Postfix

Installation

Most distributions include a postfix package.

The daemon (named master) is started by running:

postfix start

On some systems, you should instead start and enable the postfix.service service.

Within a container

The bad news is that the Postfix service is designed to be launched from userspace using postfix(1), rather than being a binary that can be invoked in the foreground. This defies the architecture of modern containers.

The good news is that running Postfix in a standalone container is barely useful. Postfix will likely need to run alongside at least one other service. The solution to both issues is running a supervisor.

Consider the following configuration for Supervisord:

[supervisord]
childlogdir=/var/log/supervisord
logfile=/dev/stderr
logfile_maxbytes=0
nodaemon=true
user=root

[program:postfix]
autostart=false
command=postfix start
startsecs=0
redirect_stderr=true

Configuration

Set myhostname and mydomain to the machines hostname. If the machine is acting as the mailserver for an entire domain, set myorigin to that name.

Split Routing

Sometimes mail needs to terminate at different services. Try:

local_transport = local:$myhostname
transport_maps = lmdb:/etc/postfix/transport

/etc/postfix/transport should look like:

lists.myhostname.localdomain lmtp:unix:/tmp/lists.sr.ht-lmtp.sock
myhostname.localdomain local:myhostname

Finally, run postmap /etc/postfix/transport and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Address Rewriting

To masquerade as another email, try:

smtp_generic_maps = lmdb:/etc/postfix/generic

/etc/postfix/generic should look like:

@myhostname.localdomain [email protected]

Finally, run postmap /etc/postfix/generic and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Relay mail

To relay mail through another SMTP server, such as GMail, try:

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = lmdb:/etc/postfix/sasl/sasl_passwd
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

/etc/postfix/sasl/sasl_passwd should look like:

[smtp.gmail.com]:587 [email protected]:notarealpassword

Finally, run postmap /etc/postfix/sasl/sasl_passwd and a hashed file will be produced. If your postmap(1) does not use LMDB, replace the lmdb: with whatever algorithm was used.

Administration

Testing the service

Install mailx and send an empty email.

To test mail relay to external hosts, try:

mail -s 'Test Email' '[email protected]' </dev/null

Reviewing the queue

Two useful administrative utilities exist for reviewing the mail queue: postqueue(1) and postcat(1).

To view the mail queue, try:

postqueue -p

This will display the queued messages, the senders and recipients, and a mail ID.

To force all queued mail to be sent now, run:

postqueue -f

To instead force a singular message to be send now, run:

postqueue -i MAILID

To instead inspect a message in the queue, try:

postcat -vq MAILID

CategoryRicottone