Note: the material covered in this section is covered in more
detail in the
BASIC_CONFIGURATION_README document. The information
presented below is targeted at experienced system administrators.
10.1 - Postfix configuration files
By default, Postfix configuration files are in /etc/postfix.
The two most important files are
main.cf and
master.cf; these files
must be owned by root. Giving someone else write permission to
main.cf or
master.cf (or to their parent directories) means giving
root privileges to that person.
In /etc/postfix/
main.cf, you will have to set up a minimal number
of configuration parameters. Postfix configuration parameters
resemble shell variables, with two important differences: the first
one is that Postfix does not know about quotes like the UNIX shell
does.
You specify a configuration parameter as:
/etc/postfix/
main.cf:
parameter = value
and you use it by putting a "$" character in front of its name:
/etc/postfix/
main.cf:
other_parameter = $parameter
You can use $parameter before it is given a value (that is the
second main difference with UNIX shell variables). The Postfix
configuration language uses lazy evaluation, and does not look at
a parameter value until it is needed at runtime.
Whenever you make a change to the
main.cf or
master.cf file,
execute the following command in order to refresh a running mail
system:
# postfix reload
10.2 - Default domain for unqualified addresses
First of all, you must specify what domain will be appended to an
unqualified address (i.e. an address without @domain.tld). The
"
myorigin" parameter defaults to the local hostname, but that is
probably OK only for very small sites.
Some examples (use only one):
/etc/postfix/
main.cf:
myorigin = $
myhostname (send mail as "user@$
myhostname")
myorigin = $
mydomain (send mail as "user@$
mydomain")
10.3 - What domains to receive locally
Next you need to specify what mail addresses Postfix should deliver
locally.
Some examples (use only one):
/etc/postfix/
main.cf:
mydestination = $
myhostname, localhost.$
mydomain, localhost
mydestination = $
myhostname, localhost.$
mydomain, localhost, $
mydomain
mydestination = $
myhostname
The first example is appropriate for a workstation, the second
is appropriate for the mailserver for an entire domain. The third
example should be used when running on a virtual host interface.
10.4 - Proxy/NAT interface addresses
The
proxy_interfaces parameter specifies all network addresses
that Postfix receives mail on by way of a proxy or network address
translation unit. You may specify symbolic hostnames instead of
network addresses.
IMPORTANT: You must specify your proxy/NAT external addresses
when your system is a backup MX host for other domains, otherwise
mail delivery loops will happen when the primary MX host is down.
Example: host behind NAT box running a backup MX host.
/etc/postfix/
main.cf:
proxy_interfaces = 1.2.3.4 (the proxy/NAT external network address)
10.5 - What local clients to relay mail from
If your machine is on an open network then you must specify
what client IP addresses are authorized to relay their mail through
your machine into the Internet. The default setting includes all
subnetworks that the machine is attached to. This may give relay
permission to too many clients. My own settings are:
/etc/postfix/
main.cf:
mynetworks = 168.100.189.0/28, 127.0.0.0/8
10.6 - What relay destinations to accept from strangers
If your machine is on an open network then you must also specify
whether Postfix will forward mail from strangers. The default
setting will forward mail to all domains (and subdomains of) what
is listed in $
mydestination. This may give relay permission for
too many destinations. Recommended settings (use only one):
/etc/postfix/
main.cf:
relay_domains = (do not forward mail from strangers)
relay_domains = $
mydomain (my domain and subdomains)
relay_domains = $
mydomain, other.domain.tld, ...
10.7 - Optional: configure a smart host for remote delivery
If you're behind a firewall, you should set up a
relayhost. If
you can, specify the organizational domain name so that Postfix
can use DNS lookups, and so that it can fall back to a secondary
MX host when the primary MX host is down. Otherwise just specify
a hard-coded hostname.
Some examples (use only one):
/etc/postfix/
main.cf:
relayhost = $
mydomain
relayhost = [mail.$
mydomain]
The form enclosed with [] eliminates DNS MX lookups.
By default, the SMTP client will do DNS lookups even when you
specify a
relay host. If your machine has no access to a DNS server,
turn off SMTP client DNS lookups like this:
/etc/postfix/
main.cf:
disable_dns_lookups = yes
The
STANDARD_CONFIGURATION_README file has more hints and tips for
firewalled and/or dial-up networks.
10.8 - Create the aliases database
Postfix uses a Sendmail-compatible
aliases(5) table to redirect
mail for
local(8) recipients. Typically, this information is kept
in two files: in a text file /etc/aliases and in an indexed file
/etc/aliases.db. The command "postconf
alias_maps" will tell you
the exact location of the text file.
First, be sure to update the text file with aliases for root,
postmaster and "postfix" that forward mail to a real person. Postfix
has a sample aliases file /etc/postfix/aliases that you can adapt
to local conditions.
/etc/aliases:
root: you
postmaster: root
postfix: root
bin: root
etcetera...
Note: there should be no whitespace before the ":".
Finally, build the indexed aliases file with one of the
following commands:
# newaliases
# sendmail -bi
