Postfix, Mandrake GNU/Linux, and Home Computers

Back to homepage.

Changes

• [2004/10/13:rpg] A correspondent has kindly pointed out that the procmail configuration doesn't correspond to current Mandrake practice. A little additional investigation reveals that it's probably unnecessary. See details here.
• This file is currently somewhat out-of-date. I have received a number of extremely helpful suggestions and corrections from other users, to make them more appropriate to Mandrake 10, SuSE and some other platforms. Alas, I have not had the time to fully weave in these suggestions. I will try to do so as quickly as my other commitments permit. [2004/10/12:rpg]
• [2004/06/14:rpg] I have heard from one correspondent that s/he needed to modify these instructions to add
  mynetworks = gateway IP address
  to make things work with Mandrake 10. I have, as yet, been too lazy to upgrade myself to 10, so I'm not qualified to say whether or not this is right. My correspondent detected this by finding "relay denied" messages in his/her log. You might look for those and try this trick if you have problems.
• [2004/02/10:rpg] Added a note about adding a sender canonical address for root. This seems helpful in setup. Added note about setting up mydestination. Figured out how to send email to local hosts, and added instructions.
• [2003/07/27:rpg] Reed Lawson kindly pointed out that the aliases should be handled by postalias, not postmap. My mistake. Also added a new element to the Remaining Problems list.

Introduction and Purpose

Since Mandrake has exerted such efforts in improving the installation and desktop experiences for GNU/Linux (henceforth "Linux") users, it's a good solution for working at home.

Mandrake seems to have settled on postfix as the mail server of choice. I don't particularly want to get involved in the religious war about whether postfix, exim, qmail, or the venerable sendmail, is the right MTA. However, it is clear to me that postfix as supplied by Mandrake does not meet the needs of home office users such as me.

What we typically have is a dial-up, DSL, or cable link. We typically do not have a hostname and domain name that means anything to the rest of the world. We typically have an ISP with an SMTP server that will relay messages for us. In other words, we're typically not like even a small corporation with its own recognized domain name, etc.

If the above meets the description of your setup, read on, especially if you use Mandrake linux. Since it's so close, these directions will probably work on RedHat, but since RedHat seems more aligned with sendmail, they're probably not as useful to RedHat users. These will probably be near useless for people using Debian, Slackware, etc.

The postfix FAQ provides a wealth of information about configuring postfix, but doesn't seem to have a configuration that exactly aligns with what I'm describing here. Or at least it doesn't have that information all in one place. At any rate, if you can find the information in the FAQ, more power to you.

Configuring Postfix for a Home Setup

The Mandrake install of postfix comes with a bunch of configuration files, neatly installed in /etc/postfix. Most of the action will come in the main.cf file. Here are some things you'll need to change:

Virtual alias maps

These are needed if you wish to deliver some email to local addresses without going through your ISP's SMTP server. I believe that this is always the right thing to do. Why? Because your system will need to send email to addresses like "root", even if it doesn't need to send it to you (and it very well might; Unix systems have always assumed they'll have local mail delivery).

1. So, add the following line:
   virtual_alias_maps = hash:/etc/postfix/virtual
2. OK, what goes in /etc/postfix/virtual? A list of full addresses for short addresses that should be delivered locally:
   Here's what I have in mine:
   root root@localhost
postmaster postmaster@localhost
rpg rpg@localhost


   The first two should go in everyone's virtual alias file. The last is the name of my user account. You should add one such line for each user account on your computer. There might be just yours, or their might be your spouse's, coworkers, etc.

3. Run postmap /etc/postfix/virtual to create the map file, /etc/postfix/virtual.db.

The material I've covered above is also discussed in the postfix faq, under the heading Delivering some users locally while sending mail as user@domain.

Honestly, I have never been able to fully understand why I need aliases and virtual aliases, too. I'm sure if I were a real sysadmin sort of person, I would understand this. If anyone can explain this in words of O(1 syllable) that do not include RTFM (there are far too many M's to Fing R in one lifetime, thank you very much!), by all means send me an email and I will insert it here!

Canonical Addresses

One problem with not having a real DNS name is that mailers often check up on your validity as a sender. Also, I learned to my great sadness that without setting up a canonical address, your bounce messages go to /dev/null, meaning you can't even tell that email is not getting through. Setting up a canonical address for yourself means that when you send email, there's a valid path for bounce messages to come back, etc.

Here's what you need to do:

1. Set up main.cf to have canonical addresses. Add the following line to /etc/postfix/main.cf:
   sender_canonical_maps = hash:/etc/postfix/sender_canonical
2. Set up the table of canonical addresses. In the file /etc/postfix/sender_canonical, put a line like the following for each local user account:
   username ISP account name@ISP
   So, for example, I might have:
   rpg rpgoldman@bletcherous.isp.com
   Of course, the address you put here must be a valid email address for an account you read!
   New item: I find it's also helpful to add a sender address rewrite for root to be my personal email address as well:
   root rpgoldman@bletcherous.isp.com
   This helps me trap and debug cases where mail from root is leaking out of my network.
3. Run
   postmap /etc/postfix/sender_canonical
   to create the map file, /etc/postfix/sender_canonical.db.

Set up relaying

Now we need to make sure that email you send out will go to your ISP's SMTP server instead of going direct to the destination. Why not direct to the destination? Because the destination might notice that you're a fly-by-night emailer whose return path doesn't line up with the sending path, and reject your emails. So, add the following line to /etc/postfix/main.cf:
relayhost = ISP SMTP server
You'll have to get the ISP's SMTP server name from your ISP.

Set up your origin

Configure postfix to record your ISP as the origin of your emails. Put a line like this in /etc/postfix/main.cf:
myorigin = ISP
For me, the domain name of my ISP works (i.e., not the name of the SMTP server, but the domain it belongs to). If you don't do this, your own, bogus domain name will leak out on your emails, which is likely to be bad.

Set up mydestination

This tells postfix what sites to receive mail for. Right now the following line in /etc/postfix/main.cf seems to work:
mydestination = $myhostname, localhost.$mydomain, localhost
Note that if you don't have localhost in there naked (in addition to localhost.$mydomain, you'll get odd name-lookup errors in your logs, and your mail won't be delivered locally. I've done it!

Set up your domain name

For some reason, postfix hates it if you don't have a domain name. You'll get no end of warning messages. Unfortunately, of course, people with configurations like mine don't have domain names! Putting the following line in /etc/postfix/main.cf, seems to be benign, but only if you set myorigin as well!
mydomain = mydomain

Set up procmail as mailer

This seems to be automagically done for you by Mandrake's installation. Look for mailbox_command line in /etc/postfix/main.cf. Let me know if this is not true, please!

I suppose that there are some cases where you would not want to do this, but I can't think of any. I'm pretty sure any normal install of a linux distro would give you procmail.

Update [2004/10/13:rpg] This no longer seems to be the case with Mandrake 10. There is no such line in main.cf any longer.

For me, as for most of you, whether or not procmail handles your local mail is probably of little interest. If you have a setup like the one described at the head of this message, you are getting your mail from some other server, through POP, IMAP, or some such. For example, I get all of my "interesting" mail through fetchmail, and it's my fetchmail configuration that ensures that my email goes through procmail.

The "non-interesting" local mail will probably only be email sent to you by various system facilities (e.g., cron, Mandrake's msec security scanner, etc.), and email from other local hosts, if there are any other ones on your local network.

Delivering to local hosts

OK, if you're like me and you have multiple machines on your home LAN, you may want to collect email from a number of hosts onto one. For example, Mandrake's security tool will send emails to root. You might want to collect all those emails from your various ancillary machines onto one central workstation that you use every day.
This is very tricky, because it turns out that if you send email from a host, hostnames are not expanded using /etc/hosts. I don't know why, but this seems to be the case, as far as some fairly strenuous googling will reveal. Given that, if you have a machine named master, that you wish to send emails to from slave, then you need to make an /etc/postfix/transport file that has this:
master relay:[absolute ip address]
This transport file must duplicate entries from /etc/hosts, which is annoying, but seems to be absolutely necessary.
Then, you need to add this line to /etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
Remember to do postmap transport.

Set up essential aliases

1. The following line should be in your /etc/postfix/main.cf:
   alias_database = hash:/etc/postfix/aliases
   
2. Mandrake sets up lots of sensible aliases in /etc/postfix/aliases. As far as I can tell, all you have to do is add the following line so you get root's emails:
   root: my user account
   
3. Run
   postalias /etc/postfix/aliases

Start/restart postfix

Run
/etc/rc.d/init.d/postfix restart

Make sure postfix will start at boot

Use
chkconfig --list postfix
to make sure postfix will start when you boot. If it doesn't, use chkconfig or one of the zillion utilities (e.g., Mandrake control center) to change it so it does. You will probably want to turn this service on for run levels 3 (non-graphical) and 5 (X). I can never recall what 1, 2, and 4 are, so I leave them alone!

Types of tables

In the above, I have just assumed that the indexed tables used by postfix on your install (and mine) will be hash tables. This seems to work fine. However, the postfix FAQ says that one should

Specify dbm instead of hash if your system uses dbm files instead of db. To find out what map types Postfix supports, use the command postconf -m.

Well, I don't know about you, but on my system, postconf -m returns a list as long as my arm of map types postfix supports. I.e., knowing what types is supports is not enough to know what type you should use. I use hash and it seems to work (either postfix is using the table properly, or it's smart enough to just ignore it!). If anyone can provide a more principled answer to this issue, I'd be delighted to hear it.

Domain name

I'm not very happy with the bogon use of "mydomain" as a domain name (see Set up your domain name) but I haven't figured out a way to avoid this. If you have a better work-around, please let me know!

Local addresses are rewritten

With this setup, although email to local addresses like myuserid, root, etc. correctly get delivered locally. But, the addresses still get rewritten to myuserid@myisp.com, root@myisp.com. This is annoying and untidy, but not actually a bug, since the emails don't go to my ISP's SMTP sever. Still, I'd like to fix it. I'd appreciate any suggestions about how to do this.

In general, if you've spotted any howlers here, please drop me an email to let me know!