Software

Configure IT Quick: Set up a basic e-mail server with Postfix as the MTA

Get a basic mail server running using Postfix as the mail transfer agent (MTA).

For all the apparent simplicity of e-mail, setting up a mail server is one of the most difficult administrative tasks to do. You have to figure out how to send and receive legitimate mail without allowing spammers to use your system to spew junk to the world. You have to define where on your system to store user mail in a way that expands with the growth of your user base. You also need to figure out how users read the mail that ends up in your system. All of this just to relay a simple e-mail message.

In this article, I’ll explain how to get a basic mail server running using Postfix as the mail transfer agent (MTA). By the end of the article, your basic mail server will be up, delivering outbound e-mail and accepting incoming mail for local users.

Read more about setting up an e-mail server
In my previous article, I discussed one set of software that makes up an inexpensive e-mail setup.

Before you start
The instructions in this article assume you already have a server with some flavor of Linux, with Apache, MySQL, and PHP already installed and running. The computer should be on a network, with a valid host and domain name. These instructions also assume you are familiar with user account administration, basic software compilation in a UNIX environment, and editing configuration files. If not, I'd suggest you learn these things before attempting to install a mail server.

I have built these systems on Red Hat 7.1 and Mandrake 9.0. This system should work on BSD, Solaris, OS X, or other distributions of Linux, but these steps may not work without modification. If you're having trouble, each of the software packages I use has active mailing lists with individuals willing to help.

You don't have to have the Web server/database on the same computer as the mail server, but to use MySQL for account information, you need to specify the location of libmysqlclient.so and mysql.h. If you installed MySQL from source, these will be on your computer. Mine are in /usr/local/mysql/lib/mysql and /usr/local/mysql/include/mysql, respectively. If you can't find them on your system, install the appropriate package for your distribution or install MySQL from source. You also need to have the development files for the Berkeley DB system. In Mandrake, install the libdb3.3-devel package. Or download and install the source code from Sleepycat Software.

Postfix uses SMTP to transfer mail to and from other mail servers. There are many different ways to store user account information, each with benefits for different situations. Later in this series, I'll create "virtual" users that don't have UNIX accounts and store all of the user information in a MySQL database. In this article, I'll start by just getting Postfix to deliver mail locally, to valid UNIX users.

Working with Postfix
Your first order of business is to download the source for the latest version from the Postfix home page. I put the tarball in /usr/src, and I keep all of the source files for server software in this location, where I can easily find what version is installed later. There have been quite a few improvements to Postfix since the fall of 2002. These instructions are for Postfix versions later than 2.0.

Compile and install Postfix
Unpack the source tarball as follows:
$ tar –xzf postfix-2.0.6.tar.gz

Create a postfix user account, with the primary group named postfix, using your account creation tool of choice. This account should have no shell or home directory—the resulting entry in /etc/passwd should look like this:
postfix:*:12345:12345:postfix:/no/where:/no/shell

Create a postdrop group with no users. The entry in /etc/group should look like this (perhaps with a different group id):
postdrop:*:54321

Add an entry in /etc/alias for the postfix user:
postfix: root

The following makecommand will patch the make files for MySQL support. Also, change the include and lib path to point to the directories containing mysql.h and libmysqlclient. So:
$ cd /usr/src/postfix-2.0.6
$ make –f Makefile.init makefiles \
> 'CCARGS=-DNO_PCRE -DHAS_MYSQL –I/usr/local/mysql/include/mysql'\
> 'AUXLIBS=-L/usr/local/mysql/lib/mysql –lmysqlclient –lz –lm'

Remove the debugging symbols from the source code (optional) with this command:
$ strip bin/* libexec/*

Then compile using:
$ make

Finally, install (as root) using these commands:
$ su
# make install

The install script prompts you for many options. You might want to specify a location in your user home directory for the readme files—otherwise, the defaults are generally fine. Barring any compilation errors, you should now have a working copy of Postfix on your system, with a directory of configuration files in /etc/postfix.

Configuring Postfix
Postfix has a ton of configuration options. After a fresh install, most of them are set to reasonable values. The readme files, sample configuration files, and man pages describe how to work with most of them. While Postfix should run with no changes, there are some settings you may need to change if you're getting error messages, along with a couple of considerations for reducing spam. Using Table A, you may want to change some values in /etc/postfix/main.cf (the main configuration file for options).
Table A
main.cf parameter
Description Set this value
alias_maps Lists where to find local users
alias_maps = hash:/etc/alias
mynetworks Determines what IP address range to accept mail from. Defaults to accepting mail from any computer on the same subnet.
If this computer is not behind a firewall, set it to specific IP addresses to always accept mail from mynetworks = 127.0.0.0/8 12.228.122.48/32
relayhost Designates another SMTP server to relay all mail not delivered locally.
By default, this is set to nothing, meaning this server attempts to connect directly to the receiving MTA. If you have a local DNS server running, this is fine—otherwise you might want to point this to the mail server for your ISP.
smtpd_recipient_restrictions Determines what to check before relaying the mail. You can add black hole lists here, check for forged Hotmail/Yahoo mail, and many other things.

Here's a basic list that blocks unauthorized relaying and connections that do not speak proper SMTP:
smtpd_recipient_restrictions =
reject_unauth_pipelining, 
reject_unknown_sender_domain, 
reject_unknown_recipient_domain, 
permit_mynetworks, 
reject_unauth_destination

Here are the main.cf configuration file options.

Next, I need to set up aliases for default system accounts. For now, I'll route the important mail accounts to a local user account, which will need to be read directly by a mail client. To do this, edit the /etc/aliases file and add the following entries:
postfix:    root
postmaster: root
abuse:      root
root:       user

Replace user with your user account name. To generate the actual alias database, type the following as root:
# postalias

Next, check for errors in the Postfix installation, and if you get no error messages, start Postfix:
# postfix check
# postfix start

Postfix sends log messages to the mail facility of syslogd by default. Look for messages from Postfix that include /var/log/maillog, /var/log/mail/warnings, or their equivalents. The tail command can be helpful for this:
$ tail –f /var/log/maillog

Automatic startup
Finally, set Postfix to run automatically at startup. The procedure to do this varies widely by system, and the package does not provide a script. If your distribution uses System V for starting and stopping services, the accompanying sidebar provides a sample script you can use. Save this script as /etc/rc.d/init.d/postfix.

Once this script is saved, you can use the chkconfig program to set the run levels for postfix, and make the script executable using:
# chkconfig --add postfix
# chmod 744 /etc/rc.d/init.d/postfix

What's next?
Postfix should now be up and running, accepting mail for local users and aliases in the /etc/alias file, and relaying mail out. In the next article, I will set up an IMAP server so that other users can get to e-mail stored on the server and store virtual user accounts in a MySQL database.
0 comments

Editor's Picks