These classnotes are depreciated. As of 2005, I no longer teach the classes. Notes will remain online for legacy purposes

UNIX03/Configure Postfix

Classnotes | UNIX03 | RecentChanges | Preferences

/etc/postfix/main.cf

Our /etc/postfix/main.cf should contain roughly something like the following (see previous section for explanation of what each of these are). Note, you will have to edit this to match your networks and settings.

 #
 # >>>>>>>>>> You must reload postfix after editing this file
 # >> NOTE >> to do this use the command:
 # >>>>>>>>>> # postfix stop;postfix start
 #
 queue_directory = /var/spool/postfix
 daemon_directory = /usr/lib/postfix
 mail_owner = postfix
 myhostname = mta1.domain.com
 mydomain = domain.com
 myorigin = $myhostname
 mydestination = $myhostname, localhost.$mydomain, \
    $mydomain, mail.domain.com
 mynetworks = 10.0.0.0/8, 65.0.0.0/24, 127.0.0.0/8
 local_recipient_maps =
 biff = no
 empty_address_recipient = MAILER-DAEMON
 queue_minfree = 8000000
 message_size_limit = 20000000
 mailbox_size_limit = 100000000
 smtpd_banner = $myhostname ESMTP Postfix
 transport_maps = hash:/etc/postfix/transport
 local_transport = local
 smtpd_helo_restrictions = permit_mynetworks
 smtpd_sender_restrictions = permit_mynetworks
 smtpd_recipient_restrictions = permit_mynetworks, \
  reject_unauth_destination, reject_non_fqdn_recipient
 notify_classes = 2bounce,policy,protocol,resource,software
 #content_filter = smtp-amavis:[127.0.0.1]:10024
 # Install Time Configuration
 sendmail_path = /usr/sbin/sendmail
 newaliases_path = /usr/bin/newaliases
 mailq_path = /usr/bin/mailq
 setgid_group = postdrop
 manpage_directory = /usr/local/man
 sample_directory = /etc/postfix
 readme_directory = no

Notice that currently the content filter line is commented out. This will allow us to test postfix by itself to make sure it is working properly before adding amavis into the mix.

/etc/postfix/master.cf

Next we want to edit /etc/postfix/master.cf, which is the file that configures all of the Postfix services. We want almost everything to be set as chroot=y, except for "virtual" and "local" (these are for if we were running virtual servers, and for local mail delivery, which needs to deliver outside of the chroot jail).

We also want to add at the end of this file the service for amavisd, which (from the amavisd documentation) would be:

 #
 # The amavis interface
 #
 smtp-amavis  unix  -    -    y    -    2    smtp
    -o smtp_data_done_timeout=1200
    -o disable_dns_lookups=yes
 127.0.0.1:10025 inet  n    -    y    -    -    smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes

/etc/postfix/transport

Next we want to edit the transport file (/etc/postfix/transport). This is a file that identifies where to our incoming email. Since we want this server to accept all mail for our domain and route it to our exchange server, we will add that line here.

 domain.com smtp:[10.10.1.50]

If you want to use a FQDN instead of an IP address, just leave out the brackets (i.e. smtp:exchange.domain.com). Just make sure that the server will be able to successfully lookup that DNS record.

After editing the transport file, we need to run the postmap command. Postfix doesn't actually read the textfile we created because that would be slow (especially if the file had many entries). Instead we convert the file into a database format using the postmap command.

 # postmap /etc/postfix/transport

After running this command, you will see the new database file that has been created: /etc/postfix/transport.db.

Start Postfix and Test it

Remember from the last course the "postfix" and "postconf" commands. Test the configuration, if there are no errors, start Postfix. Then test that you can connect to the SMTP interfaces

For the main user SMTP gateway

 # telnet localhost 25
 Trying 127.0.0.1... 
 Connected to localhost. 
 Escape character is '^]'. 
 220 mta1.domain.com ESMTP 
 press ctrl-], then type 'quit' to quit 

For the Amavisd gateway

 # telnet localhost 10025
 Trying 127.0.0.1... 
 Connected to localhost.
 Escape character is '^]'.
 220 mta1.domain.com ESMTP 
 press ctrl-], then type 'quit' to quit


Classnotes | UNIX03 | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited October 4, 2003 10:25 pm (diff)
Search:
(C) Copyright 2003 Samuel Hart
Creative Commons License
This work is licensed under a Creative Commons License.