12.3. Mail Transport Agents
Red Hat Enterprise Linux offers two primary MTAs: Postfix and Sendmail. Postfix is configured as the default MTA, although it is easy to switch the default MTA to Sendmail. To switch the default MTA to Sendmail, you can either uninstall Postfix or use the following command to switch to Sendmail:
Originally developed at IBM by security expert and programmer Wietse Venema, Postfix is a Sendmail-compatible MTA that is designed to be secure, fast, and easy to configure.
To improve security, Postfix uses a modular design, where small processes with limited privileges are launched by a master daemon. The smaller, less privileged processes perform very specific tasks related to the various stages of mail delivery and run in a change rooted environment to limit the effects of attacks.
Configuring Postfix to accept network connections from hosts other than the local computer takes only a few minor changes in its configuration file. Yet for those with more complex needs, Postfix provides a variety of configuration options, as well as third party add ons that make it a very versatile and full-featured MTA.
The configuration files for Postfix are human readable and support upward of 250 directives. Unlike Sendmail, no macro processing is required for changes to take effect and the majority of the most commonly used options are described in the heavily commented files.
12.3.1.1. The Default Postfix Installation
The Postfix executable is /usr/sbin/postfix. This daemon launches all related processes needed to handle mail delivery.
Postfix stores its configuration files in the /etc/postfix/ directory. The following is a list of the more commonly used files:
-
access — Used for access control, this file specifies which hosts are allowed to connect to Postfix.
-
main.cf — The global Postfix configuration file. The majority of configuration options are specified in this file.
-
master.cf — Specifies how Postfix interacts with various processes to accomplish mail delivery.
-
transport — Maps email addresses to relay hosts.
The aliases file can be found in the /etc/ directory. This file is shared between Postfix and Sendmail. It is a configurable list required by the mail protocol that describes user ID aliases.
The default
/etc/postfix/main.cf file does not allow Postfix to accept network connections from a host other than the local computer. For instructions on configuring Postfix as a server for other clients, refer to
Section 12.3.1.2, “Basic Postfix Configuration”.
Restart the
postfix service after changing any options in the configuration files under the
/etc/postfix directory in order for those changes to take effect:
~]# service postfix restart
12.3.1.2. Basic Postfix Configuration
By default, Postfix does not accept network connections from any host other than the local host. Perform the following steps as root to enable mail delivery for other hosts on the network:
-
Edit the /etc/postfix/main.cf file with a text editor, such as vi.
-
Uncomment the mydomain line by removing the hash sign (#), and replace domain.tld with the domain the mail server is servicing, such as example.com.
-
Uncomment the myorigin = $mydomain line.
-
Uncomment the myhostname line, and replace host.domain.tld with the hostname for the machine.
-
Uncomment the mydestination = $myhostname, localhost.$mydomain line.
-
Uncomment the mynetworks line, and replace 168.100.189.0/28 with a valid network setting for hosts that can connect to the server.
-
Uncomment the inet_interfaces = all line.
-
Comment the inet_interfaces = localhost line.
-
Restart the postfix service.
Once these steps are complete, the host accepts outside emails for delivery.
Postfix has a large assortment of configuration options. One of the best ways to learn how to configure Postfix is to read the comments within the
/etc/postfix/main.cf configuration file. Additional resources including information about Postfix configuration, SpamAssassin integration, or detailed descriptions of the
/etc/postfix/main.cf parameters are available online at
https://www.postfix.org/.
12.3.1.3. Using Postfix with LDAP
Postfix can use an LDAP directory as a source for various lookup tables (e.g.: aliases, virtual, canonical, etc.). This allows LDAP to store hierarchical user information and Postfix to only be given the result of LDAP queries when needed. By not storing this information locally, administrators can easily maintain it.
12.3.1.3.1. The /etc/aliases lookup example
The following is a basic example for using LDAP to look up the /etc/aliases file. Make sure your /etc/postfix/main.cf contains the following:
alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf
Create a /etc/postfix/ldap-aliases.cf file if you do not have one created already and make sure it contains the following:
server_host = ldap.example.com
search_base = dc=example, dc=com
where ldap.example.com, example, and com are parameters that need to be replaced with specification of an existing available LDAP server.
The /etc/postfix/ldap-aliases.cf file can specify various parameters, including parameters that enable LDAP SSL and STARTTLS. For more information, refer to the ldap_table(5) man page.
