[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
howtos:network_services:postfix_dovecot_mysql:postfix [2015/02/15 07:42 (UTC)] – astrogeek | howtos:network_services:postfix_dovecot_mysql:postfix [2018/10/08 02:14 (UTC)] (current) – [Configuring The Postfix MTA] astrogeek | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== Installing The Postfix MTA ===== | + | ====== Installing The Postfix MTA ====== |
- | <note important> | + | This page is supplemental to main article: [[howtos: |
- | We will build and install | + | Postfix |
- | By default | + | We will build and install Postfix using the build script |
- | The essential steps to build postfix are... | + | By default the SBo postfix script builds with dovecot for SASL, which we need, but without the database support we also need. You might want to check the SlackBuild script at the time you build for changes or other options. |
+ | |||
+ | We will assume that you are familiar with SlackBuilds and will provide only the essential steps for building postfix here. For more detailed information please visit the [[http:// | ||
+ | |||
+ | < | ||
+ | |||
+ | The essential steps for building postfix with the required database support are (as root): | ||
+ | < | ||
+ | cd /tmp | ||
+ | wget http:// | ||
+ | tar -xvzf postfix.tar.gz | ||
+ | cd postfix | ||
+ | cat postfix.info | ||
+ | ... | ||
+ | DOWNLOAD=" | ||
+ | MD5SUM=" | ||
+ | ... | ||
+ | |||
+ | # Fetch archive from URL in DOWNLOAD line # | ||
+ | wget http:// | ||
+ | |||
+ | # Verify integrity of archive - compare | ||
+ | md5sum postfix-2.11.3.tar.gz | ||
+ | c3f0f51d8865559b40e9350eb3816011 | ||
+ | |||
+ | # Now build with database support # | ||
+ | chmod +x postfix.SlackBuild | ||
+ | DATABASE=mysql ./ | ||
+ | </ | ||
+ | |||
+ | The resulting package will be found in / | ||
+ | |||
+ | Copy the package file to the target platform if necessary and install: | ||
+ | < | ||
+ | ====== Configuring The Postfix MTA ====== | ||
+ | |||
+ | You must become familiar with the [[http:// | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | What follows is a minimum configuration to safely operate a virtual email server on the internet, but you will surely want to adapt it to your specific needs. | ||
+ | |||
+ | Postfix has two main configuration files: | ||
+ | |||
+ | * / | ||
+ | * / | ||
+ | |||
+ | The master.cf file governs operation of the master daemon which listens for mail events and manages the many postfix utility processes. | ||
+ | |||
+ | We want to listen for SMTP, SMTPS and SUBMISSION requests, so... | ||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Uncomment the following lines # | ||
+ | smtp inet n | ||
+ | submission inet n | ||
+ | smtps | ||
+ | </ | ||
+ | |||
+ | Next, we want to configure the basic network environment for our postfix MTA in / | ||
+ | However, the default main.cf is a very large file with many detailed comments and can be error prone to configure and administer. So it it recommended that you save a copy of the original and write the production version from scratch - it really isn't very long. | ||
+ | |||
+ | < | ||
+ | mv / | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | |||
+ | mynetworks_style = host | ||
+ | myorigin = $mydomain | ||
+ | |||
+ | # Change my-domain.com to the actual domain name of your server # | ||
+ | mydomain = my-domain.com | ||
+ | |||
+ | # mydestination must be localhost only to allow postfix to deliver non-virtual system mail # | ||
+ | mydestination = localhost | ||
+ | |||
+ | #IMPORTANT - relay_domains should be empty to prevent your server from becoming a spam relay! | ||
+ | #If you actually need to relay to other domains READ THE DOCUMENTATION CAREFULLY! | ||
+ | relay_domains = | ||
+ | |||
+ | # We have no local users, so no local notifications # | ||
+ | biff = no | ||
+ | </ | ||
+ | |||
+ | Now we need to configure the secure aspects of our mail server, again in main.cf: | ||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | |||
+ | # SSL certificates will be created at these locations when we configure dovecot # | ||
+ | smtpd_tls_cert_file = / | ||
+ | smtpd_tls_key_file = / | ||
+ | |||
+ | #Accept only secure smtp connections | ||
+ | smtpd_use_tls = yes | ||
+ | smtpd_tls_auth_only = yes | ||
+ | |||
+ | #Tell postfix to use dovecot for SASL | ||
+ | smtpd_sasl_type = dovecot | ||
+ | smtpd_sasl_path = private/ | ||
+ | smtpd_sasl_auth_enable = yes | ||
+ | |||
+ | #Allow ONLY authenticated users to send email | ||
+ | #Do not accept incoming email for other than local mail boxes (i.e. virtual users) | ||
+ | smtpd_recipient_restrictions = permit_sasl_authenticated, | ||
+ | </ | ||
+ | |||
+ | Finally, we must configure postfix to use the database to identify allowed domains and to authenticate smtp requests against virtual mail boxes. Again, in main.cf... | ||
+ | |||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | |||
+ | #Tell postfix to use dovecot lmtp for virtual mail delivery | ||
+ | virtual_transport = lmtp: | ||
+ | |||
+ | #Set file paths to mysql handlers for domains, mail boxes and aliases | ||
+ | virtual_mailbox_domains = mysql:/ | ||
+ | virtual_mailbox_maps = mysql:/ | ||
+ | virtual_alias_maps = mysql:/ | ||
+ | |||
+ | #Set localhost aliases path | ||
+ | alias_maps = hash:/ | ||
+ | </ | ||
+ | |||
+ | The last four files do not yet exist on the system and so, must be created. The files prefixed with " | ||
+ | |||
+ | First we must tell postfix how to identify which virtual domains it handles mail for by providing a proper query of the virtual database. This query must return true if the domain is in the database: | ||
+ | |||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | user= mailuser | ||
+ | password = {your mailuser password} | ||
+ | hosts = localhost | ||
+ | dbname = mailserver | ||
+ | query = SELECT 1 FROM virtual_domains WHERE name=' | ||
+ | </ | ||
+ | |||
+ | You may test the database connection and query with the postmap utility... | ||
+ | |||
+ | < | ||
+ | |||
+ | This will return true (1) if the domain is found, NULL if not found, and an error message if the query or connection is not correctly configured. | ||
+ | |||
+ | Also note that other database connection options | ||
+ | |||
+ | Next, we must tell postfix how to identify valid virtual mail box users. This query must also only return true if the mail box exists in the database. | ||
+ | |||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | user= mailuser | ||
+ | password = {your mailuser password} | ||
+ | hosts = localhost | ||
+ | dbname = mailserver | ||
+ | query = SELECT 1 FROM virtual_users WHERE email=' | ||
+ | </ | ||
+ | |||
+ | You may test the database connection and query with the postmap utility... | ||
+ | |||
+ | < | ||
+ | |||
+ | Next, we must tell postfix how to identify valid aliases in the database. This query must return the destination address for the alias. | ||
+ | |||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | user= mailuser | ||
+ | password = {your mailuser password} | ||
+ | hosts = localhost | ||
+ | dbname = mailserver | ||
+ | query = SELECT destination FROM virtual_aliases WHERE source=' | ||
+ | </ | ||
+ | |||
+ | You may test the database connection and query with the postmap utility... | ||
+ | |||
+ | < | ||
+ | |||
+ | Finally, we must provide local aliases for postmaster and root mail on the local machine. | ||
+ | |||
+ | < | ||
+ | vi / | ||
+ | |||
+ | # Enter the following lines # | ||
+ | postmaster: root | ||
+ | root: root | ||
+ | </ | ||
+ | |||
+ | After creating the aliases file, you must use the newaliases utility to build the local aliases database... | ||
+ | |||
+ | < | ||
+ | |||
+ | This will create the file / | ||
+ | |||
+ | It is important to provide the postmaster alias so that postfix can send operational messages to a real destination. The destination address may be a local user account or it may be a valid virtual mail box. | ||
[[howtos: | [[howtos: | ||
- | {{tag> | + | |
+ | ====== Sources ====== | ||
+ | * Based primarily on [[http:// | ||
+ | * Originally written by [[wiki: | ||
+ | {{tag> |