User:Paul/sandbox/Configure Postfix

From UNPM.org Wiki
Jump to: navigation, search

WARNING: This article is in a user sandbox, indicating it is a rough draft, and as such, is likely incomplete, contains buggy and insecure configurations, and is subject to substantial and frequent changes.

Postfix is configured as the last step in the mail server packages since their configuration largely dictates how Postfix is configured. The two main configuration files in Postfix are main.cf and master.cf, but there are also important supporting configuration files such as the files for mapping to support MySQL and filtering out unnecessary header data.

Nearly all of the commands in this article require root privileges:

username@servername:~$ sudo -i

Configure Postfix support files

Mapping files to support MySQL configuration

mysql_virtual_alias_domainaliases_maps.cf

root@servername:~# nano /etc/postfix/mysql_virtual_alias_domainaliases_maps.cf

Add:

user = mail
password = mailpassword
hosts = 127.0.0.1
dbname = mail
query = SELECT goto FROM alias,alias_domain
  WHERE alias_domain.alias_domain = '%d'
  AND alias.address=concat('%u', '@', alias_domain.target_domain)
  AND alias.active = 1

mysql_virtual_alias_maps.cf

root@servername:~# nano /etc/postfix/mysql_virtual_alias_maps.cf

Add:

user = mail
password = mailpassword
hosts = 127.0.0.1
dbname = mail
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'

mysql_virtual_domains_maps.cf

root@servername:~# nano /etc/postfix/mysql_virtual_domains_maps.cf

Add:

user = mail
password = mailpassword
hosts = 127.0.0.1
dbname = mail
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'

mysql_virtual_mailbox_domainaliases_maps.cf

root@servername:~# nano /etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf

Add:

user = mail
password = mailpassword
hosts = 127.0.0.1
dbname = mail
query = SELECT maildir FROM mailbox, alias_domain
  WHERE alias_domain.alias_domain = '%d'
  AND mailbox.username=concat('%u', '@', alias_domain.target_domain )
  AND mailbox.active = 1

mysql_virtual_mailbox_maps.cf

root@servername:~# nano /etc/postfix/mysql_virtual_mailbox_maps.cf

Add:

user = mail
password = mailpassword
hosts = 127.0.0.1
dbname = mail
table = mailbox
select_field = CONCAT(domain, '/', local_part)
where_field = username
additional_conditions = and active = '1'

Privacy filter

By enabling header_checks in main.cf, unnecessary and revealing data can be stripped from outgoing email. This provides some privacy protection as well as security, since headers may reveal software used to manage email. More information on using this filter can be found this blog post.

header_checks

root@servername:~# nano /etc/postfix/header_checks

Add:

/^Received:/                 IGNORE
/^User-Agent:/               IGNORE
/^X-Mailer:/                 IGNORE
/^X-Originating-IP:/         IGNORE
/^x-cr-[a-z]*:/              IGNORE
/^Thread-Index:/             IGNORE

main.cf

The main.cf file is the primary configuration file for Postfix, and it is enormous. Archive the original version, then create a new one:

root@servername:~# mv /etc/postfix/main.cf /etc/postfix/original.main.cf
root@servername:~# nano /etc/postfix/main.cf

A sample file that should work for the configuration laid out in this series or articles can be found in the sample main.cf article. It is very important to be familiar with the myriad directives in this file. A complete description of every directive can be found at Postfix.org.

master.cf

Another important and huge configuration file is master.cf. Make an archive of the original version and make a new one:

root@servername:~# mv /etc/postfix/master.cf /etc/postfix/original.master.cf
root@servername:~# nano /etc/postfix/master.cf

A sample file that should work for the configuration laid out in this series or articles can be found in the sample master.cf article. It is very important to be familiar with the myriad directives in this file. Check out Postfix.org for a description of master.cf.

root@servername:~# 
root@servername:~# 
root@servername:~#

Postfix user groups

The postfix user will need to be added to several new groups in order to support domain sockets:

root@servername:~# usermod -G postgrey,opendkim,opendmarc postfix
root@servername:~# service postfix restart

Next step

The last step in configuring this mail server is to install Postfix Admin.

External links

Postfix.org

Postfix Configuration Parameters

Postfix manual - master(5)

Remove Headers | Posluns

Taking email back, part 2 | Ars Technica

A Mailserver on Ubuntu 12.04: Postfix, Dovecot, MySQL | Ex Ratione