Postfix
Table of contents
- Postfix with AWS Simple Email Service (SES)
- Postfix with gmail
- Check and change
hostname
- Install
postfix
- Configure
/etc/postfix/main.cf
- Hash password with
/etc/postfix/sasl/sasl_passwd
- Postmap gmail credentials
- Change permission to
sasl_passwd.db
- Allow gmail to receive email, go to Google Account dashboard
- Send a test email
- change sender name
- Change sender address from
[email protected]
to[email protected]
- Check and change
- Uninstall and remove
- Forwarding system mail
- Received emails
- Email location
Postfix with AWS Simple Email Service (SES)
Step 1
Check and change hostname
hostname -f
# outputs the name
vim /etc/hostname
# change to anything you want
vim /etc/hosts
# add `127.0.1.1 my-domain.com`, this will resolve `my-domain.com` within the server
reboot
Step 2
Install and config mailutils
apt-get update
apt-get install mailutils
# Select: Internet Site, then ok
# System mail name: my-domain.com
# my-domain.com must be a verified domain name on AWS SES)
- Config
main.cf
, runvim /etc/postfix/main.cf
relayhost = email-smtp.eu-west-2.amazonaws.com:587
# you can get your email hostname on AWS by going to AWS's SES console
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
-
Go to AWS SES console again, download the SMTP credentials. You will see below samples:
SMTP Username: AK***********56 SMTP Password: BM**************************UV
-
Hash the credentials with
sasl_passwd
vim /etc/postfix/sasl/sasl_passwd
Upon open add value in this format:
email-smtp.eu-west-2.amazonaws.com:587 AK***********56:BM**************************UV
-
Postmap the hashed credentials
postmap /etc/postfix/sasl/sasl_passwd chown root:root /etc/postfix/sasl/sasl_passwd.db chmod 600 /etc/postfix/sasl/sasl_passwd.db service postfix restart
Step 3
Send a test email from VM
- Send a test email to an email that is verified on AWS SES console
Note: Once you moved out of SES sandbox, you will be able to send message to any email address.
echo "Test Postfix body text" | mail -s "test subject line" [email protected]
Step 4
Change sender’s name from Root
to USER
- By default, the sender will output as
Root from [email protected]
, run below to change the sender’s name
getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1
# outputs: root, the default sender name
chfn -f "USER" root
# the break down syntax is: chfn -f "FirstName LastName" username
# chfn: CHange First Name
Step 5
Change sender’s email from [email protected]
to [email protected]
vim /etc/postfix/main.cf
# add: `smtp_generic_maps = hash:/etc/postfix/generic`
vim /etc/postfix/generic
# add: `[email protected] [email protected]`
postmap /etc/postfix/generic
systemctl restart postfix.service
# done
AWS SES console setup
- verify domain
- verify email
verify
recipient
email when you still in thesandbox
- smtp setting
generate credential
Postfix with gmail
Check and change hostname
hostname -f
hostname my-domain.com
vim /etc/hostname
vim /etc/hosts
# add `127.0.1.1 my-domain.com`
reboot
Install postfix
apt-get update
apt-get install mailutils
# ✓ Internet Site
# System mail name: my-domain.com
dpkg-reconfigure postfix
# to `reconfigure`
Configure /etc/postfix/main.cf
vim /etc/postfix/main.cf
# configure with below
relayhost = [smtp.gmail.com]:587
# don't remove the brackets
# Enables SASL authentication for postfix
smtp_sasl_auth_enable = yes
# Disallow methods that allow anonymous authentication
smtp_sasl_security_options = noanonymous
# Location of sasl_passwd we saved
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
# Enable STARTTLS encryption for SMTP
smtp_tls_security_level = encrypt
# Location of CA certificates for TLS
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
Hash password with /etc/postfix/sasl/sasl_passwd
vim /etc/postfix/sasl/sasl_passwd
# add below line to `sasl_passwd`
[smtp.gmail.com]:587 [email protected]:password
# don't remove the brackets
# email address: change to the gmail address you want to receive
# password: ******** (gmail account password)
Postmap gmail credentials
postmap /etc/postfix/sasl/sasl_passwd
# this command is to hash the password, it generate `sasl_passwd.db`
Change permission to sasl_passwd.db
chown root:root /etc/postfix/sasl/sasl_passwd.db
chmod 600 /etc/postfix/sasl/sasl_passwd.db
service postfix restart
Allow gmail to receive email, go to Google Account dashboard
- Look for allow less secured non-Google apps
toggle: on to allow less secured app access
Send a test email
echo "Test Postfix body text" | mail -s "test subject line" [email protected]
change sender name
getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1
# outputs default name: root
chfn -f "USER" root
Change sender address from [email protected]
to [email protected]
vim /etc/postfix/main.cf
# add: `smtp_generic_maps = hash:/etc/postfix/generic`
vim /etc/postfix/generic
# add: `[email protected] [email protected]`
postmap /etc/postfix/generic
systemctl restart postfix.service
# done
Uninstall and remove
apt-get autoremove mailutils
apt-get autoremove --purge mailutils
apt-get autoremove postfix
apt-get purge postfix
Forwarding system mail
-
Run
vim /etc/aliases
# See man 5 aliases for format postmaster: root root: [email protected]
- Run
newaliases
- Send a test email
echo "This is the body of the email" | mail -s "This is the subject line" root
Received emails
useradd -m -s /bin/bash mail-received
passwd mail-received
Email location
vim /var/mail/root