Skip to main content

Postfix mail server

The Postfix Home Page is http://www.postfix.org/ and Wietse Zweitze Venema is the creator.

practicehabits.net is on Google's G Suite and everything has been great so far. My task is setting up a separate SMTP server for sending marketing emails ONLY.

Install and configure postfix, opendkim, and opendmarc on an existing Arch Linux VM running on CloudCone.

  • Install Postfix
  • Configure Postfix
  • Update SPF DNS text record
  • Install OpenDKIM
  • Configure OpenDKIM
  • Add new DKIM DNS text record
  • Install OpenDMARC
  • Configure OpenDMARC
  • Update DMARC DNS text record
  • Verify

Install Postfix

$ pacman -Sy postfix

Configure Postfix

Postfix configuration file: /etc/postfix/main.cf

[tuyen@1 ~]$ grep ^[^#] /etc/postfix/main.cf
compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/bin
daemon_directory = /usr/lib/postfix/bin
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mx1.practicehabits.net
mydomain = practicehabits.net
myorigin = $mydomain
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps


debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/bin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
non_smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
milter_default_action = accept
[tuyen@1 ~]$

Update SPF DNS text record

Add SMTP server's IP Address to existing SPF DNS text record.

v=spf1 ip4:173.82.212.40 include:_spf.google.com -all

Install OpenDKIM

$ sudo pacman -Sy opendkim

Configure OpenDKIM

$ sudo mkdir /run/opendkim
$ sudo chown opendkim:postfix /run/opendkim

Generate key pair for OpenDKIM

$ opendkim-genkey -r -s opendkim -b 2048 -d practicehabits.net

Using content in generated opendkim.txt file to create DKIM DNS text record

OpenDKIM configuration file: /etc/opendkim/opendkim.conf

[tuyen@1 ~]$ sudo grep ^[^#] /etc/opendkim/opendkim.conf
[sudo] password for tuyen:
Domain          practicehabits.net
KeyFile         /etc/opendkim/opendkim.private
Selector        opendkim
Socket          unix:/run/opendkim/opendkim.sock
Syslog          Yes
UMask           002
UserID opendkim:postfix
[tuyen@1 ~]$

Add new DKIM DNS text record

Create a new DNS txt record for newly created DKIM selector.

Install OpenDMARC

$ sudo pacman -Sy opendmarc

Configure OpenDMARC

$ sudo mkdir /run/opendmarc
$ sudo chown opendmarc:postfix /run/opendmarc

OpenDMARC configuration file: /etc/opendmarc/opendmarc.conf

[tuyen@1 ~]$ sudo grep ^[^#] /etc/opendmarc/opendmarc.conf
AuthservID HOSTNAME
IgnoreAuthenticatedClients true
Socket unix:/run/opendmarc/opendmarc.sock
SPFSelfValidate true
UMask 002
[tuyen@1 ~]$

Verify

echo "Test: setup postfix, opendkim, and opendmarc" | mail -s "Verify: postfix, opendkim, opendmarc" username@gmail.com
Labels:

Popular posts from this blog

Install Microsoft .NET Core SDK

.NET Core Software Development Kit (SDK) is a set of libraries and tools that allow developers to create .NET Core applications and libraries.
Read more

Powershell: head and tail command

Use head or tail to skim the first or last 5 lines.
Read more

ManageEngine ServiceDesk Plus - Reset password

Let's reset the default administrator's password to 'admin'
Read more