Part 5 of setting up a Linux home lab environment with VirtualBox. Check this blog post for more info.
Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail.
Software
Software used in this article:
- CentOS 6
- Postfix 2.6
Install Postfix
Install Postfix:
# yum install -y postfix cyrus-sasl-plain
In case Sendmail is installed, erase it:
# yum erase -y sendmail*
Open /etc/postfix/main.cf for editing and configure the following:
smtpd_banner = $myhostname ESMTP inet_interfaces = all inet_protocols = ipv4 relayhost = [mail.example.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CApath = /etc/ssl/certs smtp_use_tls = yes mynetworks = 127.0.0.0/8, 10.8.8.0/24 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix mail_owner = postfix #mydestination = $myhostname, localhost.$mydomain, localhost unknown_local_recipient_reject_code = 550 debug_peer_level = 2 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = no
Create /etc/postfix/sasl_passwd file and add the authentication details of the external SMTP server:
[mail.example.com]:587 [email protected]:passwd
Prevent non-root access:
# chmod 0600 /etc/postfix/sasl_passwd
Create a database file:
# postmap /etc/postfix/sasl_passwd
Restart Postfix service:
# /etc/init.d/postfix restart
Iptables will be configured via Puppet. The line below is used for the time being only:
# iptables -A INPUT -s 10.0.0.0/8 -p tcp -m state --state NEW --dport 25 -j ACCEPT
Troubleshooting
Check logs:
# tail /var/log/messages # tail /var/log/maillog
Very helpful post for setup smtp service . Thanks for sharing
Glad you found it helpful.
for setup smtp service this one is very helpful
Welcome!
Great example config. Will it work for postfix 2.10 on CentOS 7 ?
Should do, as I have a CentOS 7 VM relaying all email to my central SMTP box.
I would like to get some idea about what is the relation between postfix and dovecot, which function they serve regarding mail server setup? any thought?
Postfix is a mail transport agent (MTA), it sends email to your desired destination. Dovecot is a delivery agent (MDA), meaning it’s not responsible for receiving email from other servers (that’s Postfix’s job). Dovecot only handles email messages coming out of the local message store.
So let me see if i understand this correctly ….Postfix (an mta) is responsible for receiving and delivering email messages between server to servers.
Once they arrives at a server , Dovecot (an mda) distributing them in local mailboxes according to the intended recipient.
And from there, its a mail clients’ job (like roundcube) to help user get his mail from his mailbox.
Correct me if i am wrong.
Yes, in general. Dovecot stores emails on a server and lets you fetch messages using POP3 and IMAP protocols. Roundcube is a webmail interface so that you can read emails using a web browser. Roundcube uses IMAP which is provided by Dovecot.
Hello, I would like to ask if its possible to have a smtp relay with mail transfer agent?
Can you clarify the question please? A mail relay is the same thing as a mail transfer agent. They both transfer mail from one machine to another.
ahhhh okay thank you!, and sorry i am like new to setting up server thats why i’d ask haha well thanks again tomas!
No worries, you’re welcome!
Hi.
Great post, i have a question , i configured postfix in my rhel server, when i tried to send mail the remote relay mail server display this in my mailog.
“(host smtp.host.com[19x.1xx.xx.xx] said: 530 Authentication required (in reply to MAIL FROM command))
I put the user and passwd in sasl_passwd in this format:
[smtp.host.com]:25 [email protected]:user_password
Any idea …
Regards,
I’d say that something is still wrong with SMTP credentials. You may want to try SSMTP first and see if you can send an email out (use mailx) as it’s easier to configure it compared to Postfix.
I don’t know your level of experience, but you can also try sending an email out via telnet. That’s what I usually do when I have to troubleshoot SMTP issues.
Hi. Hope you can give me a hand with this… im going a little crazy…
This is the desing:
local network
(zimbra (192.168.1.5)) ——— (postfix (192.168.1.20))
in different machines (yes i know that zimbra have postfix, but i want
config postfix in a different machine), so i dont have users in the postfix
machine for receive mails.
The idea is using postfix for send the mails from zimbra, and take the mails that people send to user in zimbra (from the world).
this is all my config:
main.cf
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydomain = mydomain.org.ar
myhostname = postfix.mydomain.org.ar
myorigin = $mydomain
relayhost = email.$mydomain
relay_domains = mydomain.org.ar
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = mydomain.org.ar
smtpd_sasl_path = /etc/sasl2/smtpd.conf
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
unknown_local_recipient_reject_code = 550
—————————————————————-
master.cf
smtp inet n – n – – smtpd
pickup unix n – n 60 1 pickup
cleanup unix n – n – 0 cleanup
qmgr unix n – n 300 1 qmgr
tlsmgr unix – – n 1000? 1 tlsmgr
rewrite unix – – n – – trivial-rewrite
bounce unix – – n – 0 bounce
defer unix – – n – 0 bounce
trace unix – – n – 0 bounce
verify unix – – n – 1 verify
flush unix n – n 1000? 0 flush
proxymap unix – – n – – proxymap
proxywrite unix – – n – 1 proxymap
smtp unix – – n – – smtp
relay unix – – n – – smtp
showq unix n – n – – showq
error unix – – n – – error
retry unix – – n – – error
discard unix – – n – – discard
local unix – n n – – local
virtual unix – n n – – virtual
lmtp unix – – n – – lmtp
anvil unix – – n – 1 anvil
scache unix – – n – 1 scache
I receive mails that i send from my gmail account to mails in zimbra, but if i want reply i got this error.
I mean zimbra is receiving mails to [email protected] but from [email protected] i got this error
Nov 2 13:19:16 postfix postfix/smtp[3575]: B963BAFC0D: to=, relay=email.mydomain.org.ar[190.2.120.196]:25, delay=0.05, delays=0.01/0.01/0.01/0.01, dsn=5.7.1, status=bounced (host email.mydomain.org.ar[190.2.120.196] said: 554 5.7.1 : Relay access denied (in reply to RCPT TO command))
Can you give me a hand?? what im doing wrong??
Thanks
The way I understand it is that you try to send an email from mydomain.org.ar to mydomain.org.ar and it bounces back because it’s not allowed on your relay server.
Is the server email.mydomain.org.ar configured to relay emails for the domain mydomain.org.ar?
Hi, I’m new with postfix here, I want to configure my local server to relay mail to our external mail server. Could you advise me please, what are the CA certificate used on the smtp_tls_CApath = /etc/ssl/certs ?
Is it the smtp server’s cert or generate one from my local server?
Thanks.
The smtp_tls_CApath is a directory with CA certificates that the Postfix client uses to verify a remote SMTP server certificate. You can also store your own imported trusted CAs in the same folder if you wish.