuration and reloaded the postfix service.
So, if you have more than one MTA installed on the smtp server, you have to set postfix as default MTA. Verify it by the below command and type selection number to choose postfix.

# alternatives --config mta
There are 2 programs which provide 'mta'.
Selection Command
-----------------------------------------------
* 1 /usr/sbin/sendmail.postfix
+ 2 /usr/sbin/sendmail.ssmtp
Enter to keep the current selection[+], or type selection number:1

In the above choose '1' to select postfix as default MTA.

Test mail

Test your mail by echo command to check if postfix working.

# echo "Testing mail." | mail -s "TEST" your_id@gmail.com

 

                                 ---Set up local postfix SMTP server---

 

Edit hosts file and enter your hostname

Edit your server hosts file.

# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.0.8 smtp.mytestserver.local smtp

'smtp.mytestserver.local' is the hostname of my server. Add your own server hostname in the hosts file along with IP address of the server.

Now follow the above given steps.

  1. Install postfix and required packages
  2. Start postfix
  3. Stop sendmail
  4. Enable postfix at boot start

Configure postfix

Now. edit your postfix main.cf file and change the following lines as given.

Line 77: Uncomment this and add your server host name

myhostname = smtp.mytestserver.local

Line 83: Uncomment the line and add domain name

mydomain = mytestserver.local

Line 99: Uncomment the line

myorigin = $mydomain

Line 113: Uncomment the line and change it to all

inet_interfaces = all

Line 119: Uncomment and set it to all

inet_protocols = all

Line 164: Comment this line

#mydestination = $myhostname, localhost.$mydomain, localhost

Line 165: Uncomment the line

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

Line 264: Edit it and set your IP address

mynetworks = 192.168.0.8/24, 127.0.0.0/8

Line 418: Comment this line

#home_mailbox = Mailbox

Line 419: Uncomment the line

home_mailbox = Maildir/


When the above change is done, then restart the postfix.service.

# service postfix restart

or

# systemctl restart postfix

Test postfix

Add a user for your postfix

# useradd roan
# passwd roan


Now, Send a test mail to roan.
using 'mail' command

$ mail -s "new mail" roan@mysmtpserver.local
This is a test mail
EOT

Check roan new mail inside the given directory.

$ cd /home/roan/Maildir/new

 

                                    --- Configure smtp recepient restrictions---

To configure smtp recipient restriction go the the following lines in you postfix main cf file and edit as given.

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        check_recipient_access hash:/etc/postfix/block_domains,
        permit_auth_destination
        reject,

Let me explain these rules one by one.

permit_sasl_authenticated

This rule allow postfix to authenticate user which are outside of the network and let the sender pass through SASL.

permit_mynetworks

With this rules you can allow those hosts which are specified in $mynetworks.

check_recipient_access

This rule allows you to block specified domains listed in the file.

permit_auth_destination

It permits other authorized mail server to send mail to you.

                                                                
                                                ---Configure mail size limit---

To limit a mail size a user can send, edit the following line. In the given line, message size limit is set in bytes 15728640.

# limit an email size for 15M
message_size_limit = 15728640

Limit the mailbox size for the users with the following lines in postfix main cf file.

# limit a mailbox for 2G
mailbox_size_limit = 2147483648


 

That's it with the article Postfix main cf file configuration in Linux for SMTP server. Please don't forget to share.

You may also like:

SMTP server for Gmail : How to send email by Linux command



 

Be the first to comment

Leave a Reply

Your email address will not be published.


*


shares