Postfix master.cf config
Edit /etc/postfix/master.cf and look for the smtp line. (Normally at the top) and add " -v" to the end of the line. This makes the smtp service verbose (useful for troubleshooting.) Don't forget to remove it when everything is up and running as I will not remind you at the end of this guide. It should look like this:
# # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd -v #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # #maildrop unix - n n - - pipe # flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # ==================================================================== # # Recent Cyrus versions can use the existing "lmtp" master.cf entry. # # Specify in cyrus.conf: # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 # # Specify in main.cf one or more of the following: # mailbox_transport = lmtp:inet:localhost # virtual_transport = lmtp:inet:localhost # # ==================================================================== # # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - n n - - pipe # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # Old example of delivery via Cyrus. # #old-cyrus unix - n n - - pipe # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # #uucp unix - n n - - pipe # flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # #ifmail unix - n n - - pipe # flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) #bsmtp unix - n n - - pipe # flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient #scalemail-backend unix - n n - 2 pipe # flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} #dovecot unix - n n - - pipe # flags=DRhu user=vmail argv=/usr/lib/dovecot/deliver -d ${recipient} dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} #smtp-amavis unix - - y - 2 smtp # -o smtp_data_done_timeout=1200 # -o disable_dns_lookups=yes # -o smtp_send_xforward_command=yes # -o max_use=20 lmtp-amavis unix - - y - 2 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters -o local_header_rewrite_clients=
Postfix main.cf config
Edit /etc/postfix/main.cf and make it look like mine, changing the obvious stuff like domain name etc. Also be aware, that any line starting with a space is assumed to be a part of the previous line. I will also not be explaining what each line of the config means because this is clearly documented on the postfix website. Paste any line you're unsure about into a search engine and RTFM.
myhostname = mail.uplinkzero.com mydomain = uplinkzero.com # Custom quirkiness I use on all my builds :P mail_name = Farm Yard Mail mail_version = 111.111 content_filter = lmtp-amavis:[127.0.0.1]:10024 mail_owner = postfix default_privs = nobody inet_interfaces = all inet_protocols = all mynetworks_style = host mynetworks = 127.0.0.0/8 alias_maps = $virtual_alias_maps local_recipient_maps = $virtual_alias_maps $virtual_mailbox_maps unix:passwd.byname unknown_local_recipient_reject_code = 450 in_flow_delay = 1s recipient_delimiter = + #home_mailbox = Maildir/ #mail_spool_directory = /var/spool/mail smtpd_banner = $myhostname ESMTP $mail_name version $mail_version #debugger_command = # PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin # xxgdb $daemon_directory/$process_name $process_id & sleep 5 setgid_group = postdrop # Not really needed html_directory = /usr/share/doc/packages/postfix/html manpage_directory = /usr/share/man sample_directory = /usr/share/doc/packages/postfix/samples readme_directory = /usr/share/doc/packages/postfix/README_FILES # Turn of local new mail notifications. biff = no # Restric message size to 34MB (matches Gmail) message_size_limit = 35651584 smtpd_sasl_local_domain = proxy:mysql:/etc/postfix/mysql_virtual_domain_maps.cf smtpd_sasl_auth_enable = yes smtpd_sasl2_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes # We'll use dovecot for SASL authentication, it's easier. smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth # Dovecot for local system delivery mailbox_command = /usr/lib/dovecot/deliver # Subscription required for DNSBL b.barracudacentral.org # warn_if_reject == Next restriction will only warn, not reject. # reject_unknown_reverse_client_hostname == Reject if no reverse DNS record. smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated sleep 1, reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_rbl_client combined.njabl.org reject_rbl_client cbl.abuseat.org reject_rbl_client vbl.messagelabs.com reject_rbl_client b.barracudacentral.org reject_rbl_client bl.spamcop.net reject_rbl_client relays.mail-abuse.org reject_rbl_client blacklist.junkemailfilter.com reject_rbl_client rbl-plus.mail-abuse.org reject_rbl_client combined.rbl.msrbl.net reject_unknown_reverse_client_hostname smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_helo_hostname smtpd_sender_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_pipelining reject_unknown_sender_domain reject_non_fqdn_sender smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_auth_destination permit_mx_backup reject_unlisted_recipient reject_non_fqdn_recipient reject_unauth_destination # check_policy_service unix:private/policy smtpd_data_restrictions = reject_unauth_pipelining smtpd_etrn_restrictions = reject smtpd_helo_required = yes disable_vrfy_command = yes smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/ssl/mail.uplinkzero.com.key smtpd_tls_cert_file = /etc/ssl/mail.uplinkzero.com.signed.crt smtpd_tls_CAfile = /etc/ssl/startcom.sub.class1.server.ca.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom show_user_unknown_table_name = no transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transport_maps.cf relay_transport = proxy:mysql:/etc/postfix/mysql_virtual_transport_maps.cf # relay_recipient_maps = # transport_maps = hash:/etc/postfix/transport # relay_domains = $virtual_mailbox_domains # relay_domains = lists.uplinkzero.com # transport_maps = hash:/etc/postfix/transport mailman_destination_recipient_limit = 1 virtual_mailbox_base = /var/vmail virtual_minimum_uid = 5000 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_transport = dovecot virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf #virtual alias domains must not be the same as virtual mailbox domains #virtual_alias_domains = proxy:mysql:/etc/postfix/mysql_virtual_domain_maps.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domain_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf # set the domain you'll be testing from. # All email from this domain will be logged at debug level. # Remember to turn off afterwards. debug_peer_list = example.net
Postfix MySQL config
In the above config we've set postfix to use mysql for certain lookups, namely virtual domains, aliases and mailboxes. We now need to configure those SQL queries. http://www.postfix.org/mysql_table.5.html
/etc/postfix/mysql_virtual_transport_maps.cf
# mysql_virtual_transport_maps.cf user = vmail_u password = choose_a_password hosts = localhost dbname = vmail query = SELECT transport FROM postfix_domains WHERE domain='%d' AND active='1'
/etc/postfix/mysql_virtual_alias_maps.cf
# mysql_virtual_alias_maps.cf user = vmail_u password = choose_a_password hosts = localhost dbname = vmail query = SELECT goto FROM postfix_aliases WHERE address='%s' AND active='1' #expansion_limit = 100
/etc/postfix/mysql_virtual_domain_maps.cf
# mysql_virtual_domains_maps.cf: user = vmail_u password = choose_a_password hosts = localhost dbname = vmail query = SELECT domain FROM postfix_domains WHERE domain='%d' AND transport='virtual' AND backupmx='0' AND active='1'
/etc/postfix/mysql_virtual_mailbox_maps.cf
# mysql_virtual_mailbox_maps.cf user = vmail_u password = choose_a_password hosts = localhost dbname = vmail query = SELECT maildir FROM postfix_mailboxes WHERE email='%s' AND active = '1' #expansion_limit = 100
