Postfix mail server installation and configuration on CentOS8

Postfix configuration files

The two most important files are main.cf and master.cf. These files must be owned by root. By default, these files are in /etc/postfix. You should not give write permission to main.cf or master.cf (or to their parent directories) to any other user. If you are giving write permission it means giving root privileges to that person.

In /etc/postfix/main.cf you will have to set up a minimal number of configuration parameters.

You specify a configuration parameter as:

/etc/postfix/main.cf:
    parameter = value

and you use it by putting a “$” character in front of its name:

/etc/postfix/main.cf:
    other_parameter = $parameter

You can use $parameter before it is given a value.

Whenever you make a change to the main.cf or master.cf file. You need to execute the following command as root in order to refresh a running mail system:

# postfix reload

My Hostname

The myhostname parameter specifies the fully-qualified domain name of the machine running the Postfix system. $myhostname appears as the default value in many other Postfix configuration parameters.

Example:(Specify only one of the following)

/etc/postfix/main.cf:
    myhostname = host.local.domain (machine name is not FQDN)
    myhostname = host.virtual.domain (virtual interface)
    myhostname = virtual.domain (virtual interface)

My Domain name for Postfix Server

The mydomain parameter specifies the parent domain of $myhostname. By default, it is derived from $myhostname by stripping off the first part.

Examples (specify only one of the following):

/etc/postfix/main.cf:
    mydomain = local.domain
    mydomain = virtual.domain (virtual interface)

Domain name for outbound mail

The myorigin parameter specifies the domain that appears in mail that is posted on this machine.

Examples (specify only one of the following):

/etc/postfix/main.cf:
    myorigin = $myhostname (default: send mail as "user@$myhostname")
    myorigin = $mydomain   (probably desirable: "user@$mydomain")

Domain name to receive mail

The mydestination parameter specifies what domains this machine will deliver locally, instead of forwarding to another machine. The default is to receive mail for the machine itself.

IMPORTANT: If your machine is a mail server for its entire domain, you must list $mydomain as well.

Default setting.

/etc/postfix/main.cf:
    mydestination = $myhostname localhost.$mydomain localhost

Delivery method: direct or indirect

By default, Postfix tries to deliver mail directly to the Internet. It may be connected via a provider who does not allow direct mail to the Internet.

In those cases you need to configure Postfix to deliver mail indirectly via a relay host.

Example: (specify only one)

/etc/postfix/main.cf:
    relayhost =                   (default: direct delivery to Internet)
    relayhost = $mydomain         (deliver via local mailhub)
    relayhost = [mail.$mydomain]  (deliver via local mailhub)
    relayhost = [mail.isp.tld]    (deliver via provider mailhub)
               

My own network addresses

The inet_interfaces parameter specifies all network interface addresses. That the Postfix system should listen on – mail addressed to “user@[network address]” will be delivered locally. As if it is addressed to a domain listed in $mydestination.

You can override the inet_interfaces setting in the master.cf file by prepending an IP address to a server name.

Example: default setting.

/etc/postfix/main.cf:
    inet_interfaces = all

Note: you need to stop and start Postfix after changing this parameter.

Steps for Postfix Installation

First we need to setup lab requirements as:

• OS :              CentOS 8 server
• IP Address :   192.168.72.128
• Hostname:    mailserver.unixcop.com

STEP 1 : Install Postfix Mail server with mailx client

You need to install postfix and mailx packages. Here I am using yum to install these packages.

# yum install postfix mailx -y

STEP 2 : Start and enable postfix service

By running below commands you can start and enable postfix service.

# systemctl start postfix
# systemctl enable postfix

STEP 3 : Check the status of postfix

By using below command you can check the status.

# systemctl status postfix

STEP 4 : Now Configure Mail Server

As we have already discussed about the configuration file in starting. So we just need to set all the parameters accordingly.

# vi /etc/postfix/main.cf

myhostname = mailserver.unixcop.com
mydomain = unixcop.com
myorigin = $mydomain
# Set inet_interfaces to all #
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

mynetworks = 192.168.1.0/24, 127.0.0.0/8

home_mailbox = Maildir/

After making configuration changes in the file you need to restart postfix service.

# systemctl restart postfix

STEP 5 : Now you need to install telnet

If telnet is not installed, you can install it by using the below command:

# yum install telnet -y

To confirm that connectivity to postfix mail server is working fine. Type below command: and see the output.

[root@mailserver ~]# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mailserver.unixcop.com ESMTP Postfix

This output confirms that mail server is working fine.

STEP 6 : Mail server Testing

Here we create a mail user to whom we will send the mail from root.

# mailuser1
# passwd mailuser1

Next, try to send mail from root to mailuser1.

[root@mailserver ~]# mail mailuser1
Subject: testing
Hi I am doing tesing for postfix.
.
EOT

Here ” . ” is showing end of mail body.

Now you should be able to view the email sent at the mailuser1’s home directory.

Logging of Postfix mail server

All the logs of mail server stores in /var/log/maillog file. You can access the logs by:

# cat /var/log/maillog

if you want to access running log of mail server. then you can use tail -f command:

# tail -f /var/log/maillog

Till now we discussed about installing and configuring the postfix mail server. As we know that telnet works on smtp i.e. not secure.

Securing Mail Server

This is recommended to make secure connection between client and mail server. To make it secure we need to use SSL certificates. These certificates can either be from trusted authority or Self Signed Certificates.

In this lab we will go forward with self-signed certificates.

If openssl package is not installed already then install it first.

# yum install openssl -y

Now generate Private key and CSR (Certificate Signing Request) using openssl command:

# openssl req -nodes -newkey rsa:2048 -keyout mymail.key -out mymail.csr

Now generate self signed certificate by using below command:

# openssl x509 -req -days 365 -in mymail.csr -signkey mymail.key -out mymail.crt

You need to copy private key and certificate file to /etc/postfix directory.

# cp mail.key mail.crt /etc/postfix

Update Private key and Certificate file’s path in main.cf configuration file.

# vi /etc/postfix/main.cf
...
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/mail.crt
smtpd_tls_key_file = /etc/postfix/mail.key
smtpd_tls_security_level = may
...

Restart postfix service to make above changes into the effect.

# systemctl restart postfix

Now try to send mail to local user.

# echo "test email" | mailx -s "Testing email with SSL from Postfix MailServer" -r [email protected] mailuser1

Now you can check and read the mail as below sreenshot:

Sending email from local user to external domain

# echo "External Test email" | mailx -s "Postfix MailServer" -r [email protected] [email protected]

Note: If Your IP is not blacklisted anywhere then your email to external domain will be delivered otherwise it will be bounced saying that IP is blacklisted in so and so spamhaus database.

To Check Postfix mail queue

Use mailq command to list mails which are in queue.

# mailq
Mail queue is empty
#

IMPORTANT NOTES:-

1. If you have received mail to your gmail account but not able to receive the reply from there. Then you need to update the MX record for your domain in DNS server to start receiving the emails from outside like Gmail, Yahoo etc.

2. You can configure your email id in outlook after adding MX record. MX record will route the emails from outside world to your mail server (postfix).

In this article, you learned how to install the Postfix server on CentOS 8. You also learned how to send emails to your local server through Postfix services. Furthermore, you can also send emails to external domains. I hope this article will help you in installing and using the Postfix server on your system.

Comments and Suggestions below. Thank you.