Postfix

postfix(1) is an SMTP mail transfer agent.

Installation

Most Linux and BSD distributions offer a postfix package.

For systemd-capable systems, start and enable postfix.service.

For BSD distributions, try:

postfix start

Containers

postfix(1) is designed to be launched from userspace, rather than being a binary that can be invoked in the foreground. However, a new start-fg subcommand was added in version 3.3.

Consider the following Dockerfile as a template.

FROM alpine:latest
RUN apk add --no-cache postfix
EXPOSE 25
CMD ["postfix", "start-fg"]

To publish this service on an interface like 10.0.0.1, try:

sudo docker build --tag postfix .
sudo docker run --detach --name my-postfix \
  --restart=always \
  --publish 10.0.0.1:25:25 \
  postfix

Usage

For unencrypted and unauthenticated connections, try a connection string like smtp+insecure+none://example.com:25.

Configuration

Before trying to configure Postfix, ensure that you understand the design of Postfix.

See also encryption and authentication.

Receiving Mail

Set myhostname and mydomain to the fully-qualified names. Set mydomains to the set of all 'trusted' networks. Set mydestination to the set of all domains that should be considered 'local'.

myhostname = www1.example.com
mydomain = example.com
mynetworks = 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
mydestination = $myhostname $mydomain www.$mydomain localhost localhost.localdomain

By default mail is only accepted...

• from clients in trusted networks ($mynetworks)

• from clients that authenticated with SASL

• for remote addresses matching $relay_domains

• for local addresses found in $mydestination (defaulting to $myhostname, localhost.$mydomain, and localhost)

To adjust restrictions, try configuring smtpd_relay_restrictions or (the older and less-preferred method) smtpd_recipient_restrictions.

Routing Mail

To route mail based on the recipient domain, try:

transport_maps = lmdb:/etc/postfix/transport

A transport(5) file (i.e. /etc/postfix/transport) looks like:

admin@localhost      relay:[smtp.gmail.com]:587
service1.example.com lmtp:unix:/path/to/service.sock
example.com          lmtp:0.0.0.0:24
.example.com         lmtp:0.0.0.0:24
localhost            local
.localdomain         local
*                    relay:[smtp.gmail.com]:587

The first part of each line is a pattern. The second part is an instruction:

• a local instruction attempts local delivery to the specified address

  • a bare local instruction expands to the local_transport setting, which itself defaults to local:$myhostname

• a lmtp instruction forwards mail to an LMTP server

• a smtp instruction forwards mail to an SMTP server

• a relay instruction causes mail to relayed

Bracketing an address prevents a MX record lookup; the A record alone is looked up and used naively. If even A record lookup should be skipped (i.e. for a name defined in the hosts file), additionally specify smtp_dns_support_level = disabled.

Domains prefixed with a dot (.) are a pattern for all subdomains. The example above captures localhost and *.localdomain for local delivery.

The asterisk (*) domain is a fallback route, used only if nothing else matches.

The matching happens in the hierarchical order shown above: by full address, then by full domain part, then by subdomain part, and finally the fallback.

Run postmap /etc/postfix/transport and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Address Rewriting

See here.

Posting Mail

master(8) expects mail posted locally to use $myhostname as the sender's domain. To override this, set myorigin.

myorigin = $mydomain

Administration

Testing the service

Install mailx and send an empty email.

To test mail relay to external hosts, try:

mail -s 'Test Email' '[email protected]' </dev/null

Alternatively, try using telnet.

Reviewing the queue

Two useful administrative utilities exist for reviewing the mail queue: postqueue(1) and postcat(1).

To view the mail queue, try:

postqueue -p

This will display the queued messages, the senders and recipients, and a mail ID.

To force all queued mail to be sent now, run:

postqueue -f

To instead force a singular message to be send now, run:

postqueue -i MAILID

To instead inspect a message in the queue, try:

postcat -vq MAILID

See also

postfix(1)

Postfix project documentation

CategoryRicottone