Differences between revisions 1 and 9 (spanning 8 versions)
Revision 1 as of 2022-08-20 20:08:43
Size: 1682
Editor: DominicRicottone
Comment:
Revision 9 as of 2023-05-26 13:46:51
Size: 3721
Editor: DominicRicottone
Comment:
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:

'''`postfix(1)`''' is an [[Email/SMTP|SMTP]] [[Email/MTA|mail transfer agent]].
Line 11: Line 13:
Most distributions include a `postfix` package. Most [[Linux]] and [[BSD]] distributions offer a `postfix` package.
Line 13: Line 15:
The daemon (named `master`) is started by running: For `systemd`-capable systems, [[Linux/Systemd|start and enable]] `postfix.service`.

For BSD distributions, try:
Line 21: Line 25:
=== Within a container === === Containers ===
Line 23: Line 27:
The ''bad news'' is that the Postfix service is designed to be launched from userspace using `postfix(1)`, rather than being a binary that can be invoked in the foreground. This [[Docker/Dockerfile#Run_in_foreground|defies]] the architecture of modern containers. `postfix(1)` is designed to be launched from userspace, rather than being a binary that can be invoked in the foreground. However, a new `start-fg` subcommand was added in version 3.3.
Line 25: Line 29:
The ''good news'' is that running Postfix in a standalone container is barely useful. Postfix will likely need to run alongside at least one other service. The solution to ''both'' issues is [[Docker/Dockerfile#Use_a_supervisor|running a supervisor]].

Consider the following configuration for [[Supervisord]]:		 Consider the following [[Docker/Dockerfile|Dockerfile]] as a template.
Line 30: Line 32:
[supervisord]
childlogdir=/var/log/supervisord
logfile=/dev/stderr
logfile_maxbytes=0
nodaemon=true
user=root		 FROM alpine:latest
RUN apk add --no-cache postfix
EXPOSE 25
CMD ["postfix", "start-fg"]
}}}
Line 37: Line 38:
[program:postfix]
autostart=false
command=postfix start
startsecs=0
redirect_stderr=true		 To publish this service on an interface like 10.0.0.1, try:

{{{
sudo docker build --tag postfix .
sudo docker run --detach --name my-postfix \
  --restart=always \
  --publish 10.0.0.1:25:25 \
  postfix
Line 50: Line 54:
Set `myhostname` and `mydomain` to the machines hostname. If the machine is acting as the mailserver for an entire domain, set `myorigin` to that name.



=== Split Routing ===

Sometimes mail needs to terminate at different services. Try:

{{{
local_transport = local:$myhostname
transport_maps = lmdb:/etc/postfix/transport
}}}

`/etc/postfix/transport` should look like:

{{{
lists.myhostname.localdomain lmtp:unix:/tmp/lists.sr.ht-lmtp.sock
myhostname.localdomain local:myhostname
}}}

Finally, run `postmap /etc/postfix/transport` and a hashed file will be produced. If your `postmap(1)` does not use LMDB, replace the `lmdb:` with whatever algorithm ''was'' used.



=== Address Rewriting ===

To masquerade as another email, try:

{{{
smtp_generic_maps = lmdb:/etc/postfix/generic
}}}

`/etc/postfix/generic` should look like:

{{{
@myhostname.localdomain [email protected]
}}}

Finally, run `postmap /etc/postfix/generic` and a hashed file will be produced. If your `postmap(1)` does not use LMDB, replace the `lmdb:` with whatever algorithm ''was'' used.



=== Relay mail ===

To relay mail through another SMTP server, such as GMail, try:

{{{
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = lmdb:/etc/postfix/sasl/sasl_passwd
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
}}}

`/etc/postfix/sasl/sasl_passwd` should look like:

{{{
[smtp.gmail.com]:587 [email protected]:notarealpassword
}}}

Finally, run `postmap /etc/postfix/sasl/sasl_passwd` and a hashed file will be produced. If your `postmap(1)` does not use LMDB, replace the `lmdb:` with whatever algorithm ''was'' used.
Line 55: Line 122:



=== Testing the service ===

Install `mailx` and send an empty email.

To test mail relay to external hosts, try:

{{{
mail -s 'Test Email' '[email protected]' </dev/null
}}}

Alternatively, try using [[Telnet|telnet]].
Line 88: Line 169:
----



== See also ==

[[https://man.archlinux.org/man/postfix.1|postfix(1)]]

Postfix

postfix(1) is an SMTP mail transfer agent.

Contents

  1. Postfix
    1. Installation
      1. Containers
    2. Configuration
      1. Split Routing
      2. Address Rewriting
      3. Relay mail
    3. Administration
      1. Testing the service
      2. Reviewing the queue
    4. See also

Installation

Most Linux and BSD distributions offer a postfix package.

For systemd-capable systems, start and enable postfix.service.

For BSD distributions, try: 

postfix start

Containers

postfix(1) is designed to be launched from userspace, rather than being a binary that can be invoked in the foreground. However, a new start-fg subcommand was added in version 3.3.

Consider the following Dockerfile as a template. 

FROM alpine:latest
RUN apk add --no-cache postfix
EXPOSE 25
CMD ["postfix", "start-fg"]

To publish this service on an interface like 10.0.0.1, try: 

sudo docker build --tag postfix .
sudo docker run --detach --name my-postfix \
  --restart=always \
  --publish 10.0.0.1:25:25 \
  postfix

Configuration

Set myhostname and mydomain to the machines hostname. If the machine is acting as the mailserver for an entire domain, set myorigin to that name.

Split Routing

Sometimes mail needs to terminate at different services. Try: 

local_transport = local:$myhostname
transport_maps = lmdb:/etc/postfix/transport

/etc/postfix/transport should look like: 

lists.myhostname.localdomain lmtp:unix:/tmp/lists.sr.ht-lmtp.sock
myhostname.localdomain local:myhostname

Finally, run postmap /etc/postfix/transport and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Address Rewriting

To masquerade as another email, try: 

smtp_generic_maps = lmdb:/etc/postfix/generic

/etc/postfix/generic should look like: 

@myhostname.localdomain [email protected]

Finally, run postmap /etc/postfix/generic and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Relay mail

To relay mail through another SMTP server, such as GMail, try: 

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = lmdb:/etc/postfix/sasl/sasl_passwd
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

/etc/postfix/sasl/sasl_passwd should look like: 

[smtp.gmail.com]:587 [email protected]:notarealpassword

Finally, run postmap /etc/postfix/sasl/sasl_passwd and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Administration

Testing the service

Install mailx and send an empty email.

To test mail relay to external hosts, try: 

mail -s 'Test Email' '[email protected]' </dev/null

Alternatively, try using telnet.

Reviewing the queue

Two useful administrative utilities exist for reviewing the mail queue: postqueue(1) and postcat(1).

To view the mail queue, try: 

postqueue -p

This will display the queued messages, the senders and recipients, and a mail ID.

To force all queued mail to be sent now, run: 

postqueue -f

To instead force a singular message to be send now, run: 

postqueue -i MAILID

To instead inspect a message in the queue, try: 

postcat -vq MAILID

See also

postfix(1)

CategoryRicottone

Postfix (last edited 2025-02-18 00:11:40 by DominicRicottone)