/munetakaJupyterHub/Computer/2024/Postfix/01-01-PostfixBasicConfiguration.md

§2024-04-28

Postfix Basic Configuration@www.postfix.org

ports has to be opened

¶Introduction

Postfix has several hundred configuration parameters that are controlled via the main.cf file. Fortunately, all parameters have sensible default values. In many cases, you need to configure only two or three parameters before you can start to play with the mail system.

¶Postfix configuration files

By default, Postfix configuration files are in /etc/postfix. The two most important files are main.cf and master.cf; these files must be owned by root.

alexlai@h2Jammy:~$ ls -l /etc/postfix/*.cf 
-rw-r--r-- 1 root root   60  四  27 14:35 /etc/postfix/dynamicmaps.cf
-rw-r--r-- 1 root root 1491  四  27 15:24 /etc/postfix/main.cf
-rw-r--r-- 1 root root 6524  四  27 14:35 /etc/postfix/master.cf

You specify a configuration parameter as:

/etc/postfix/main.cf:
    parameter = value
and you use it by putting a "$" character in front of its name:

/etc/postfix/main.cf:
    other_parameter = $parameter

You can use $parameter before it is given a value (that is the second main difference with UNIX shell variables). The Postfix configuration language uses lazy evaluation, and does not look at a parameter value until it is needed at runtime.

gptChat, And if $parameter is not defined, Postfix will treat it as an empty string. So essentially, other_parameter will be set to an empty value if $parameter is not defined.

Postfix uses database files for access control, address rewriting and other purposes. The DATABASE_README file gives an introduction to how Postfix works with Berkeley DB, LDAP or SQL and other types. Here is a common example of how Postfix invokes a database:

/etc/postfix/main.cf: virtual_alias_maps = hash:/etc/postfix/virtual

Whenever you make a change to the main.cf or master.cf file, execute the following command as root in order to refresh a running mail system:

# postfix reload

¶ example of using database

First, you would define your access control rules in a text file. Let's call it sender_access.

# sender_access file
allowed.domain OK
another.allowed.domain OK

Then, you would convert this text file into a hashed database file using the postmap command:

postmap hash:/etc/postfix/sender_access

This command generates a file named sender_access.db, which is the hashed database file used by Postfix.

Next, in your main.cf, you would specify the use of this database file for access control:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

This tells Postfix to check the sender_access database file for access control rules.

Finally, reload or restart Postfix for the changes to take effect.

¶What domain name to use in outbound mail

The myorigin parameter specifies the domain that appears in mail that is posted on this machine. The default is to use the local machine name, $myhostname, which defaults to the name of the machine. Unless you are running a really small site, you probably want to change that into $mydomain, which defaults to the parent domain of the machine name.

For the sake of consistency between sender and recipient addresses, myorigin also specifies the domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

/etc/postfix/main.cf:
    myorigin = $myhostname (default: send mail as "user@$myhostname")
    myorigin = $mydomain   (probably desirable: "user@$mydomain")

h2jammy.yushei.net

alexlai@h2Jammy:/etc/postfix$ grep myorigin main.cf
#myorigin = /etc/mailname
myorigin = /etc/mailname
alexlai@h2Jammy:/etc/postfix$ cat /etc/mailname
h2Jammy.yushei.net

Postfix configuration, the myorigin parameter is set to retrieve its value from the /etc/mailname file.

¶What domains to receive mail for

The mydestination parameter specifies what domains this machine will deliver locally, instead of forwarding to another machine. The default is to receive mail for the machine itself. See the VIRTUAL_README file for how to configure Postfix for hosted domains.

You can specify zero or more domain names, "/file/name" patterns and/or "type:table" lookup tables (such as hash:, btree:, nis:, ldap:, or mysql:), separated by whitespace and/or commas. A "/file/name" pattern is replaced by its contents; "type:table" requests that a table lookup is done and merely tests for existence: the lookup result is ignored.

IMPORTANT: If your machine is a mail server for its entire domain, you must list $mydomain as well.

Example 1: default setting.

/etc/postfix/main.cf: mydestination = $myhostname localhost.$mydomain localhost Example 2: domain-wide mail server.

/etc/postfix/main.cf: mydestination = $myhostname localhost.$mydomain localhost $mydomain Example 3: host with multiple DNS A records.

/etc/postfix/main.cf: mydestination = $myhostname localhost.$mydomain localhost www.$mydomain ftp.$mydomain Caution: in order to avoid mail delivery loops, you must list all hostnames of the machine, including $myhostname, and localhost.$mydomain.