Linux System Administration

Postfix: a Simple Transfer Protocol (SMTP) daemon

©2004 Ken Barber Some Rights Reserved This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. History of

● Originally designed to send messages between users on the same (multiuser) system

● Simple program mail used to send & receive

● User's mail resides in /var/spool/mail

– All messages in one single file; same name as user

– Known as mbox format

– Go look there now

● All of this is still with us today Email today: Three Agents

● Mail Transport Agent (MTA)

– Transports mail from one system to another – Examples: , Postfix, Qmail

● Mail Delivery Agent (MDA)

– Often included in MTA

● Mail User Agent (MUA)

– aka “”: , , kmail, outlook etc. How it all works Sendmail: the original MTA/MDA

● Like Cthulhu:

– An ancient daemon with tentacles coming out of its head – i.e., a Monster – Devours sysadmins & possibly small children too

● 80% of world's email transits Sendmail servers

● Don't use it unless you already know & love it

● Installed – and running – by default: 'nix needs an MTA to handle system messages The Sendmail replacement: Postfix

● 100% drop-in replacement for Sendmail

– /usr/sbin/sendmail renamed to sendmail.sendmail

– /usr/sbin/sendmail becomes a symlink to /etc/alternatives/mta

– /etc/alternatives/mta is a symlink to the REAL mail handler: /usr/sbin/postfix (or / usr/sbin/sendmail.sendmail)

● Postfix even handles system messages Configuring Postfix

● Run redhat-switch-mail

● Edit /etc/postfix/mail.cf

– By default, only listens to loopback

● inet_interfaces = all to enable incoming mail – Also possibly important:

● myhostname =

● mydomain =

● unknown_local_recipient_reject_code =

● Test config with postconf -n Mail troubleshooting tools

● Use mail to send a simple message to a user:

– mail -s subject username – Type a simple message, – CTRL-D at the beginning of a line to send & exit

● Look for it in /var/spool/mail/user

● postconf -n to test config file

● Look at /var/log/maillog for clues when something goes wrong Conclusion

● Many security issues not touched on here

– Don't set up an -facing mail server until you've sought them out and understand them

● procmail can be used as an MDA to process mail (e.g., filter spam) before delivery

can be used to grab mail from POP servers, then feed to postfix/procmail

for web-based user interface