Skip to main content

Postfix mail server

The Postfix Home Page is http://www.postfix.org/ and Wietse Zweitze Venema is the creator.

practicehabits.net is on Google's G Suite and everything has been great so far. My task is setting up a separate SMTP server for sending marketing emails ONLY.

Install and configure postfix, opendkim, and opendmarc on an existing Arch Linux VM running on CloudCone.

  • Install Postfix
  • Configure Postfix
  • Update SPF DNS text record
  • Install OpenDKIM
  • Configure OpenDKIM
  • Add new DKIM DNS text record
  • Install OpenDMARC
  • Configure OpenDMARC
  • Update DMARC DNS text record
  • Verify

Install Postfix

$ pacman -Sy postfix

Configure Postfix

Postfix configuration file: /etc/postfix/main.cf

[tuyen@1 ~]$ grep ^[^#] /etc/postfix/main.cf
compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/bin
daemon_directory = /usr/lib/postfix/bin
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mx1.practicehabits.net
mydomain = practicehabits.net
myorigin = $mydomain
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps


debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/bin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
non_smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
milter_default_action = accept
[tuyen@1 ~]$

Update SPF DNS text record

Add SMTP server's IP Address to existing SPF DNS text record.

v=spf1 ip4:173.82.212.40 include:_spf.google.com -all

Install OpenDKIM

$ sudo pacman -Sy opendkim

Configure OpenDKIM

$ sudo mkdir /run/opendkim
$ sudo chown opendkim:postfix /run/opendkim

Generate key pair for OpenDKIM

$ opendkim-genkey -r -s opendkim -b 2048 -d practicehabits.net

Using content in generated opendkim.txt file to create DKIM DNS text record

OpenDKIM configuration file: /etc/opendkim/opendkim.conf

[tuyen@1 ~]$ sudo grep ^[^#] /etc/opendkim/opendkim.conf
[sudo] password for tuyen:
Domain          practicehabits.net
KeyFile         /etc/opendkim/opendkim.private
Selector        opendkim
Socket          unix:/run/opendkim/opendkim.sock
Syslog          Yes
UMask           002
UserID opendkim:postfix
[tuyen@1 ~]$

Add new DKIM DNS text record

Create a new DNS txt record for newly created DKIM selector.

Install OpenDMARC

$ sudo pacman -Sy opendmarc

Configure OpenDMARC

$ sudo mkdir /run/opendmarc
$ sudo chown opendmarc:postfix /run/opendmarc

OpenDMARC configuration file: /etc/opendmarc/opendmarc.conf

[tuyen@1 ~]$ sudo grep ^[^#] /etc/opendmarc/opendmarc.conf
AuthservID HOSTNAME
IgnoreAuthenticatedClients true
Socket unix:/run/opendmarc/opendmarc.sock
SPFSelfValidate true
UMask 002
[tuyen@1 ~]$

Verify

echo "Test: setup postfix, opendkim, and opendmarc" | mail -s "Verify: postfix, opendkim, opendmarc" username@gmail.com

Labels

Labels:

Popular posts from this blog

Install Microsoft .NET Core SDK

.NET Core Software Development Kit (SDK) is a set of libraries and tools that allow developers to create .NET Core applications and libraries.
Read more

Google Credential Provider for Windows: Notes

Google Credential Provider for Windows® (GCPW) lets users sign in to Windows® devices with the Google Account they use for work. GCPW provides users with a single sign-on experience to Google services and all the security features available with their Google Account.
Read more

IIS: Delete cached files on server running IIS

Delete cached files on server running IIS When changing css, javascript files, check to delete if IIS still caches old files in the default folder C:\inetpub\temp\IIS Temporary Compressed Files\<sitename>\$^_gzip_D^\ Apply to: IIS 8.5
Read more