Installing Postfix on Debian 9 (Stretch)

Today we will install Postfix on Debian Stretch so we can send and receive mail to a relay server. Postfix is an open-source mail transfer agent (MTA) that routes and delivers email messages. Postfix is more commonly used these days so that has been my preferred one lately.

So why should you install a mail server? I get asked this question a lot and my answer is always the same, why not? Learning how a mail server works and the intricacies of the individual systems is a huge learning curve and a very marketable skill. Even just 10 years ago running a mail server was way more trivial than it is now. Anti spam technologies may had existed then but they were not nearly as widely used. Knowing how to setup and maintain a mail server will teach you many different skills because of the hurdles you have to overcome to get one running properly. Just having your mail go to a Gmail inbox without being flagged as spawn in itself is a feat.

Always my first step is to update apt.

Shell

Now we install Postfix and also mailutils.

Shell

Configuring Postfix

After postfix is installed you will run through a configuration with a few options. This first screen is basically wanting what type of site we are setting up, for this purpose we are setting up a relay server which is a smarthost.

Postfix Configuration Screen
Postfix Configuration Screen

The next screen will ask for your mail site name, ours is geekreef.com

Postfix Configuration Screen - Mail Name
Postfix Configuration Screen – Mail Name

The last screen will want our relay server (smarthost), which for demonstration purposes is going to be mail.external.com

Postfix Relay Host
Postfix Relay Host

This is our basic default main.cf we will go through.

Shell
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mob01
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = geekreef.com, mob01, localhost, localhost.localdomain, localhost
relayhost = mail.external.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

myhostname: The myorigin parameter specifies the domain that appears in mail that is posted on this machine.

mydestination: The mydestination parameter specifies what domains this machine will deliver locally, instead of forwarding to another machine.

inet_interfaces: Enable IPv4, and IPv6 if supported

relay_domains: By default, Postfix will forward mail from strangers. It is very important to get this setting right. In our case it is actually missing.

Continue Reading