Postfix - HVboom/HowTo-DigitalOcean GitHub Wiki

Description

Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.

Some feautures:

Connection cache for SMTP, DSN status notifications, IP version 6, Plug-in support for multiple SASL implementations (Cyrus, Dovecot), TLS encryption and authentication, Configurable status notification message text, Access control per client/sender/recipient/etc, Content filter (built-in, external before queue, external after queue), Berkeley DB database, LDAP database, MySQL database, PostgreSQL database, Maildir and mailbox format, Virtual domains, VERP envelope return addresses and others.

:speech_balloon: copied from package description

• Postfix.org

Setup Postfix on Ubuntu

• Package installation

  sudo apt install postfix
  sudo apt install mailutils
  
  # Copy Minimal settings
  sudo cp  /usr/share/postfix/main.cf.debian main.cf
  
  sudo systemctl restart postfix
  

• Ensure your DNS Records mark your mail provider (mine is AlpHosting) as a Trusted source - see DNS MX & TXT records

• Test sending mails

  # External receiver
  echo "Test Email Body" | mail -s "Test Subject" -a "From: [email protected]" [email protected]
  
  # Internal receiver
  echo "Test Email Body" | mail -s "To BIZ - no From" [email protected]
  

Setup Postfix on FreeBSD

• Install as normal package

  sudo pkg install postfix
  
  ...
  > [1/1] Installing postfix-2.11.6,1...
  > ===> Creating users and/or groups.
  > Using existing group 'mail'.
  > Creating group 'maildrop' with gid '126'.
  > Creating group 'postfix' with gid '125'.
  > Creating user 'postfix' with uid '125'.
  > Adding user 'postfix' to group 'mail'.
  > [1/1] Extracting postfix-2.11.6,1: 100%
  > Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
  > Message from postfix-2.11.6,1:
  > To enable postfix startup script please add postfix_enable="YES" in
  > your rc.conf
  
  > If you not need sendmail anymore, please add in your rc.conf:
  
  > sendmail_enable="NO"
  > sendmail_submit_enable="NO"
  > sendmail_outbound_enable="NO"
  > sendmail_msp_queue_enable="NO"
  
  > And you can disable some sendmail specific daily maintenance routines in your
  > /etc/periodic.conf file:
  
  > daily_clean_hoststat_enable="NO"
  > daily_status_mail_rejects_enable="NO"
  > daily_status_include_submit_mailq="NO"
  > daily_submit_queuerun="NO"
  
  > If /etc/periodic.conf does not exist please create it and add those values.
  
  > If you are using SASL, you need to make sure that postfix has access to read
  > the sasldb file.  This is accomplished by adding postfix to group mail and
  > making the /usr/local/etc/sasldb* file(s) readable by group mail (this should
  > be the default for new installs).
  
  > If you are upgrading from Postfix 2.6 or earlier, review the RELEASE_NOTES to
  > familiarize yourself with new features and incompatabilities.
  ...
  

• Enable service on startup: sudo sysrc postfix_enable=yes

• Stop SMTP sendmail service: sudo service sendmail stop

• Disable SMTP sendmail service settings:

  sudo sysrc sendmail_enable=no
  sudo sysrc sendmail_submit_enable=no
  sudo sysrc sendmail_outbound_enable=no
  sudo sysrc sendmail_msp_queue_enable=no
  

• Disable SMTP sendmail periodic jobs:

  sudo touch /etc/periodic.conf
  sudo chmod 644 /etc/periodic.conf
  sudo bash -c 'echo daily_clean_hoststat_enable=\"NO\" >> /etc/periodic.conf'
  sudo bash -c 'echo daily_status_mail_rejects_enable=\"NO\" >> /etc/periodic.conf'
  sudo bash -c 'echo daily_status_include_submit_mailq=\"NO\" >> /etc/periodic.conf'
  sudo bash -c 'echo daily_submit_queuerun=\"NO\" >> /etc/periodic.conf'
  

• Setup DNS to legitimate the mail server by adding a txt record for all hosts @ with value v=spf1 a -all (see SPF record tutorial)

• Configure postfix to send-only mail server by editing /usr/local/etc/postfix/main.cf:

  • Ideas taken from Digital Ocean community

  inet_interfaces = loopback-only
  

• Setup system mail forward by setting an external mail address for root user in /etc/aliases

  • Don't forget to reload this aliases: sudo newaliases

• Start postfix service: sudo service postfix start

• Send test mail to

  • an external mail address: echo "This is the body of the email" | mail -s "This is the subject line" <mail address>
  • root: echo "This is the body of the email" | mail -s "This is the subject line" root