With the release of Red Hat Enterprise Linux 6, Postfix has become the default open source mail tool for sending and receiving messages. Setting up Postfix can be easy, if you know what type of service to configure and which base parameters to modify for that
Postfix is a Message Transfer Agent (MTA), which means it talks to other mail servers as it routes the message to the right mail server. This tip will walk you through your own MTA configuration.
Before starting, it is important to know how to set up your configuration on the different machines that are involved. For instance, if a message needs to be sent to firstname.lastname@example.org, the Postfix mail server will contact the mail server responsible for the example.com domain and send the message to it. The DNS MX resource record is used to determine which mail server is responsible for a given domain.
Postfix is also used to receive incoming messages. When a message is received, Postfix will drop it into a directory on the local file system, and it's up to a mail client to use it.
Mail server roles
In a typical Internet environment, there are three common mail server roles:
- The null client: This is the Postfix process that runs on a local user machine. The only thing it needs to do is to forward mail to a central server.
- The inbound mail server: This is the server that handles incoming mail and has the responsibility for putting messages in a local directory, where a POP or IMAP server further process it.
- The outbound mail relay: This is the server that forwards messages on behalf of others to their final destination. It is important that some degree of protection is added to this server to make sure it cannot be abused for spam.
Configuring a Postfix mail server
The first step in configuration of Postfix is to change some lines in the main configuration file, /etc/postfix/main.cf. There are many lines in this file, but these are the pertinent ones:
inet_interfaces: This parameter is used to define on which network card Postfix should listen for incoming mail. It is typically set to “all” for the inbound and outbound mail server and to “loopback” for only the null client.
myorigin: This parameter is used to rewrite mail to appear to come from a given domain. For instance, if bob at the host server.example.com sends a message, the typical sender address would be email@example.com. In an Internet environment, the name of the server is not important. It is common to simplify the domain name to example.com. This is usually done for all three mail server roles.
relayhost: Only the outbound mail server normally contacts mail servers of other domains directly. All other mail server roles are using the outbound mail server to do this. In order to send mail correctly, the inbound mail server and the null client need a relay host, which specifies the name of the outbound mail server to use. The server name must be placed between square brackets to tell the Postfix process that no DNS MX server lookup has to be done.
mydestination: An incoming mail server needs to know which destinations it is responsible for, so mydestination needs to be specified on the incoming mail server. It normally contains the domain name that the server handles incoming mail for, such as example.com.
mynetworks: This option specifies the networks this mail server allows relaying. On an incoming mail server, which should accept mail from any external client, it should be set to the loopback address only. But for the outgoing mail server, it will depend on how the mail server is used. If the outgoing mail server is available only to clients on the local LAN, then the local LAN address should be included. This ensures that no one from an unknown network is able to abuse this server. If the mail server has to be used by mobile clients with IP addresses that change, no IP address should be used, and it must be left open. In this scenario, another security method should be implemented to protect the server from spam abuse.
After applying these parameters to the mail servers, restart the Postfix process to start the mail environment and make it operational using service postfix restart and chkconfig postfix to ensure the Postfix process is automatically activated after a server restart.
The next step in setting up Postfix in your data center for mail is working on mail security to protect the servers from abuse by spam.
ABOUT THE AUTHOR: Sander van Vugt is an author and independent technical trainer, specializing in Linux since 1994. He is also a technical consultant for high-availability (HA) clustering and performance optimization, as well as an expert on SLED 10 administration.
This was first published in May 2011