in ,

Postfix – basic settings in main.cf

Postfix - basic settings in main.cf

Note that at this stage we are dealing with a single domain for our email needs. Later articles will look at multiple domains and virtual users.


Modular

One of the key aspects of understanding and administering postfix is that it is designed to be a modular package.

By that, I mean that the base installation itself is fairly small and the vast majority of the ‘usual’ mail administration, such as anti-spam and anti-virus, are actually conducted by third party packages like SpamAssassin .

Although those particular aspects are for a later article, we can begin to see the modular nature of postfix when we look at the main.cf file.

Many settings refer to other files on the Slice. This setup can, at first, seem slightly confusing and the initial reaction may be to hard code the data rather than reference another file with a single word in it.

I would advise sticking with the modular premise of postfix and editing multiple files for what may seem like one simple setting.

It makes a lot more sense when we start adding multiple domains, users and aliases to our setup.

main.cf

So what is this main.cf file?

Let’s take a look:

sudo nano /etc/postfix/main.cf

I won’t paste it here as we are only going to look at one section of the file but you can see it consists of, roughly, three sections.

The first consists of several settings such as smtpd_banner and biff. The second has settings for TLS parameters – more of which in later artcles.

The section we want to look at is the last one and looks like this on the demo slice:

myhostname = mail.demoslice.com

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

myorigin = /etc/mailname
mydestination = mail.demoslice.com, localhost.demoslice.com, , localhost

relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

Note that some of the settings already have the hostname from the base postfix installation.

Settings

Although some of the settings may be self explanatory, let’s go through some of them so we have a better understanding of the nature of postfix and what we can do with it at this early stage.

myhostname

Having harped on about the modular nature of postfix, it is only natural that the first setting we come to is hard coded…

Anyway, this was set during the postfix installation when we entered the domain name we wanted to use. This also matches the Slice hostname.

aliases

Aliases are ways of delivering mail to different users without having to set up dozens of different accounts.

The default settings in the main.cf are good and reference another file:

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

Have a look at the file:

sudo nano /etc/aliases

You will see a list of names followed by ‘root’. In these instances, mail delivered to the first name will actually be delivered to the second name.

We don’t need to setup the postmaster, news, webmaster, abuse, etc users for postfix as mail delivered to those names will be sent to root.

Using the same syntax, we can have all mail for root delivered to our admin user by adding this line:

root: demo

Remember, ‘demo’ is the main admin users for this Slice.

You may notice that there will be up to three changes in delivery destination:

Mail sent to ‘mailer-daemon’ is sent to postmaster.

Mail to postmaster is sent to root, and we have just added that all mail sent to root is sent to the main admin user ‘demo’.

You are, of course, free to adjust the aliases as you see fit, but instead of changing all the ‘root’ users in the file, it is easier and quicker to add the one line as shown above – this also makes for easier migration/administration at a later date.

If you have changed the aliases file you must then refresh the aliases database or any changes will not be affected:

sudo newaliases

myorigin

This setting is important as internal emails from packages such as cron jobs do not supply full mail ‘credentials’ such as sender email. They use the ‘myorigin’ setting.

As such, it needs to be set to the main hostname of the Slice.

By default, the setting refers to the ‘/etc/mailname’ file. Let’s have a look at the contents:

cat /etc/mailname

The output on mine is:

mail.demoslice.com

Which is no real surprise as that is what we set when installing postfix.

However, there is another way of setting ‘myorigin’ and that is to use ‘$mydomain’ in the main.cf file like this:

myorigin = $mydomain

We haven’t specifically set the $mydomain variable at any point but postfix gets the information from the ‘myhostname’ setting – parsing the hostname to gain the main domain name.

The advantage of setting the myorigin this way is that it makes for easier administration at a later date as only one setting (myhostname) needs changing – all the others take the change from that.

mydestination

Although we have not set the Slice to receive mail (we will do that in the next article), this setting defines from which domain(s) it will accept mail.

The default looks like this:

mydestination = mail.demoslice.com, localhost.demoslice.com, , localhost

That is fine for our needs as we are, at this stage, setting up mail for a single domain but, like the ‘myorigin’ setting, we can reduce future administration by using the ‘$mydomain’ variable like so:

mydestination = $mydomain, localhost.$mydomain, localhost

Again, using the variable saves a lot of possible administrative headaches at a later date.

relayhosts

For our setup we do not need this setting so you can leave that blank.

mynetworks

Defines the network to use. The default includes IPv6 settings which can be removed, leaving:

mynetworks = 127.0.0.0/8

The rest

The remaining settings can also be left at this stage.

They will come into play later on when we look at some more complex configurations but, for the moment, they are not needed and can be left at the defaults.

Final settings

After the changes we have made, the last section in my main.cf looks like this:

myhostname = mail.demoslice.com

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

myorigin = $mydomain
mydestination = $mydomain, localhost.$mydomain, localhost

relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

Restart

As with all packages, once you have made any changes to the configuration, you will need to restart it:

sudo /etc/init.d/postfix restart

Once that is done, we can conduct a quick test.

Send mail

As with all administrative changes (not that we made many changes here), it is always a good idea to test them.

Send mail to a working email address:

mail user@example.com
Subject: test
test
.
Cc:

You should receive an email from the correct user and the correct domain – check the headers to see if they are correct.

Summary

Getting involved in the configuration of postfix can be a daunting task.

This introduction should help with the basics and shows that postfix is simple in its approach and design and how using variables instead of hard coding domain names can save time and effort in any future administration.

PickledOnion @SliceHost

What do you think?

Email - setting a Sender Policy Framework (SPF) record

Email – setting a Sender Policy Framework (SPF) record

Capturing Packets with Tcpdump

Capturing Packets with Tcpdump