13.3. Configuring Postfix
Postfix is an alternative to sendmail that ships with most major Linux distributions, although many of them don't install it by default. If your distribution doesn't ship with Postfix but you want to try it, check the Postfix home page (http://www.postfix.org) for source code download links. You might be able to install a binary package intended for another distribution, but chances are you'll need to modify or replace the SysV startup scripts.
As with sendmail, configuring Postfix for your network requires understanding the main Postfix configuration files. You can then set the main Postfix options, including those relating to addressing, relaying, and spam control.
13.3.1. Postfix Configuration Files
Linux Postfix binary packages typically store configuration files in /etc/postfix. The main configuration file in this directory is main.cf, which controls the overall Postfix configuration. This file consists of comments, which are denoted by lines beginning with hash marks (#) and option lines of the form:
variable = value
The variable is typically a descriptive name, such as relayhost to set the hostname of another SMTP server that's to act as a mail relay. The value can be a hostname, IP address, filename, or other string. Sometimes a value can have multiple components, separated by commas. A value can also refer to an earlier variable by name: precede the earlier variable name by a dollar sign ($), as in myorigin = $mydomain to set the myorigin variable to be identical to mydomain.
The default main.cf file is extremely well commented, so you can learn a great deal about the configuration and how you can change it by reading the comments. Further information, including information on obscure options not mentioned in the default comments, can be found in the online Postfix documentation.
In addition to the main.cf file, Postfix relies on several other configuration files. Most of these are binary database file with filenames ending in .db. These files are similar in purpose to sendmail's database files; they control username aliases, relay host mapping, and so on. Like the sendmail files, the Postfix database files are generated from plain-text files that typically take the same name as the database file but without the .db extension. Some of these files are described in upcoming sections.
13.3.2. Postfix Address Options
The Postfix address options begin with setting the server's name. As with sendmail, Postfix uses gethostbyname( ) to determine the computer's hostname and sets the hostname it reports to other systems appropriately. You can override this feature by setting myhostname:
myhostname = smtp.pangaea.edu
Two related options are mydomain and myorigin. The first of these sets the server's Internet domain; it defaults to the value of $myhostname minus its first component, as in pangaea.edu if $myhostname is smtp.pangaea.edu. The myorigin variable sets the hostname that Postfix appends to email addresses that don't specify a hostname. The default value is $mydomain, but you can change this to $myhostname or any other value, as appropriate.
If you want to force outgoing mail to have a particular return hostname, you can use the masquerade_domains option. You pass a domain name to this option, and hostnames within that domain are stripped down to the domain portion. For instance, if you set this option to pangaea.edu, and a user sends mail that has a return address of email@example.com, Postfix changes the outgoing address to firstname.lastname@example.org. This can be a handy option for coping with clients that insist on adding their own hostnames to outgoing mail. Mail with return addresses outside of the pangaea.edu domain are unaffected by this line, though. The masquerade_classes option affects the precise parts of the mail that are affected. You can set this to one or more of envelope_sender (the sender in the mail envelope), header_sender (the sender in the mail header), and header_recipient (the recipient in the mail header, typically used to strip hostnames from incoming mail). Typically, one or both of the first two options is used.
Still more complete address rewriting can be accomplished with the help of a file called sender_canonical. You specify the use of this file with the sender_canonical_maps option in main.cf:
sender_canonical_maps = hash:/etc/postfix/sender_canonical
You then edit the sender_canonical file so that each line holds an original email address or address fragment followed by the address or matching fragment you want substituted:
FETCHMAIL-DAEMON@localhost email@example.com @mandragora.example.com @pangaea.edu
These lines tell Postfix to replace FETCHMAIL-DAEMON@localhost with firstname.lastname@example.org and to change any address at mandragora.example.com with the matching address at pangaea.edu. Once you've edited this file, type postmap sender_canonical. This command creates a sender_canonical.db file from the text-mode sender_canonical file.
When receiving mail, Postfix uses the mydestination variable to determine what addresses it's to treat as local. Mail addressed to any user at any of the $mydestination addresses is passed to local users; mail addressed to other addresses is relayed to that address, assuming relaying is authorized. You can set multiple hostnames for mydestination by separating them with commas, as in:
mydestination = $myhostname, localhost.$mydomain, mail.pangaea.edu
13.3.3. Postfix Relay Options
Most default Postfix configurations relay mail from the local network and deliver mail directly to the destination server without using an outgoing relay. Thus, if you want to fine-tune your relay configuration or use an outgoing mail relay system, you must adjust your Postfix configuration. You may also want to make changes if you want Postfix to deliver incoming mail to other servers, such as to Microsoft Exchange servers, using Postfix as a spam filter, mail sorter, or in some role other than the final destination system.
22.214.171.124 Configuring Postfix to relay mail
The default Postfix configuration relays mail under certain limited circumstances:
Overall, these defaults are laxer than those of sendmail. If you don't want your computer to relay mail at all, you should restrict these settings:
mynetworks = 127.0.0.0/8 relay_domains = smtp.pangaea.edu
The first line tells Postfix to relay only mail from the localhost address. The second sets the relay domain to the server's hostname (you should adjust it for your system, of course). A configuration that relays for some computers and networks, but not quite the default set, is also possible; for instance:
mynetworks = 127.0.0.0/8, 172.24.0.0/16, 192.168.24.0/24 relay_domains = $mydestination, pangaea.edu
This configuration tells Postfix to relay mail for two subnets by IP address, for the local domain ($mydestination), and for the pangaea.edu domain.
126.96.36.199 Configuring Postfix to use a relay
If Postfix should send mail through another computer as a relay, you should use the relayhost option to do the job. This option accepts a hostname as an option; Postfix sends mail through that system. Alternatively, you can provide a domain name if that domain's MX record points to an appropriate server. For instance, suppose you want to relay mail through relay.pangaea.edu:
relayhost = relay.pangaea.edu
If your local DNS server is unreliable or if you use non-DNS methods of local name resolution, you may want to include the disable_dns_lookups = yes option. Ordinarily, Postfix uses DNS in preference to other name resolution methods; disabling this causes Postfix to use whatever name resolution methods are defined locally, such as your /etc/hosts file.
188.8.131.52 Configuring Postfix to forward mail
Postfix, like sendmail, can serve as a system that forwards incoming mail to its final destination. (Figure 13-2 illustrates this configuration.) The most basic method of configuring such a system is to use what Postfix refers to as a transport map. You point to a file containing this map with the transport_maps option:
transport_maps = hash:/etc/postfix/transport
Such a line may already be present in your default configuration, so check for it before adding it. As with other Postfix references to outside databases, this one uses a text-mode file (/etc/postfix/transport) that's used to create a binary database with a similar name (/etc/postfix/transport.db). The plaintext file has a format that's similar to sendmail's mailertable. For instance, you can have Postfix deliver messages addressed to users in the subnet1.pangaea.edu subdomain to exchange1.pangaea.edu and use Procmail with the /etc/procmailrcs/exchange2 configuration file for addresses in the subnet2.pangaea.edu subdomain with a configuration like the following:
.subnet1.pangaea.edu smtp:exchange1.pangaea.edu subnet1.pangaea.edu smtp:exchange1.pangaea.edu .subnet2.pangaea.edu procmail:/etc/procmailrcs/exchange2 subnet2.pangaea.edu procmail:/etc/procmailrcs/exchange2
This configuration actually includes two lines for each subdomain. The lines with names that begin with dots (.subnet1.pangaea.edu and .subnet2.pangaea.edu) handle mail explicitly addressed to systems within the subdomain. The lines with names that lack leading dots handle mail addressed to the subdomain itself (such as email@example.com).