Postfix is a very popular open source Mail Transfer Agent (MTA) that can be used to route and deliver email on a Linux system. It is estimated that around 25% of public mail servers on the internet run Postfix.
In this guide, we’ll teach you how to get up and running quickly with Postfix on an Ubuntu 14.04 server.
In order to follow this guide, you should have a Fully Qualified Domain Name pointed at your Ubuntu 14.04 server. You can find help on setting up your domain name with DigitalOcean by clicking here.
The installation process of Postfix on Ubuntu 14.04 is easy because the software is in Ubuntu’s default package repositories.
Since this is our first operation with apt
in this session, we’re going to update our local package index and then install the Postfix package:
sudo apt-get update
sudo apt-get install postfix
You will be asked what type of mail configuration you want to have for your server. For our purposes, we’re going to choose “Internet Site” because the description is the best match for our server.
Next, you will be asked for the Fully Qualified Domain Name (FQDN) for your server. This is your full domain name (like example.com
). Technically, a FQDN is required to end with a dot, but Postfix does not need this. So we can just enter it like:
example.com
The software will now be configured using the settings you provided. This takes care of the installation, but we still have to configure other items that we were not prompted for during installation.
We are going to need to change some basic settings in the main Postfix configuration file.
Begin by opening this file with root privileges in your text editor:
sudo nano /etc/postfix/main.cf
First, we need to find the myhostname
parameter. During the configuration, the FQDN we selected was added to the mydestination
parameter, but myhostname
remained set to localhost
. We want to point this to our FQDN too:
<pre> myhostname = <span class=“highlight”>example.com</span> </pre>
If you would like to configuring mail to be forwarded to other domains or wish to deliver to addresses that don’t map 1-to-1 with system accounts, we can remove the alias_maps
parameter and replace it with virtual_alias_maps
. We would then need to change the location of the hash to /etc/postfix/virtual
:
virtual_alias_maps = hash:/etc/postfix/virtual
As we said above, the mydestination
parameter has been modified with the FQDN you entered during installation. This parameter holds any domains that this installation of Postfix is going to be responsible for. It is configured for the FQDN and the localhost.
One important parameter to mention is the mynetworks
parameter. This defines the computers that are able to use this mail server. It should be set to local only (127.0.0.0/8
and the other representations). Modifying this to allow other hosts to use this is a huge vulnerability that can lead to extreme cases of spam.
To be clear, the line should be set like this. This should be set automatically, but double check the value in your file:
<pre> mynetworks = <span class=“highlight”>127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128</span> </pre>
We can configure additional email addresses by creating aliases. These aliases can be used to deliver mail to other user accounts on the system.
If you wish to utilize this functionality, make sure that you configured the virtual_alias_maps
directive like we demonstrated above. We will use this file to configure our address mappings. Create the file by typing:
sudo nano /etc/postfix/virtual
In this file, you can specify emails that you wish to create on the left-hand side, and username to deliver the mail to on the right-hand side, like this:
<pre> <span class=“highlight”>blah@example.com username1</span> </pre>
For our installation, we’re going to create a few email addresses and route them to some user accounts. We can also set up certain addresses to forward to multiple accounts by using a comma-separated list:
blah@example.com demouser
dinosaurs@example.com demouser
roar@example.com root
contact@example.com demouser,root
Save and close the file when you are finished.
Now, we can implement our mapping by calling this command:
sudo postmap /etc/postfix/virtual
Now, we can reload our service to read our changes:
sudo service postfix restart
You can test that your server can receive and route mail correctly by sending mail from your regular email address to one of your user accounts on the server or one of the aliases you set up.
Once you send an email to:
<pre> <span class=“highlight”>demouser</span>@<span class=“highlight”>your_server_domain.com</span> </pre>
You should get mail delivered to a file that matches the delivery username in /var/mail
. For instance, we could read this message by looking at this file:
nano /var/mail/demouser
This will contain all of the email messages, including the headers, in one big file. If you want to consume your email in a more friendly way, you might want to install a few helper programs:
sudo apt-get install mailutils
This will give you access to the mail
program that you can use to check your inbox:
mail
This will give you an interface to interact with your mail.
You should now have basic email functionality configured on your server.
It is important to secure your server and make sure that Postfix is not configured as an open relay. Mail servers are heavily targeted by attackers because they can send out massive amounts of spam email, so be sure to set up a firewall and implement other security measures to protect your server. You can learn about some security options here.
<div class=“author”>By Justin Ellingwood</div>
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
My mail just vanishes into thin air… I set up my server the way youdescribed, but sent mail never gets delivered.
What records Do I have to write in the dns? What servers do I have to write in outlook?
Thanks
Ok, I’ve done the installation, but I don’t get it working. I’ve checked that the installation , and is correct, so suspect that my problem comes with the DNS,
When i Ask for for the FQDN i get: hostname.domain.tld
But maybe I did it wrong the MX configuration. What should I write ? Here is my actual configuration: https://gist.github.com/merqurio/6cccbb09981ebe0c9743
Thanks for your help !!
Doesn’t work
@luizhrmello: How are you trying to send the message? Did you try:
<pre> echo “Subject: test” | /usr/lib/sendmail -v user@destination.com Example </pre>
Could you pastebin the contents of <code>/var/log/mail.err</code> and <code>/var/log/mail.log</code> ?
I’ve been trying to get my emails from the server to simply forward to my gmail.
So far I haven’t managed to see any incoming emails to the server (either forwarded or to a specified user)
But I have managed to get the server to send out an email using
I’ve spent a good many hours trying to just get something to break so I can try and see if there is an error anywhere, but unfortunately no luck on that front.
So anything on how I might get this working would be greatly appreciated :)
maybe this will help someone save time.
useradd --create-home -s /sbin/nologin contact; passwd contact. The /sbin/nologin option will prevent the user from logging in to your server from ssh.
sudo iptables -D INPUT -j DROP sudo iptables -A INPUT -p tcp --dport 25 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 465 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 587 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 143 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 993 -j ACCEPT sudo iptables -A INPUT -j DROP
enjoy your new mail. next thing you want to do is configure it so it doesn’t end up in the spam folder of gmail.
(search for ) -> Check your SPF record (first google answer) :)
This tutorial does work, however it fails to mention that you must open your port that you are using (smtp is port 25), that may help some people that are not receiving mail.
Works great for me! Soon Server Admins won’t even have to learn anything… they’ll just follow D.O. tutorials :-p
hello i made all like the tutorial but can´t recieve mail, always get Mail Delivery Subsystem
The error that the other server returned was: 550 5.1.1 xxx@xxxxxx.com: Recipient address rejected: User unknown in local recipient table