Setting up Email Sending with Postfix

We have Linux servers that need to be able to send mail, but do not need to run an SMTP receiver.

Install the postfix and mailutils Debian packages on the Linux server.

DEBIAN_FRONTEND='noninteractive' apt-get install -y -q --force-yes postfix

If you do not do that, but do a regular apt-get, selecting "no configuration" will simplify these instructions, which have been handed down and successfully used for a couple of generations.

After you modify /etc/postfix/main.cf, be sure to run /etc/init.d/postfix reload, or the equivalent service command.

You must modify /etc/postfix/main.cf to ensure it includes something like:

myhostname = HOSTNAME.uwaterloo.ca
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = 
relayhost = mx100.cs.uwaterloo.ca
# Duh, shouldn't relayhost imply a connection cache?
# http://www.postfix.org/postconf.5.html#smtp_connection_cache_destinations
smtp_connection_cache_on_demand = yes
smtp_connection_cache_destinations = $relayhost
smtp_connection_cache_time_limit = 60s
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = ipv4

Make sure the relayhost (mx100.cs in this example) lists the server you've just set up in its list of mail clients (used to be in /software/sendmail/config/local/clients; for sendmail packages it will be /etc/mail/local-host-names ).

Beware the following lines which might get put in the file by default, but which will cause harm. Remove or comment them out.

default_transport = error
relay_transport = error

Note also that setting the following to non-empty

mydestination = 

will result in an attempt to locally deliver mail for the given list of hostnames, which is not wanted if we have only the "smart" "mailhub" machines set up with procmail, spamassassin, general forwarding capability, etc.

In the recent past many machines were observed to be left with the following configuration which I think is installed by default.

inet_interfaces = all

That causes a server to appear on port 25 (SMTP). It appears the resulting Postfix server will never allow open relaying (which is a good thing), but it could annoy people doing security checks, and confuse other people.

There may be some hosts with an O/S and therefore postfix old enough that

smtp_connection_cache_on_demand = yes
smtp_connection_cache_destinations = $relayhost
smtp_connection_cache_time_limit = 60s
relayhost = mx100.cs.uwaterloo.ca

will not be recognized. I would assume, but am not sure, that postfix will not run in that case unless you remove or comment out the unrecognized lines.

We have been assuming /etc/mailname contains the appropriate "domain" name. That should be ensured, so that mail appears to originate from a reasonably appropriate domain, and not an actual hostname of expected temporary existence (for instance, using the actual FQDN of the machine being configured is usually a bad idea).

-- AdrianPepper - 2013-10-08

Topic revision: r10 - 2013-12-18 - AdrianPepper
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback