Introduction

This howto will help you to have a basic Postfix mail server setup for your corporate environment. The main intention of this howto is to teach how you can install and configure a basic Postfix mail server setup with IMAP and POP3 services. I do not intend to tell you how you can integrate advanced stuffs like virus checking and spam filtering with this guide. My advanced postfix guide is CompleteVirtualPostfixIspMailSetup. Enjoy it once you have finished this basic howto.

Setup Overview

In our setup, Postfix sends & recieves mail from Internet and stores in the user mail boxes while clients in the Internet can retrieve their mails either from Courier IMAP or POP3. The user authentication is done by Courier Authdaemon. The following diagram shows this process.

attachment:SetupOverview.jpg

Anatomy of Postfix

Components

The Following figure shows the main Postfix system components, and the main information flows between them.

attachment:PostfixComponents.gif

• Yellow ellipsoids are mail programs.
• Yellow boxes are mail queues or files.
• Blue boxes are lookup tables.
• Programs in the large box run under control by the Postfix resident master daemon.
• Data in the large box is property of the Postfix mail system.

Receiving Mail

When a message enters the Postfix mail system, the first stop on the inside is the incoming queue. The figure below shows the main components that are involved with new mail.

attachment:PosfixRecieving.gif

• Mail is posted locally. The Postfix [http://www.postfix.org/sendmail.1.html sendmail] program invokes the privileged [http://www.postfix.org/postdrop.1.html postdrop] program which deposits the message into the maildrop directory, where the message is picked up by the [http://www.postfix.org/pickup.8.html pickup] daemon. This daemon does some sanity checks, in order to protect the rest of the Postfix system.

• Mail comes in via the network. The Postfix [http://www.postfix.org/smtpd.8.html SMTP server] receives the message and does some sanity checks, in order to protect the rest of the Postfix system.

• Mail is generated internally by the Postfix system itself, in order to return undeliverable mail to the sender. The [http://www.postfix.org/bounce.8.html bounce or defer] daemon brings the bad news.

• Mail is forwarded by the [http://www.postfix.org/local.8.html local] delivery agent, either via an entry in the system-wide [http://www.postfix.org/aliases.5.html alias] database, or via an entry in a per-user [http://www.postfix.org/aliases.5.html .forward] file. This is indicated with the unlabeled arrow.

• Mail is generated internally by the Postfix system itself, in order to [http://www.postfix.org/basic.html#notify notify] the postmaster of a problem (this path is also indicated with the unlabeled arrow).The Postfix system can be configured to notify the postmaster of SMTP protocol problems, [http://en.wikipedia.org/wiki/E-mail_spam UCE] policy violations, and so on.

• The [http://www.postfix.org/cleanup.8.html cleanup] daemon implements the final processing stage for new mail. It adds missing From: and other message headers, arranges for address rewriting to the standard user@fully.qualified.domain form, and optionally extracts recipient addresses from message headers. The cleanup daemon inserts the result as a single queue file into the incoming queue, and notifies the [http://www.postfix.org/qmgr.8.html queue manager] of the arrival of new mail. The cleanup daemon can be configured to transform addresses on the basis of [http://www.postfix.org/rewrite.html#canonical canonical] and [http://www.postfix.org/rewrite.html#virtual virtua] table lookups.

• On request by the cleanup daemon, the [http://www.postfix.org/trivial-rewrite.8.html trivial-rewrite] daemon rewrites addresses to the standard user@fully.qualified.domain form.

Install Postfix

In this setup I assume that your domain is yourdomain.com and it has a valid MX record call mail.yourdomain.com. Remember to replace yourdomain.com with your actual domain in the example codes in this howto. Also I assume that you know what an MX record is. To find out MX your type in a terminal:

dig mx yourdomain.com

To install postfix

sudo apt-get install postfix

Intall mailx package for use as command mail utility program. Mail command is installed with this package.

sudo apt-get install mailx

Test your default setup

Add a user before you start this.

sudo useradd -m -s /bin/bash fmaster
sudo passwd fmaster

Test your default installation using the following code segment.

telnet localhost 25

Postfix will prompt like following in the terminal so that you can use to type SMTP commands.

Trying 127.0.0.1...
Connected to mail.fossedu.org.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Ubuntu)

Type the following code segment in Postfix's prompt.

ehlo localhost
mail from: root@localhost
rcpt to: fmaster@localhost
data
Subjet: My first mail on Postfix
Hi,
Are you there?
regards,
Admin
. (Type the .[dot] in a new Line and press Enter )
quit 

Check the mailbox of fmaster

su - fmaster
mail

When your type mail command an output like follows display in your terminal.

Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/fmaster": 2 messages 2 new
>N  1 root@localhost     Mon Mar  6 12:49   13/479   Just a test
 N  2 root@localhost     Mon Mar  6 12:51   15/487   My first mail
&

You will observe that mails are indexed by numbers and you can type the number of which the mail that you want to read. For example type no "2" to read the 2nd mail. The type "q" to quit. The mail will be written to a file called mbox in user's home directory. According to our example it will be /home/fmaster/mbox.

All messages in an mbox type of mailbox are concatenated and stored in a single file. The beginning of each message is indicated by a line whose first five characters are "From " and a blank line is appended to the end of each message

Setting Postfix Support for Maildir-style Mailboxes

Maildir is a format for an e-mail spool that does not require file locking to maintain message integrity because the messages are kept in separate files with unique names. A Maildir is a directory (often named Maildir) with three subdirectories named tmp, new, and cur. The subdirectories should all reside on the same filesystem.

Another reason to use Maildir format is that Courier IMAP/POP3 servers only work with Maildir format of mailboxes.

Please find out more about Maildir [http://en.wikipedia.org/wiki/Maildir here]

 sudo  vi /etc/postfix/main.cf

Add the following code segment:

home_mailbox = Maildir/

Comment the Line  mailbox_command = procmail -a "$EXTENSION" adding a "#" at the beginning

Restart Postfix to make changes effect.

sudo  /etc/init.d/postfix restart

Test your setup again

Installing courier IMAP and POP3

sudo apt-get install courier-pop
sudo apt-get install courier-imap

= Adding local domains to postfix

sudo   vi /etc/postfix/main.cf

Add your domain to:

sudo vi /etc/postfix/main.cf

Add your domain to mydestination. Once added it should be like the following code segment.

...
mydestination = mail.fossedu.org, localhost.localdomain, localhost, yourdoamin.com
...

Add your local network to:

sudo vi /etc/postfix/main.cf

I assume that your local network is 192.168.1.0/24 and add your local network to mynetworks. Once added it should be like the following code segment.

mynetworks = 127.0.0.0/8, 192.168.1.0/24

Make Postfix to receive mail from the Internet

Set inet_interfaces = all in /etc/postfix/main.cf using:

sudo vi /etc/postfix/main.cf

Finally Restart Postfix;

sudo  /etc/init.d/postfix restart

Test your setup again using following code:

telnet mail.yourdomain.com 25
ehlo yourdmain.com
mail from: root@yourdomain.com
rcpt to: fmaster@yourdomain.com
data
Subject: My first mail for my domain
Hi,
Are you there?
regards,
Admin
. (and Enter In a new Line)
quit 

Check the mailbox of fmaster

su - fmaster
cd Maildir/new
ls

Now you will see mail has a separate file

Testing Courier POP3

Type in a terminal:

telnet mail.yourdomain.com 110

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.

Connected to mail.yourdomain.com (69.60.109.217).
Escape character is '^]'.
+OK Hello there.

Type the following code segment in the prompt provided by the Courier POP3 server. I assume that you inetligent enough not to type the lines which starts from +OK

user fmaster
+OK Password required.
pass password
+OK logged in.
quit

Testing Courier IMAP

Type in a terminal:

telnet mail.yourdomain.com 143

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.

* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS XCOURIEROUTBOX=INBOX.Outbox] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.

Type the following code segment in the prompt provided by the Courier IMAP server.

a login fmaster password
a OK LOGIN Ok.
a logout

Local Alias database

When mail is to be delivered locally, the local delivery agent runs each local recipient name through the aliases database. The mapping does not affect addresses in message headers. Local aliases are typically used to implement distribution lists, or to direct mail for standard aliases such as postmaster to real people. The table can also be used to map Firstname.Lastname addresses to login names.

Alias lookups are enabled by default and you will see following code segment in main.cf file.

...
alias_maps = hash:/etc/aliases 
...

Creating an alias for an account

The following codes illustrate how you can setup an alias. This step is optional since we are going to configure virtual mail domains later in this howto. I have added this step to make understand how you can do this in case of a requirement.

Create a user

sudo useradd -m -s /bin/bash sysadmin
sudo passwd sysadmin

Edit the alias table

Open the alias file with:

sudo vi /etc/aliases

Add the following code:

fmaster: sysadmin

To make your changes effect type:

sudo newaliases

To test your changes send a mail to fmaster and check the mail in /home/sysadmin/Maildir/new folder.

Per User .forward Files

Users can control their own mail delivery by specifying destinations in a file called .forward in their home directories. The syntax of these files is the same as with system aliases, except that the lookup key and colon are not present.

I will illustrate an example here:

Assume that you need to for all the mails which comes sysadmin account to an another account do like this

su - sysadmin
touch .forward

Then open the .forward file

vi .forward

Add the following code:

fossedu@gmail.com

Remember to use email address which exists in this exercise.

Now send a mail to sysadmin and mail should come to fossedu@gmail.com

Postfix virtual Aliases for separate domains and Linux system accounts

With this approach, every hosted domain can have its own info etc. email address. However, it still uses LINUX system accounts for local mailbox deliveries.

With virtual alias domains, each hosted address is aliased to a local UNIX system account or to a remote address. The example below shows how to use this mechanism for the fossedu.org and linuxelabs.com domains.

Open the main.cf file:

sudo vi /etc/postfix/main.cf

Add the following code segment:

virtual_alias_domains = fossedu.org linuxelabs.com
virtual_alias_maps = hash:/etc/postfix/virtual

Edit the /etc/postfix/virtual file:

Add two Linux system accounts

sudo useradd -m -s /bin/bash sigiri
sudo useradd -m -s /bin/bash kala

Set Password for the above users.

sudo passwd sigiri
sudo passwd kala

sudo vi /etc/postfix/virtual

Add the following code segment:

info@fossedu.org       sigiri
info@linuxelabs.com    kala

To create a Map Database type :

sudo postmap /etc/postfix/virtual

The postmap is utility program that will convert /etc/postfix/virtual to /etc/postfix/virtual.db Berkley DB format, so that Postfix can access the data faster.

Restart Postfix to make changes effect:

sudo /etc/init.d/postfix restart

Send mails to both info@fossedu.org and info@linuxelabs.com and those mails should come to mailboxes of sigiri and kala respectively.

Postfix virtual Mailboxes for Separate Domains and Non-Linux Accounts

As a system hosts more and more domains and users, it becomes less desirable to give every user their own Linux system account.

With the Postfix virtual mailbox delivery agent, every recipient address can have its own virtual mailbox. Unlike virtual alias domains, virtual mailbox domains do not need the translation from each recipient addresses into a different address, and owners of a virtual mailbox address do not need to have a Linux system account.

The Postfix virtual mailbox delivery agent looks up the user mailbox pathname, uid and gid via separate tables that are searched with the recipient's mail address. Maildir style delivery is turned on by terminating the mailbox pathname with "/".

attachment:VhostDomains.png

I suggest you to transfer all domains into virtual mailboxes. Even if you have setup postfix with one domain , we will make that domain a vrtual domain. Acculally you do not need to do this ,but doing this way you will have well organized mail system , and no need to avoid this. Having Postfix host one real domain and the rest virtual means that you will always need to configure Postfix twice: once for each type of domain.

To do that, let's change our myhostname line in main.cf to read:

myhostname = localhost

Then remove the following lines if have already setup

virtual_alias_domains = fossedu.org linuxelabs.com
virtual_alias_maps = hash:/etc/postfix/virtual

Create Virtual Mailbox Owner

In our setup all virtual mailboxes are owned by a fixed uid and gid 5000. If this is not what you want, specify lookup tables that are searched by the recipient's mail address.

To create virtual mailbox group:

sudo groupadd -g 5000 vmail

To create virtual mailbox owner:

sudo -m -u 5000 -g 5000 -s /bin/bash vmail

Open main.cf

sudo vi /etc/postfix/main.cf

Setup Postfix to Use Virtual Mailboxes

Then add the following code segment to main.cf

virtual_mailbox_domains = /etc/postfix/vhosts
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = hash:/etc/postfix/valias

In the first line, we're using a text file called vhosts. You can actually name this anything you want. Inside this text file will be a simple one-column list of all the domains you are hosting. For example, add your all domains there.

sudo vi /etc/postfix/vhosts

Add the the following codes:

fossedu.org
linuxelabs.com

This is my exmaple use your own domains here.

The next line virtual_mailbox_base specifies the base directory where we shall store all of our mail. Again, you can choose anything you want. In our case it will be our '''vmail''' owners's home directory /home/vmail

The third line points to a textfile I called '''vmaps'''. This is a two column text file. The first column specifies a virtual email address. The second column specifies that persons mailbox location. Just like with real domain hosting, if you specify a / at the end of the location, it becomes Maildir format. If not, it is mbox. Any way in this howto we use Maildir format.

Setup this file as in this example:

sudo vi /etc/postfix/vmaps

Add the entries like the following codes:

info@fossedu.org    fossedu.org/info/
sales@fossedu.org    fossedu.org/sales/
sigiri@fossedu.org    fossedu.org/sigiri/
info@linuxelabs.com  fossedu.org/info/
sales@linuxelabs.com   fossedu.org/sales/
sigiri@linuxelabs.com   fossedu.org/sigiri/

Convert vmaps into a hash file by running:

sudo postmap /etc/postfix/vmaps

Remember to execute the above command every time when you add new map.

Restart Postfix to make changes effect.

sudo  /etc/init.d/postfix restart

My exmaple config look like the following

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $myhostname
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
home_mailbox = Maildir/
virtual_mailbox_domains = /etc/postfix/vhosts
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = hash:/etc/postfix/valias
recipient_delimiter = +
inet_interfaces = all

Test Virtual Mailbox Setup

Remember that the directory structure for a particular user is create when you send he gets his firs mail.

Send a mail for info@fossedu.org.

In a terminal you can type:

mail info@fossedu.org

Check the mailbox

cd /home/vmail/fossedu.org/info/Maildir/new
ls

You see a mail file there. If so, Cheers!!!, you have done it.

Yet another howto by: ChinthakaDeshapriya.