Postfix Postfix mailserver configuration
To install postfix, do:
Next, you will be guided thru a wizard.
Set it up the way you want, but don't worry: if you are not sure about settings, you can always run it again with
Because you also want to keep out SPAM, also install postgrey:
I'm not going to comment on the postgrey settings, as the defaults are fine. The only thing you might want to do, is to exclude certain mailservers from postgrey. Look in
/etc/postgrey/ to whitelist servers.
Below is a basic setup for a mailserver with internet access.
All IP's are blanked out, just as hostnames, this is the file
/etc/postfix/main.cf:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
delay_warning_time = 4h <-Set this because it is a bit below standard, and I want an early warning
myhostname = mail.mydomain.com
mydomain = mydomain.com
alias_maps = hash:/etc/aliases
#alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = machinename.mydomain.com, localhost.mydomain.com, localhost, mydomain, mail.mydomain.com <- I use mail.mydomain.com as standard mx record setting. You could also use smtp.mydomain.com (or anything else), but you also have to set that here then.
mynetworks = 127.0.0.0/8 192.168.1.0/8 <external IP>
home_mailbox = Maildir/ <- use something without a "/" on the end here, if you use mailfiles and not folders!
#mailbox_command = procmail -a "$EXTENSION"
mailbox_command = /usr/bin/maildrop <- this one is for mailfolders; for mailfiles, use the line outcommented above this one.
mailbox_size_limit = 0 <- set this if you want people to use only a limited size mailbox
recipient_delimiter = +
inet_interfaces = all <- could be only on a specific interface (i.e. eth0, lan0, net0)
smtpd_banner=$myhostname ESMTP $mail_name (MyCompanyname)
debug_peer_level=3
sendmail_path = /usr/sbin/sendmail.postfix
virtual_maps = hash:/etc/postfix/virtual <- only if you use virtual domains; in that case don't forget to create a file "virtual"
smtpd_recipient_restrictions = permit_mynetworks
reject_unauth_destination
check_policy_service inet:127.0.0.1:60000 <- the postgrey filter; automatically added by postgrey installation
# Defines who can send a message thru this server
smtpd_sender_restrictions = permit_mynetworks
permit_mx_backup
reject_unauth_pipelining
reject_unknown_sender_domain
reject_unverified_sender
smtpd_client_restrictions = permit_mynetworks
permit_mx_backup
reject_unauth_pipelining
smptd_delay_reject = yes
smptd_helo_required = yes
smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access
reject_invalid_hostname
End of the main.cf file.
#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimes also spoof this. If you see a pattern in your
/var/log/mail.info in the helo of a spammer, just fill out that helo in
/etc/postfix/helo_access, run
postmap /etc/postfix/helo_access
and your settings will be activated. Below is an example of a
helo_access file:
G4SERVER REJECT
hosting4u.co.kr REJECT
kkqg REJECT
friend REJECT
localhost REJECT
localhost.localdomain REJECT
sina.com REJECT
After changing your settings in
main.cf, you need to restart postfix:
If you are having issues, the first thing to do is to look in
/var/log/mail.info,
/var/log/mail.warn ,
/var/log/mail.err. These files usually tell you what's wrong with your current setup.
When a setting you just changed, looks unchanged in postfix, look in
/var/spool/postfix/etc. In this folder postfix keeps its config, as it is a chrooted service. Update settings here if needed.
Troubleshooting
On firewalls: Open port 25 for your mailserver
Check whether your ISP lets you use an e-mail server. A lot of ISP's closed off port 25 on their networks!