Difference between revisions of "Postfix"

Purpose

General Postfix notes collected while building a self hosted mail solution.

Infrastructure Overview

I am forced to use Comcast cable at home, obviously no one in their right mind would allow email sent from this network. I settled on placing the sending MTA relay in the could, while using the same relay in conjunction with an MTA at home for receiving emails. The MDA will be on on prem as well running only IMAPS and a web client that is TBD.

Basic Postfix Receive Emails for Domain

For receiving emails for a domain and delivering them locally. This uses default certificates and does not enforce the use of encryption. I was able to receive emails to both root and test system users with this from gmail. Root probably shouldn't be receiving emails.

• main.cf

compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mx1.yourdomain.com 
mydomain = yourdomain.com
myorigin = $mydomain
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
unknown_local_recipient_reject_code = 450
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
 
  
debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
readme_directory = /usr/share/doc/postfix/README_FILES
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_security_level = may
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix

MTA Relay

Running Rocky Linux on Digital Ocean.

Transport Map

I needed to specify to my external server to send emails to the internal server when they are received. ^[1]

Virtual Domains

^[2]This prevents delivering to local system accounts, which will be important as I will want to manage the accounts independently of the mail servers themselves.

Adding users

^[3] Go to the virtual mailbox maps file and add the mapping for the new user

echo 'testuser@yourdomain.com yourdomain.com/testuser' >> /etc/postfix/vmailbox
postmap /etc/postfix/vmailbox
mkdir /var/mail/vhosts/yourdomain.com/user
chown 5000:5000 /var/mail/vhosts/yourdomain.com/user
systemctl restart postfix

Maildir

^[4][5]This will be helpful for structuring emails without additional infrastructure. Working with non-unix accounts and using the exampled uid:gid of 5000, and using the default example of /var/mail/vhost/yourdomain.com/user :

• First time setup we need to create the directory structure.

mkdir -p /var/mail/vhost/yourdomain.com
chown -R mail:mail /var/mail/vhost/
mkdir /var/mail/vhost/yourdomain.com/user
chown 5000:5000 /var/mail/vhost/yourdomain.com/user