Generic Postfix

From Bit Binary Wiki
Jump to: navigation, search
Warning: Use single quotes to stop shell expansion reading variables
postconf -e 'mydomain = example.com'
postconf -e 'myorigin = $mydomain'

Contents

mailbox_size_limit

Although we are not expecting to have local mail stored it's wise to set a limit in case.

postconf -e 'mailbox_size_limit = 52428800'

myhostname

If the system does not have a global DNS name (behind a NAT firewall for example) then one option is to use the MX record associated with the systems default gateway such as mail.example.com.

Tip: The reverse DNS of the gateway's hostname should match your MX record

Another option is to use the reverse DNS of the systems default gateway which will usually have an A record provided by your ISP.

You can discover the reverse DNS from the system with the command.

curl ifconfig.me/host

If your gateway has no reverse DNS you should consider creating one and as per the above tip make it match the A record.

Then set myhostname:

For example to use the reverse DNS...

postconf -e 'myhostname = ppp203-0-113-205.static.isp.net'

Or to use the MX associated with the default gateway.

postconf -e 'myhostname = mail.example.com'

smtpd_banner

Set smtpd_banner to use myhostname.

postconf -e 'smtpd_banner = $myhostname ESMTP'

smtp_generic_maps

postconf -e 'smtp_generic_maps = hash:/etc/postfix/generic'
postconf -e 'proxy_interfaces = 203.0.113.205'

Optionally set a relay host:

postconf -e 'relayhost = smtp.example.com'
echo "@hostname.example.com admin@example.com" > /etc/postfix/generic
postmap /etc/postfix/generic

/etc/aliases stolen from RHEL6

#
#  Aliases in this file will NOT be expanded in the header from
#  Mail, but WILL be visible over networks or from /bin/mail.
#
#      >>>>>>>>>>      The program "newaliases" must be run after
#      >> NOTE >>      this file is updated for any changes to
#      >>>>>>>>>>      show through to sendmail.
#

# Person who should get root's mail
root:          helpdesk@example.com

# Basic system aliases -- these MUST be present.
mailer-daemon: postmaster
postmaster:    root

# General redirections for pseudo accounts.
bin:           root
daemon:        root
adm:           root
lp:            root
sync:          root
shutdown:      root
halt:          root
mail:          root
news:          root
uucp:          root
operator:      root
games:         root
gopher:        root
ftp:           root
nobody:        root
radiusd:       root
nut:           root
dbus:          root
vcsa:          root
canna:         root
wnn:           root
rpm:           root
nscd:          root
pcap:          root
apache:        root
webalizer:     root
dovecot:       root
fax:           root
quagga:        root
radvd:         root
pvm:           root
amanda:        root
privoxy:       root
ident:         root
named:         root
xfs:           root
gdm:           root
mailnull:      root
postgres:      root
sshd:          root
smmsp:         root
postfix:       root
netdump:       root
ldap:          root
squid:         root
ntp:           root
mysql:         root
desktop:       root
rpcuser:       root
rpc:           root
nfsnobody:     root
backuppc:      root

ingres:        root
system:        root
toor:          root
manager:       root
dumper:        root
abuse:         root

newsadm:       news
newsadmin:     news
usenet:        news
ftpadm:        ftp
ftpadmin:      ftp
ftp-adm:       ftp
ftp-admin:     ftp
www:           webmaster
webmaster:     root
noc:           root
security:      root
hostmaster:    root
info:          postmaster
marketing:     postmaster
sales:         postmaster
support:       postmaster


# trap decode to catch security attacks
decode:        root
 
# Debian www-data user
www-data:      root

Run newaliases

newaliases
invoke-rc.d postfix restart
Personal tools