a mail server listens on port 25 or 587 for plaintext email and port 465 for SSL encrypted connections THEREFORE clients must connect outbound on those ports (but many corporations/ISP's block outbound port 25 to prevent spamming)
sudo apt-get update sudo apt-get install postfix sudo dpkg-reconfigure postfix
Ok
Internet Site
NONE
serverhostname
serverhostname, localhost.localdomain, localhost
No
127.0.0.0/8, 192.168.0/24
Yes
0
+
ipv4
telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 postfix ESMTP serverhostname (Ubuntu)
HELO serverhostname
250 serverhostname
MAIL FROM:sender@domain.com 250 2.1.0 Ok
RCPT TO:recipient@domain.com
250 2.1.5 Ok
DATA
354 End data with
Subject: email subject This is an email via telnet.
.
250 2.0.0 Ok: queued as 4E7143FE1F QUIT 221 2.0.0 Bye
sudo tail /var/mail/nobody (or whatever username/mailbox has been setup) sudo tail /var/log/mail.log (to check for errors/info)
/etc/passwd postfix:x:73:73::/var/spool/postfix:/bin/false
/etc/group postdrop:x:75: postfix:x:73:
sudo nano /etc/postfix/main.cf
myhostname = mail.domainname.com (if left blank it uses gethostname() ) mydomain = nospam.net (if necessary, usually auto generated from myhostname) myorigin=example.com
inet_interfaces = localhost (change to all when ready for internet email) mynetworks_style = host (trust only the local machine - no relaying!) relay_domains = (blank ensures no open relay!) relayhost = (blank = send/receive direct on the internet, no smarthost)
sudo /etc/init.d/postfix start sudo postfix status
sudo yum install telnet telnet localhost 25
Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 mail.domain.com ESMTP Postfix
SMTP MAIL RELAY echo "smtp.example.com someuser:howtoforge" > /etc/postfix/sasl_passwd postmap /etc/postfix/sasl_passwd
vi /etc/postfix/main.cf
myhostname = server4
mydomain = example.com
myorigin = server4.example.com
smtpd_banner = $myhostname ESMTP $mail_name. biff = no append_dot_mydomain = no
alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = localhost.localdomain, localhost mynetworks = 192.168.1.0/24 127.0.0.0/8 mailbox_size_limit = 0 recipient_delimiter = +
inet_interfaces = all
relayhost = ssrs.reachmail.net:465 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous
smtp_tls_security_level = may
header_size_limit=4096000
default_destination_concurrency_limit = 4
soft_bounce = yes
sudo /etc/init.d/postfix restart
redirect everything to gmail
virtual_maps = regexp:/etc/postfix/virtual-regexp
rewrite the sender for ANY outbound
sudo vi /etc/postfix/main.cf sender_canonical_maps = static:noreply@example.org sudo /etc/init.d/postfix restart
rewrite the sender in specific cases
sudo vi /etc/postfix/main.cf sender_canonical_maps = hash:/etc/postfix/sender_canonical
sudo vi /etc/postfix/sender_canonical root@example.com noreply@example.org @example.com noreply@example.org
sudo postmap /etc/postfix/sender_canonical sudo /etc/init.d/postfix restart
For STARTTLS enabled SMTP try: openssl s_client -connect ssrs.reachmail.net:25 -crlf -no_ssl2 -starttls smtp
For SMTPS try: openssl s_client -connect ssrs.reachmail.net:465 -crlf -no_ssl2
http://www.howtoforge.com/postfix_relaying_through_another_mailserver http://sendgrid.com/docs/Integrate/Mail_Servers/postfix.html
NOT YET ABLE TO ACCESS IT VIA THE INTERNET... TO BE CONTINUED
Pipline config /etc/postfix/master.cf
/etc/mailname
myorigin=/etc/mailname
inet_interfaces = all mydestination = (no internet mail for local users) local_recipient_maps =
mynetworks_style = host (no relaying)
relay_domains = $mydestination (localhost) home_mailbox = Maildir/
masquerade_domains = mail.example.com www.example.com !sub.dyndomain.com
masquerade_exceptions = root
smtpd_banner = $myhostname ESMTP $mail_name
Virtual mail does not map to a /etc/passwd user account
virtual_mailbox_domains = virtualdomain.tld virtual_alias_maps = hash:/etc/postfix/virtual_alias, mysql:/etc/postfix/mysql_virtual_forwards.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf virtual_mailbox_base = /home/vmailer virtual_uid_maps = static:5003 virtual_gid_maps = static:5003 virtual_minimum_uid = 5003 virtual_mailbox_limit = 51200000
Ubuntu configuration utilities:
sudo postconf -e "home_mailbox = Maildir/" sudo postconf -e "mailbox_command = " (no Procmail!)
mxrecord configured to point to the static ip address
SECURITY
Requirements for the HELO statement
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
Requirements for the sender details
smtpd_sender_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
Requirements for the connecting server
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org
Requirement for the recipient address
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit smtpd_data_restrictions = reject_unauth_pipelining
require proper helo at connections
smtpd_helo_required = yes
waste spammers time before rejecting them
smtpd_delay_reject = yes disable_vrfy_command = yes
CHROOT?