Configure Postfix to Send Only with Apache Virtual Host (multiple domains)

November 1, 2019 150 views
Apache

Hello,

I have Postfix working as Send-Only on Ubuntu 18.04 Apache Droplet single domain (no virtual host).

However, when I add virtual hosts I cannot get mail to send from each different domain; i.e. info@example.com vs. info@company.com

Can anyone help, or point me in the right direction to some resources?

Thanks!

1 Answer

Hello, @jason36a9a48576be848f90992

If you’ve installed postfix you can follow this step:

By default, Postfix allows you to use any domain name in the From header and return path address to send outgoing emails. If your server hosts multiple websites, you just need to create SPF DNS record for your other domains, which is very easy to do, and configure OpenDKIM for your other domains.

To configure OpenDKIM for other domains, you need to add the other domains in the signing table, key table and trusted hosts file.

Signing table:

*@example.com       sendonly._domainkey.example.com
*@example.net       sendonly._domainkey.example.net

Key table:

sendonly._domainkey.example.com     example.com:sendonly:/etc/opendkim/keys/example.com/sendonly.private
sendonly._domainkey.example.net     example.net:sendonly:/etc/opendkim/keys/example.net/sendonly.private

Trusted hosts:

127.0.0.1
localhost

*.example.com
*.example.net

Then generate Private/Public keypair by following these steps:

Generate Private/Public Keypair
We need to generate a private key to sign outgoing emails and a public key for receiving SMTP servers to verify the DKIM signature. Public key will be published in DNS.

Create a separate folder for the domain.

sudo mkdir /etc/opendkim/keys/example.com

Generate keys using opendkim-genkey tool.

sudo opendkim-genkey -b 2048 -d example.com -D /etc/opendkim/keys/example.com -s sendonly -v

The above command will create 2048 bits keys. -d (domain) specifies the domain. -D (directory) specifies the directory where the keys will be stored and we use sendonly as the selector (-s). Once the command is executed, the private key will be saved in sendonly.private and sendonly.txt will be the TXT record that contains public key.

Make opendkim as the owner of the private key.

sudo chown opendkim:opendkim /etc/opendkim/keys/example.com/sendonly.private

Add the Public Key in the DNS and then connect Postfix with OpenDKIM
Edit the OpenDKIM main configuration file.

sudo nano /etc/opendkim.conf

Find the following line:

Socket local:/var/run/opendkim/opendkim.sock

Replace it with the following line. (If you can’t find the above line, then add the following line.)

Socket local:/var/spool/postfix/opendkim/opendkim.sock

Create a directory to hold the OpenDKIM socket file and only allow opendkim user and postfix group to access it.

sudo mkdir /var/spool/postfix/opendkim
sudo chown opendkim:postfix /var/spool/postfix/opendkim

If you can find the following line in /etc/default/opendkim file.

SOCKET="local:/var/run/opendkim/opendkim.sock"

or

SOCKET=local:$RUNDIR/opendkim.sock

Change it to

SOCKET="local:/var/spool/postfix/opendkim/opendkim.sock"

After that, we need to edit Postfix main configuration file.

sudo nano /etc/postfix/main.cf

Add the following lines at the end of this file to connect Postfix with OpenDKIM.

# Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:/opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters

Save and close the file. Restart OpenDKIM and Postfix.

sudo systemctl restart opendkim postfix

OpenDKIM won’t produce any message if it fails to restart. Run the following command to check its status. Make sure it’s running.

systemctl status opendkim

same steps as mentioned above for other domains and add the DKIM public key in DNS. Restart OpenDKIM and you are done.

Hope this helps! Let me know if you have any questions.

Regards,
Alex

Have another answer? Share your knowledge.