RSS

  • YouTube
  • LinkedIn
  • Google

Servidor de Email –; Part 4 ; Postfix 3

Share in your social media
  •  ;
  •  ;
  •  ;
  •  ;

Part 1 ; Configure main.cf file

This is the third part of the process of creating the mail server on a CentOS 7 and the first part of the Postfix configuration. If you came here by accident, better read one of the publications below first:

Part 1 ; Installation of packages

Part 2 ; Configuring MariaDB

Part 3 ; Dovecot configuration

Postfix is the most important part of our mail server. He will be responsible for talking with other MTAs for you to receive and send e-mail messages and so that it can be reached it is necessary that he be identifiable by the name of the server or your hostname.

Postfix requires using FQDN (Fully Qualified Domain Name). This is the full domain name along with the mail server name prefix. To know what the current name simply type server hostname without argument on the command line.

To change the name, run the command below stating the FQDN to be used. You should only do this if you are mounting a unique server, that will only be used as mail server. If you want to install a webserver, probably shouldn't do that.

main.cf

The main.cf file is the main file of the Postfix. It contains basic settings for the application. This installation it must be //etc/postfix/main.cf. Let's start setting for it. I won't go into the details of the settings is not change, because it would be too long and I don't even know in depth all of them. Would need to study the manual and for me particularly is not something very useful. As I already mentioned, If you set up a server super stout might be more advantage to use a paid service like Gmail.

myhostname ; If you used the step to change the host name you can maintain this attribute empty that it will use the host name from gethostname(). If the intention is to create a small e-mail service on an existing server and configured, better to use a different name. For example:

Don't forget that this domain must exist on your DNS setting. Later I will talk about the DNS settings.

mydomain ; Change this attribute for your domain. If you use more than one domain use your main

inet_protocols ; Indicates which protocols Postfix will use. If your server has IPv6 support, Uncomment the line inet_protocols = all, otherwise Uncomment the line inet_protocols = ipv4.

mynetworks_style ; This setting indicates which network can be marked as trusted. If you have a network with more servers can allow them to send email simply marking them as safe. In the case of a server only use host.

mynetworks ; Also related to the network you want to enable the use of reliably. Is an alternative to the previous attribute, When you configure a list of IPs, the range of IPs or even a file with IPs. This is useful when your server is part of a cloud for example, where the assigned IPv4 in DNS is different from the actual server and IPv4 is used NAT (as in Amazon's ECS2). During installation, file was created //etc/postfix/mynetworks that may contain some IPs detected to the server. I particularly prefer using this form and to do this simply uncomment the line mynetworks = $config _ directory/mynetworks or can be added as the line below.

The lists of aliases are not very important to the type of server that we are creating, because they refer to user created for use with the standard model of the postfix, that includes users and passwords he controlled. How we use virtual elements stored in database, These settings are not as important, But if you want to have non-virtual accounts (for example for use with system services that send messages directly) they will end up being used.

smtpd_banner ; This attribute sets the message which will be sent to who connect on the smtp service. You can customize this message as you want. The line below will send an output like 220 mail.meudominio.com ESMTP Postfix (3.3.3).

relayhost ; This setting is important when we want to have mail servers that use other domains to effect the delivery of the message. If only will have accounts for the same domain, She should stay with the default that is empty value. If you have more than one domain, it may be necessary to add $mydomain as the value. This configuration has a certain importance when they begin to receive many delivery errors and if it does, It's good to give a studied at documentation and test other configurations. Per hour, It is good to use as below:

The next entries are a series of configurations that are not present in the file initially. The idea of this tutorial is to create a mail server able to configure accounts and domains through a Web interface, which in our case will be the Postfixadmin and all settings will be stored in MariaDB database. From this point it is necessary to understand that when you use these attributes in the way I present, Postfix will only work correctly after the database configuration for the Postfix/Postfixadmin. It is essential to have completed Configuring MariaDB before.

smtpd_use_tls, smtpd_tls_auth_only, smtpd_tls_cert_file, smtpd_tls_key_file ; These attributes refer to the certificate to encrypt the connection. Remembering that we are creating a server will only support encrypted connections, to reduce attacks. You pose here the same inputs used in SSL configuration of the Dovecot or create a new self-signed key.

master.cf

The more complex file and not least Postfix configuration for our case is the master.cf. In our installation it must be //etc/postfix/master.cf. It's good that not only make the changes exactly as passed in this document but rather to understand what each element means.

It is possible to make changes in Postfix configuration through the command postconf but I'll use this mode to be able to clearly understand each attribute.

Note: I'm a fan of Vim editor, but nothing prevents to use any other as the nano, for example.

So let's open the master.cf file to edit the settings.

If you give a good read in the comments of this file (English only) will learn a lot about settings. It is a good practice to read these little handbooks.

When you open the master.cf file you will see the following configuration:

Descomente a linha “;submission; and some of the attributes that are under it. These attributes begin with white space followed by - o. These lines are used to overwrite the configuration variables that may have been defined in main.cf file. Pay close attention when you uncomment these lines: Do not remove the blanks to front, or so the Postfix will not recognize them as a continuation of the line Submission.

What we did was configure Postfix to create and use a service in daemon SMTP with the following options:

-the syslog_name = postfix/submission indica que as atividades estarão disponíveis sob o nome “;postfix/submission”; in the log file.

-the smtpd_tls_wrappermode = no indicates that it will not be used TLS Fallback for e-mail clients that don't support STARTTLS.

-the smtpd_tls_security_level = encrypt meaning that TLS will be used to strengthen the level of security forcing customers only to create secure connections.

-the smtpd_sasl_auth_enable = yes enables the use of SASL for authentication.

-the smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject Postfix uses this line to indicate what types of request will be accepted from customers


Share in your social media
  •  ;
  •  ;
  •  ;
  •  ;

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.