Skip to main content

Postfix mail server

The Postfix Home Page is http://www.postfix.org/ and Wietse Zweitze Venema is the creator.

practicehabits.net is on Google's G Suite and everything has been great so far. My task is setting up a separate SMTP server for sending marketing emails ONLY.

Install and configure postfix, opendkim, and opendmarc on an existing Arch Linux VM running on CloudCone.

  • Install Postfix
  • Configure Postfix
  • Update SPF DNS text record
  • Install OpenDKIM
  • Configure OpenDKIM
  • Add new DKIM DNS text record
  • Install OpenDMARC
  • Configure OpenDMARC
  • Update DMARC DNS text record
  • Verify

Install Postfix

$ pacman -Sy postfix

Configure Postfix

Postfix configuration file: /etc/postfix/main.cf

[tuyen@1 ~]$ grep ^[^#] /etc/postfix/main.cf
compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/bin
daemon_directory = /usr/lib/postfix/bin
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mx1.practicehabits.net
mydomain = practicehabits.net
myorigin = $mydomain
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps


debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/bin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
non_smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
milter_default_action = accept
[tuyen@1 ~]$

Update SPF DNS text record

Add SMTP server's IP Address to existing SPF DNS text record.

v=spf1 ip4:173.82.212.40 include:_spf.google.com -all

Install OpenDKIM

$ sudo pacman -Sy opendkim

Configure OpenDKIM

$ sudo mkdir /run/opendkim
$ sudo chown opendkim:postfix /run/opendkim

Generate key pair for OpenDKIM

$ opendkim-genkey -r -s opendkim -b 2048 -d practicehabits.net

Using content in generated opendkim.txt file to create DKIM DNS text record

OpenDKIM configuration file: /etc/opendkim/opendkim.conf

[tuyen@1 ~]$ sudo grep ^[^#] /etc/opendkim/opendkim.conf
[sudo] password for tuyen:
Domain          practicehabits.net
KeyFile         /etc/opendkim/opendkim.private
Selector        opendkim
Socket          unix:/run/opendkim/opendkim.sock
Syslog          Yes
UMask           002
UserID opendkim:postfix
[tuyen@1 ~]$

Add new DKIM DNS text record

Create a new DNS txt record for newly created DKIM selector.

Install OpenDMARC

$ sudo pacman -Sy opendmarc

Configure OpenDMARC

$ sudo mkdir /run/opendmarc
$ sudo chown opendmarc:postfix /run/opendmarc

OpenDMARC configuration file: /etc/opendmarc/opendmarc.conf

[tuyen@1 ~]$ sudo grep ^[^#] /etc/opendmarc/opendmarc.conf
AuthservID HOSTNAME
IgnoreAuthenticatedClients true
Socket unix:/run/opendmarc/opendmarc.sock
SPFSelfValidate true
UMask 002
[tuyen@1 ~]$

Verify

echo "Test: setup postfix, opendkim, and opendmarc" | mail -s "Verify: postfix, opendkim, opendmarc" username@gmail.com

Labels

Labels:

Popular posts from this blog

Microsoft Windows Server 2012 R2 Standard Evaluation Product Key

Microsoft Windows Server 2012 R2 Standard Evaluation D2N9P-3P6X9-2R39C-7RTCD-MDVJX DBGBW-NPF86-BJVTX-K3WKJ-MTB6V
Read more

Install Microsoft .NET Core SDK

.NET Core Software Development Kit (SDK) is a set of libraries and tools that allow developers to create .NET Core applications and libraries.
Read more

IBM Domino: How to enable HTTP Request logging in Domino

http://www-01.ibm.com/support/docview.wss?uid=swg21099151 Technote (FAQ) Question How do you enable HTTP request logging when using a Lotus® Domino® Web server? You want a record of all requests sent by Web browsers to the Domino server to use for troubleshooting. Answer Below is a short guide to turning on request logging that provides the basic logging level. More verbose logging can be enabled by following the instructions in  "Overview of HTTP Request Logs" (#7003598) . Important:  HTTP request logging should be used only for troubleshooting specific issues, and usually at the direction of and with assistance from IBM Support. Do not use request logging for other purposes, such as administrative reasons. Because these log files grow in size over time, you should not leave this setting enabled for long periods or you will exhaust the available drive space. To enable logging of HTTP requests for a Domino server for the current HTTP session only, enter the f...
Read more