Linux System Administration Postfix: a Simple Mail Transfer Protocol (SMTP) daemon ©2004 Ken Barber Some Rights Reserved This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. History of email ● Originally designed to send messages between users on the same (multiuser) system ● Simple program mail used to send & receive ● User's mail resides in /var/spool/mail – All messages in one single file; same name as user – Known as mbox format – Go look there now ● All of this is still with us today Email today: Three Agents ● Mail Transport Agent (MTA) – Transports mail from one system to another – Examples: Sendmail, Postfix, Qmail ● Mail Delivery Agent (MDA) – Often included in MTA ● Mail User Agent (MUA) – aka “email client”: pine, mutt, kmail, outlook etc. How it all works Sendmail: the original MTA/MDA ● Like Cthulhu: – An ancient daemon with tentacles coming out of its head – i.e., a Monster – Devours sysadmins & possibly small children too ● 80% of world's email transits Sendmail servers ● Don't use it unless you already know & love it ● Installed – and running – by default: 'nix needs an MTA to handle system messages The Sendmail replacement: Postfix ● 100% drop-in replacement for Sendmail – /usr/sbin/sendmail renamed to sendmail.sendmail – /usr/sbin/sendmail becomes a symlink to /etc/alternatives/mta – /etc/alternatives/mta is a symlink to the REAL mail handler: /usr/sbin/postfix (or / usr/sbin/sendmail.sendmail) ● Postfix even handles system messages Configuring Postfix ● Run redhat-switch-mail ● Edit /etc/postfix/mail.cf – By default, only listens to loopback ● inet_interfaces = all to enable incoming mail – Also possibly important: ● myhostname = ● mydomain = ● unknown_local_recipient_reject_code = ● Test config with postconf -n Mail troubleshooting tools ● Use mail to send a simple message to a user: – mail -s subject username – Type a simple message, – CTRL-D at the beginning of a line to send & exit ● Look for it in /var/spool/mail/user ● postconf -n to test config file ● Look at /var/log/maillog for clues when something goes wrong Conclusion ● Many security issues not touched on here – Don't set up an Internet-facing mail server until you've sought them out and understand them ● procmail can be used as an MDA to process mail (e.g., filter spam) before delivery ● fetchmail can be used to grab mail from POP servers, then feed to postfix/procmail ● squirrelmail for web-based user interface.