Linux Postfix Configuration:

Configure a Linux eMail Server

Also see:

This tutorial covers the configuration of a Linux email server using the Postfix MTA (Mail Transfer Agent). Virtual hosting is also covered to allow one to perform email services for multiple domains. The following configuration is for recieving inbound email.

Related YoLinux Tutorials:

°Linux eMail server tutorial

°Sendmail server configuration

°Mailman Installation / Configuration

°Internet Security

°Security tools

°Linux Networking

°YoLinux Tutorials Index

Free Information Technology Magazine Subscriptions and Document Downloads

Free Information Technology Software and Development Magazine Subscriptions and Document Downloads

Postfix Configuration:

Postfix is infinitely configurable to suit your needs. For large corporations and ISPs, Postfix can be configured to use a mySQL backend instead of using configuration files. Thus a quick insert or delete of a record can add users, domains, etc. This tutorial configures Postfix to receive email using local configuration files.

Postfix configuration file: /etc/postfix/main.cf

(Red Hat, Fedora, Suse and Ubuntu!)

Basic: 

# Common for all Postfix configurations:
smtpd_banner = $myhostname ESMTP $mail_name 
biff = no
mailbox_size_limit = 0
recipient_delimiter = +
append_dot_mydomain = no
mail_spool_directory = /var/mail

Allow no relay or outbound SMTP:

Add to file main.cf: 
relayhost =
mynetworks = 127.0.0.1/32
inet_interfaces = all

Receive email for local users: (multiple domains can be specified but an email sent to Michael is not distinguished between domains. One Michael for all domains.)

Add to file main.cf: 
myhostname = mail.megawebhost.com
mydomain = megawebhost.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
# All domains listed in mydestination are subject to /etc/aliases mapping.
# Do not list domains to be used with virtual hosts!
mydestination = $mydomain $myhostname alternateName1 localhost.localdomain localhost

Virtual host:
(receive email for multiple domains. Users distinguished between domains. Email recipient ed@megacorp.com is different than ed@charity.com)
Add this definition to support virtual hosts:

Add to file main.cf: 
# After edting file /etc/postfix/valias.txt
# run command: postmap /etc/postfix/valias.txt
# to create hash db file.
virtual_alias_maps = hash:/etc/postfix/valias.txt
# Use local unix account mailboxes for these domains
virtual_alias_domains = /etc/postfix/vhosts.txt

Add anti-SPAM measures:

Add to file main.cf: 
# Place all of the restrictions into the smtpd_recipient_restrictions:
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code  = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code   = 554

smtpd_recipient_restrictions =
#    permit_mynetworks,
#    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_invalid_hostname,
    reject_unauth_pipelining,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
#    check_client_access hash:/etc/postfix/maps/access_client,
#    check_helo_access hash:/etc/postfix/maps/access_helo,
#    check_sender_access hash:/etc/postfix/maps/access_sender,
    check_sender_access hash:/etc/postfix/access_sender,
#    check_recipient_access hash:/etc/postfix/maps/access_recipient,
    reject_rhsbl_client blackhole.securitysage.com,
    reject_rhsbl_sender blackhole.securitysage.com,
#    reject_rbl_client relays.ordb.org,  THIS SITE IS RETIRED
    reject_rbl_client blackholes.easynet.nl,
    reject_rbl_client cbl.abuseat.org,
    # reject_rbl_client proxies.blackholes.wirehub.net, THIS SITE IS RETIRED
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client zen.spamhaus.org,  
    reject_rbl_client opm.blitzed.org,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client multihop.dsbl.org,
    reject_rbl_client dul.dnsbl.sorbs.net,
    permit

smtpd_data_restrictions =
    reject_unauth_pipelining,
    permit
Note:
  • SpamHaus combines three blackhole lists: Exploits block list (exploited systems): xbl.spamhaus.org, Policy block list (non-MTA IP): pbl.spamhaus.org and Spamhaus block list: sbl.spamhaus.org, into one "zen.spamhaus.org".

File: /etc/postfix/vhosts.txt 

    megacorp.com
    charityX.org
    productX.com
Domains listed here should NOT be listed with the "mydestination" directive.

File: /etc/postfix/valias.txt

This file maps email addresses to local user names: 
joe@megacorp.com userjoe
joe@charityX.org userjoseph
info@productX.com userjoe
Upon creation or change, create the db file: postmap /etc/postfix/valias.txt
This creates the file /etc/postfix/valias.txt.db

File: /etc/postfix/access_sender 

0.0.0.0/8       REJECT Domain MX in broadcast network
10.0.0.0/8      REJECT Domain MX in RFC 1918 private network
127.0.0.0/8     REJECT Domain MX in loopback network
169.254.0.0/16  REJECT Domain MX in link local network
172.16.0.0/12   REJECT Domain MX in RFC 1918 private network
192.0.2.0/24    REJECT Domain MX in TEST-NET network
192.168.0/16    REJECT Domain MX in RFC 1918 private network
224.0.0.0/4     REJECT Domain MX in class D multicast network
240.0.0.0/5     REJECT Domain MX in class E reserved network
248.0.0.0/5     REJECT Domain MX in reserved network

Postfix configuration tutorials:

More examples:

Postfix and Mailman email list server integration and configuration:

Postfix can be configured three different ways to interface with Mailman. The following uses the /etc/aliases file for this configuration. Requires the following main.cf configuration: 

   alias_maps = hash:/etc/aliases
   alias_database = hash:/etc/aliases
File: /etc/aliases 
#
# regular aliases
#
info: user1
joe:  user1
theadore: ted
#
# mailman aliases
#
mailman:              "|/var/mailman/mail/mailman post mailman"
mailman-admin:        "|/var/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/var/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/var/mailman/mail/mailman confirm mailman"
mailman-join:         "|/var/mailman/mail/mailman join mailman"
mailman-leave:        "|/var/mailman/mail/mailman leave mailman"
mailman-owner:        "|/var/mailman/mail/mailman owner mailman"
mailman-request:      "|/var/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/var/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/var/mailman/mail/mailman unsubscribe mailman"
#
megacorp:              "|/var/mailman/mail/mailman post megacorp"
megacorp-admin:        "|/var/mailman/mail/mailman admin megacorp"
megacorp-bounces:      "|/var/mailman/mail/mailman bounces megacorp"
megacorp-confirm:      "|/var/mailman/mail/mailman confirm megacorp"
megacorp-join:         "|/var/mailman/mail/mailman join megacorp"
megacorp-leave:        "|/var/mailman/mail/mailman leave megacorp"
megacorp-owner:        "|/var/mailman/mail/mailman owner megacorp"
megacorp-request:      "|/var/mailman/mail/mailman request megacorp"
megacorp-subscribe:    "|/var/mailman/mail/mailman subscribe megacorp"
megacorp-unsubscribe:  "|/var/mailman/mail/mailman unsubscribe megacorp"
#
These entries are generated by Mailman. See the YoLinux Mailman tutorial.

Links on Postfix and Mailman integration:
(Three different methodologies)

  1. Mailman configuration: part 1 - part2 - part3 (virtual hosts)
  2. Use regular expression in configuration: Nezo.net: example and tutorial.
    Example configuration including apache
  3. Python script to glue Postfix and Mailman together for domain "lists.example.com". This method does not require the creation of aliases.:

Postfix post-configuration and test:

Check if an open relay: (you do not want to be an open relay)

Links:

Books:

"Postfix"
by Richard Blum
ISBN #0672321149, Sams

Amazon.com
"Linux Email"
by Black, Koetter, Hilderbrandt, McDonald, Rusenko and Taylor.
ISBN #190481137X, Packt

I reviewed this book and found it to be a very complete discussion with examples of the installation, configuration, integration and use of Postfix, Courier POP/IMAP, SquirelMail, SpamAssassin, ClamAV and Cyrus SASL. It is concise and to the point. How to configure a Linux email server for the most popular and useful server configurations. This book is specific to the components listed and will get you up and running fast.

Amazon.com
"Stopping Spam"
by Alan Schwartz, Debby Russell (Editor), Simson Garfinkel
ISBN #156592388X, O'Reilly and Associates

Amazon.com
"Removing the Spam : Email Processing and Filtering"
by Geoff Mulligan
ISBN #0201379570, Addison-Wesley Networking Basics Series

Amazon.com

Return to http://YoLinux.com for more Linux links, information and tutorials
Return to YoLinux Tutorial Index
Feedback Form

Copyright © 2000 - 2008 by Greg Ippolito