Postfix

Configuration
To see the currently configured options: postconf

Basic Relay
Relay all outbound email thorough this relay host:

/etc/postfix/main.cf: relayhost = smtp.yourisp.com

Source: Howto configure postfix to use a remote SMTP relay host

Other: RH: The Home User

Relay on another port
/etc/postfix/main.cf: transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport: oeey.com smtp:50.1.1.1:10025

Build hashmap: postmap transport

Authenticated Relay
/etc/postfix/main.cf: relayhost = 50.100.100.50 relay_domains = oeey.com smtp_sasl_auth_enable = yes smtp_sasl_mechanism_filter = smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_sasl_type = cyrus
 * 1) inet_interfaces = 127.0.0.1 50.1.1.2

/etc/postfix/sasl_passwd: 50.100.100.50   hsg-knowledgebase:h$g$!@#123

Build hashmap: postmap sasl_passwd

No worthy mechs found
If you get the following error: Jul 30 09:44:43 HSG-KB1 postfix/smtp[18240]: warning: SASL authentication failure: No worthy mechs found Jul 30 09:44:43 HSG-KB1 postfix/smtp[18240]: 3C479170051F: ... status=deferred (SASL authentication failed; cannot authenticate to server 50.100.100.50[50.100.100.50]: no mechanism available)

This means your postfix installation is missing the basic auth mechanisms:

try: yum install cyrus-sasl-plain # red hat apt-get install libsasl2-modules # debian

This will install several libraries to: /usr/lib/sasl2/

Outbound Alias
/etc/postfix/main.cf: smtp_generic_maps = hash:/etc/postfix/generic

echo 'root yourusername@yourdomain.com' >> /etc/postfix/generic echo 'www-data yourusername@yourdomain.com' >> /etc/postfix/generic postmap /etc/postfix/generic service postfix restart

Ref: email - Change outgoing mail address from root@servername - rackspace sendgrid postfix - Stack Overflow - https://stackoverflow.com/questions/14370224/change-outgoing-mail-address-from-rootservername-rackspace-sendgrid-postfix

Delete ALL Messages in Queue
Delete ALL Messages: postsuper -d ALL

Source: Dave Shuck's InstantSpot - How to delete all messages from Postfix mail server queue

Count Messages in Queue
mailq


 * 1) sudo find /var/spool/postfix/deferred/. ! -name '?' -print | wc -l

Drop ALL Outbound Mail
HOWTO: Postfix Drop Outbound External Mail:

"While testing an application, a user requested that I configure the mail server to only deliver to addresses within our company, but drop all mail sent outside. (We don’t want to accidentally bother customers.)

I was a little frustrated by this problem, but now I have a solution. The trick is to set up a transport map that leaves mail destined for our local domain as-is, but then drops everything else."

First, set up a transport file: mydomain.com     : .mydomain.com    : *         discard:
 * 1) cat transport

Map it:
 * 1) postmap transport

Configure transport_maps in main.cf: transport_maps = hash:/path/to/transport

Reload Postfix and send test messages. The discard service successfully “delivers” messages straight to the trash, like so: Sep 15 14:55:10 myhost postfix/discard[16189]: 6F0A22E04E: to=, relay=none, delay=0, status=sent (toldme.com)

Source dannyman.toldme.com : HOWTO: Postfix Drops Outbound External Mail

Deliver all mail to one box
Create /etc/postfix/virtual-regexp with the following content:

/.+@.+/ email@gmail.com

Edit /etc/postfix/main.cf and add regexp:/etc/postfix/virtual-regexp to the virtual_maps configuration. The end result might look like this in main.cf:

virtual_maps = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual-regexp

Build the mapfile by typing:

postmap /etc/postfix/virtual-regexp

This also requires a virtual.db to exist. If it doesn't create an empty file called virtual and run : postmap /etc/postfix/virtual

Source:
 * How to redirect all postfix emails to one external email address? - Server Fault - http://serverfault.com/questions/144325/how-to-redirect-all-postfix-emails-to-one-external-email-address

Config Include Directive
Q: Is there some kind of 'include' directive for main.cf? 

A: No. Most administrators with complex configurations create a Makefile that will cat the necessary files together. If you have other regular administrative tasks, add them to your Makefile too. Your Makefile can have an entry something like this:

main.cf: file1 file2 file3 cat file1 file2 file3 > main.cf.new mv main.cf.new main.cf

Then type make main.cf to rebuild your configuration file.

mail aliases
aliases - Postfix local alias database format

/etc/aliases: postmaster:   kenneth root:         kenneth plex:         kenneth, paul
 * 1) See man 5 aliases for format

---

newaliases - Initialize the alias database

newaliases

Cyrus
POP3 and IMAP server.

yum install cyrus-imapd cyrus-sasl-plain service cyrus-imapd restart

Config file: /etc/cyrus.conf

SERVICES { # add or remove based on preferences imap         cmd="imapd" listen="imap" prefork=5 imaps        cmd="imapd -s" listen="imaps" prefork=1 pop3         cmd="pop3d" listen="pop3" prefork=3 pop3s        cmd="pop3d -s" listen="pop3s" prefork=1 sieve        cmd="timsieved" listen="sieve" prefork=0 ...

Cyrus Issues
/var/log/maillog: badlogin: ws-202-73.oeey.net [216.119.202.73] PLAIN encryption needed to use mechanism

service saslauthd restart

Notes: Apr 7 17:39:09 ws-199-19 pop3[3903]: unable to open Berkeley db /etc/sasldb2: No such file or directory

> /var/log/maillog <
Apr 7 17:39:09 ws-199-19 pop3[3903]: accepted connection Apr 7 17:39:09 ws-199-19 master[3956]: about to exec /usr/lib/cyrus-imapd/pop3d Apr 7 17:39:09 ws-199-19 pop3[3956]: executed Apr 7 17:39:09 ws-199-19 pop3[3903]: badlogin: ws-202-73.oeey.net [216.119.202.73] APOP (<2253906216.1302219549@otrs.oeey.org>) SASL(-13): user not found: could not find password

> /var/log/messages <
Apr 7 17:39:57 ws-199-19 pop3[3903]: unable to open Berkeley db /etc/sasldb2: No such file or directory

> /var/log/maillog <
Apr 7 17:39:57 ws-199-19 pop3[3903]: badlogin: ws-202-73.oeey.net [216.119.202.73] APOP (<2253906216.1302219549@otrs.oeey.org>) SASL(-13): user not found: could not find password

saslpasswd2 -f /etc/sasldb2 -a root

> /var/log/messages <
Apr 7 17:45:02 ws-199-19 pop3[4243]: unable to open Berkeley db /etc/sasldb2: Permission denied

chmod 664 sasldb2

> /var/log/maillog <
Apr 7 17:45:38 ws-199-19 pop3[4243]: Unable to locate maildrop user.root: Mailbox does not exist

vi main.cf


 * 1) inet_interfaces = all
 * 2) inet_interfaces = $myhostname
 * 3) inet_interfaces = $myhostname, localhost
 * 4) inet_interfaces = localhost

Dovecot
POP3 and IMAP server

NOTE: Much easier to configure than cyrus!!

Installation: yum install dovecot service dovecot restart

Config File: /etc/dovecot.conf

root not permitted
Error:

> /var/log/maillog <
Apr 7 17:53:32 ws-199-19 dovecot: pop3-login: Disconnected: rip=::ffff:216.119.202.73, lip=::ffff:216.119.199.19 Apr 7 17:53:42 ws-199-19 dovecot: Logins with UID 0 not permitted (user root) Apr 7 17:53:42 ws-199-19 dovecot: pop3-login: Internal login failure: user=, method=PLAIN, rip=::ffff:216.119.202.73, lip=::ffff:216.119.199.19

Solution:
 * 1) Valid UID range for users, defaults to 500 and above. This is mostly
 * 2) to make sure that users can't log in as daemons or other system users.
 * 3) Note that denying root logins is hardcoded to dovecot binary and can't
 * 4) be done even if first_valid_uid is set to 0.
 * 5) first_valid_uid = 500
 * 6) last_valid_uid = 0

Note: that denying root logins is hardcoded to dovecot binary and can't be don

Ubuntu Internet Server with Smart Host

 * 1) main.cf


 * 1) See /usr/share/postfix/main.cf.dist for a commented, more complete version


 * 1) Debian specific:  Specifying a file name will cause the first
 * 2) line of that file to be used as the name.  The Debian default
 * 3) is /etc/mailname.
 * 4) myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no

append_dot_mydomain = no
 * 1) appending .domain is the MUA's job.


 * 1) Uncomment the next line to generate "delayed mail" warnings
 * 2) delay_warning_time = 4h

readme_directory = no

smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 * 1) TLS parameters


 * 1) See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
 * 2) information on enabling SSL in the smtp client.

myhostname = prf.oeey.us alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = prf.oeey.us, localhost.oeey.us, localhost relayhost = mx1.oeey.us mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all

Prime Server Old

 * 1) main.cf


 * 1) KENNETH'S CONFIGURATION
 * 1) KENNETH'S CONFIGURATION

myhostname = t0e.org
 * 1) Host name
 * 2) The myhostname parameter specifies the internet hostname of this mail system.

smtpd_banner = $myhostname ESMTP
 * 1) Banner
 * 2) default: smtpd_banner = $myhostname ESMTP $mail_name

home_mailbox = .mail/
 * 1) Mailbox style
 * 2) home_mailbox = Mailbox

mailbox_size_limit = 0
 * 1) Set mailbox size limit to unlimited

mydestination = $myhostname, localhost.$mydomain, localhost
 * 1) List of domains this is the final destination for (comma seperated)

mynetworks = 127.0.0.0/8, 10.10.10.0/24
 * 1) Authorized networks able to relay email (comma seperated)

inet_interfaces = all
 * 1) Listen on all interfaces for connections


 * 1) Virtual alias map table
 * 2) virtual_maps = hash:/etc/postfix/virtual


 * 1) SASL Auth Settings
 * 2) smtpd_sasl_auth_enable = yes
 * 3) smtpd_sasl_security_options = noanonymous
 * 4) smtpd_sasl_local_domain = $myhostname
 * 5) broken_sasl_auth_clients = yes
 * 6) smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination


 * 1) TLS
 * 2) smtpd_use_tls = yes
 * 3) smtpd_tls_cert_file = /etc/qa.contractpal.com.pem
 * 4) smtpd_tls_key_file = $smtpd_tls_dcert_file


 * 1) Outbound smtp relay (if needed)
 * 2) relayhost =


 * 1) Transport for relay
 * 2) transport_maps = hash:/etc/postfix/transport
 * 3) relayhost = smtp.gmail.com
 * 4) relay_domains = k.ttak.org
 * 5) smtp_sasl_auth_enable = yes
 * 6) smtp_sasl_mechanism_filter =
 * 7) smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 * 8) smtp_sasl_security_options =
 * 9) smtp_sasl_type = cyrus

virtual_maps = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual-regexp
 * 1) virtual_alias_maps = hash:/etc/postfix/virtual

transport t0e.org    : .t0e.org   :
 * discard:

virtual-regexp (postmap virtual-regexp) /.+@.+/    kenneth@t0e.org

sasl_passwd: (postmap sasl_passwd) smtp.gmail.com kenneth@oeey.com:password12