Postfix
Chapter 78: Postfix Mail Server
Section titled “Chapter 78: Postfix Mail Server”Comprehensive Postfix Configuration
Section titled “Comprehensive Postfix Configuration”78.1 Postfix Architecture
Section titled “78.1 Postfix Architecture” Postfix Components+------------------------------------------------------------------+| || Postfix is modular: || +----------------------------------------------------------+ || | smtpd | SMTP server daemon | || | smtp | SMTP client | || | local | Local delivery agent | || | virtual | Virtual alias delivery | || | bounce | Delivery status notifications | || | cleanup | Message canonicalization | || | qmgr | Queue manager | || | pickup | Mail pickup from queue | || | tlsmgr | TLS management | || | anvil | Connection tracking | || | spawn | Spawn external commands | || +----------------------------------------------------------+ || || Mail Flow: || +----------------------------------------------------------+ || | Internet → smtpd → cleanup → qmgr → local/smtp | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+78.2 Installation
Section titled “78.2 Installation”# Installsudo apt install postfix postfix-ldap postfix-pcre # Debian/Ubuntusudo yum install postfix # RHEL/CentOSsudo pacman -S postfix # Arch
# Start servicesudo systemctl enable --now postfix78.3 Configuration
Section titled “78.3 Configuration”main.cf
Section titled “main.cf”# Identitymyhostname = mail.example.commydomain = example.commyorigin = $mydomainmydestination = $myhostname, localhost, localhost.$mydomain, $mydomain
# Networkinet_interfaces = allinet_protocols = ipv4mynetworks = 127.0.0.0/8, 10.0.0.0/8mynetworks_style = subnet
# Mailboxhome_mailbox = Maildir/mailbox_command =
# Securitysmtpd_sasl_auth_enable = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_recipient_restrictions = permit_sasl_authenticated, reject
# TLSsmtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pemsmtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.keysmtpd_tls_security_level = may
# Outbound TLSsmtp_tls_security_level = may
# Size limitsmessage_size_limit = 52428800 # 50MBmailbox_size_limit = 1073741824 # 1GB
# Loggingmaillog_file = /var/log/postfix.log
# Virtual domainsvirtual_alias_domains = hash:/etc/postfix/virtualvirtual_alias_maps = hash:/etc/postfix/virtualmaster.cf
Section titled “master.cf”smtp inet n - y - - smtpdsubmission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes
smtps inet n - y - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
pickup unix n - y 60 pickupcleanup unix n - y - cleanupqmgr unix n - n 300 qmgrtlsmgr unix - - y 1000? tlsmgrrewrite unix - - y - trivial-rewritebounce unix - - y 0 bouncedefer unix - - y 0 bouncetrace unix - - y - bounceverify unix - - y 1 verifyflush unix n - y 1000? flushproxymap unix - - n - proxymapproxywrite unix - - n - proxymapsmtp unix - - y - smtprelay unix - - y - smtpshowq unix n - y - showqerror unix - - y - errorretry unix - - y - errordiscard unix - - y - discardlmtp unix - - y - lmtpanvil unix - - y 1 anvilscache unix - - y 1 scachepostlog unix n - n - postlogd78.4 Virtual Domains
Section titled “78.4 Virtual Domains”# virtual alias domains must be listed in main.cf as virtual_alias_domains
# Format: address or @domain targetuser@example.com actualuser@example.com catchall@example.com# Generate databasesudo postmap /etc/postfix/virtualsudo postfix reload78.5 Management Commands
Section titled “78.5 Management Commands”# Test configurationsudo postfix check
# Start/Stop/Reloadsudo systemctl start postfixsudo systemctl stop postfixsudo systemctl reload postfixsudo postfix reload
# Queue managementmailq # List queuepostqueue -p # Same as mailqpostsuper -d ALL # Delete all mailpostsuper -d <ID> # Delete specificpostsuper -r ALL # Requeue allpostsuper -r <ID> # Requeue specific
# Flush queuepostfix flush
# View mail logtail -f /var/log/mail.logtail -f /var/log/postfix/postfix.log78.6 Interview Questions
Section titled “78.6 Interview Questions”Basic Questions
Section titled “Basic Questions”-
What is Postfix?
- Mail transfer agent (MTA)
-
What are the main components?
- smtpd, smtp, local, qmgr
-
What is the difference between smtpd and smtp?
- smtpd: server, smtp: client
-
How do you check mail queue?
- mailq or postqueue -p
Summary
Section titled “Summary” Quick Reference+------------------------------------------------------------------+| || Commands: || +----------------------------------------------------------+ || | sudo postfix check | Test config | || | sudo postfix reload | Reload config | || | mailq | View queue | || | postsuper -d ALL | Clear queue | || +----------------------------------------------------------+ || || Main config: /etc/postfix/main.cf || Daemon config: /etc/postfix/master.cf || |+------------------------------------------------------------------+