Link Search Menu Expand Document

Postfix

Table of contents

Postfix with AWS Simple Email Service (SES)

Step 1

Check and change hostname

hostname -f 
    # outputs the name
vim /etc/hostname
    # change to anything you want
vim /etc/hosts
    # add `127.0.1.1 my-domain.com`, this will resolve `my-domain.com` within the server 
reboot

Step 2

Install and config mailutils

apt-get update
apt-get install mailutils
    # Select: Internet Site, then ok
    # System mail name: my-domain.com 
    # my-domain.com must be a verified domain name on AWS SES)
  • Config main.cf, run vim /etc/postfix/main.cf
relayhost = email-smtp.eu-west-2.amazonaws.com:587
    # you can get your email hostname on AWS by going to AWS's SES console
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
  • Go to AWS SES console again, download the SMTP credentials. You will see below samples:

      SMTP Username: AK***********56
      SMTP Password: BM**************************UV
    
  • Hash the credentials with sasl_passwd

      vim /etc/postfix/sasl/sasl_passwd
    

    Upon open add value in this format: email-smtp.eu-west-2.amazonaws.com:587 AK***********56:BM**************************UV

  • Postmap the hashed credentials

      postmap /etc/postfix/sasl/sasl_passwd
      chown root:root /etc/postfix/sasl/sasl_passwd.db
      chmod 600 /etc/postfix/sasl/sasl_passwd.db
      service postfix restart
    

Step 3

Send a test email from VM

  • Send a test email to an email that is verified on AWS SES console

Note: Once you moved out of SES sandbox, you will be able to send message to any email address.

echo "Test Postfix body text" | mail -s "test subject line" [email protected]

Step 4

Change sender’s name from Root to USER

  • By default, the sender will output as Root from [email protected], run below to change the sender’s name
getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1
    # outputs: root, the default sender name 
chfn -f "USER" root
    # the break down syntax is: chfn -f "FirstName LastName" username
    # chfn: CHange First Name 

Step 5

Change sender’s email from [email protected] to [email protected]

vim /etc/postfix/main.cf
    # add: `smtp_generic_maps = hash:/etc/postfix/generic` 
vim /etc/postfix/generic
    # add: `[email protected] [email protected]`
postmap /etc/postfix/generic
systemctl restart postfix.service
    # done

AWS SES console setup

  1. verify domain
  2. verify email

    verify recipient email when you still in the sandbox

  3. smtp setting

    generate credential


Postfix with gmail

Check and change hostname

hostname -f
hostname my-domain.com
vim /etc/hostname
vim /etc/hosts
    # add `127.0.1.1 my-domain.com`
reboot 

Install postfix

apt-get update
apt-get install mailutils
    # ✓ Internet Site 
    # System mail name: my-domain.com
dpkg-reconfigure postfix
    # to `reconfigure`

Configure /etc/postfix/main.cf

vim /etc/postfix/main.cf
    # configure with below 
relayhost = [smtp.gmail.com]:587 
    # don't remove the brackets
    # Enables SASL authentication for postfix
smtp_sasl_auth_enable = yes
    # Disallow methods that allow anonymous authentication
smtp_sasl_security_options = noanonymous
    # Location of sasl_passwd we saved
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
    # Enable STARTTLS encryption for SMTP
smtp_tls_security_level = encrypt
    # Location of CA certificates for TLS
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Hash password with /etc/postfix/sasl/sasl_passwd

vim /etc/postfix/sasl/sasl_passwd
    # add below line to `sasl_passwd`
[smtp.gmail.com]:587 [email protected]:password
    # don't remove the brackets 
    # email address: change to the gmail address you want to receive
    # password: ******** (gmail account password)

Postmap gmail credentials

postmap /etc/postfix/sasl/sasl_passwd
    # this command is to hash the password, it generate `sasl_passwd.db`

Change permission to sasl_passwd.db

chown root:root /etc/postfix/sasl/sasl_passwd.db
chmod 600 /etc/postfix/sasl/sasl_passwd.db
service postfix restart

Allow gmail to receive email, go to Google Account dashboard

Send a test email

echo "Test Postfix body text" | mail -s "test subject line" [email protected]

change sender name

getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1
    # outputs default name: root
chfn -f "USER" root

Change sender address from [email protected] to [email protected]

vim /etc/postfix/main.cf
    # add: `smtp_generic_maps = hash:/etc/postfix/generic` 
vim /etc/postfix/generic
    # add: `[email protected] [email protected]`
postmap /etc/postfix/generic
systemctl restart postfix.service
    # done

Uninstall and remove

apt-get autoremove mailutils
apt-get autoremove --purge mailutils
apt-get autoremove postfix
apt-get purge postfix

Forwarding system mail

  1. Run vim /etc/aliases

         # See man 5 aliases for format
    postmaster:    root
    root:          [email protected]
    
  2. Run newaliases
  3. Send a test email
     echo "This is the body of the email" | mail -s "This is the subject line" root
    

Received emails

useradd -m -s /bin/bash mail-received
passwd mail-received 

Email location

vim /var/mail/root