hostnamectl set-hostname fqdn.domain.tld
Install Required Packages sudo apt install postfix libsasl2-modules mailutils -y
Create Mailname Directory if not exist echo "domain.tld" | sudo tee /etc/mailname
sudo postfix check
Create Sender Canonical Rules sudo nano /etc/postfix/sender_canonical
# FQDN to Domain Name
@fqdn.domain.tld @domain.tld
# Catch-All Rules (Regular Expression)
/.+/ [email protected]
# Generate Sender Canonical Hash
sudo postmap /etc/postfix/sender_canonical
Changing the First & Last Name # Check which user is sending mail from server
getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1
# Update user information
sudo chfn -f "FirstName LastName" username
Create SMTP Relay Crediential File sudo nano /etc/postfix/sasl_passwd
# Generate Sasl Passwd Hash
sudo postmap /etc/postfix/sasl_passwd
# Update Password Hash & DB permission
sudo chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
sudo chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
# Backup Current Configuration File
cp /etc/postfix/main.cf /etc/postfix/main.cf.bak
# Edit Configuration File
sudo nano /etc/postfix/main.cf
# Basic Server Identification
myhostname = postfix.domain.tld
myorigin = domain.tld
mydomain = domain.tld
# These Destionation Will Use Internal Mailing Only
mydestination = $myhostname, localhost.$mydomain, localhost
# External Networks To Accept Relayed Mail From
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
# Relay Host This Mail Server Should Send Its Mail To
relayhost = [smtp.domain.tld]:587
# Protocol and Interface Configuration
# Interface To Listen On
inet_interfaces = loopback-only
# Internet Protocol Use
inet_protocols = all
# Mail Sending Restrictions
# Stop being Open Relay
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
# Aliases Configuration
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
# Canonical Mapping & Rewrite Sender Address
# Standard Hash Mapping
sender_canonical_maps = hash:/etc/postfix/sender_canonical
# Regular Expression based Hash Mapping
#sender_canonical_maps = regexp:/etc/postfix/sender_canonical
# Mail Content and Size Configuration
# Mailbox Size Limit
mailbox_size_limit = 0
# Limit Send Emails to 25 MB
message_size_limit = 4096000
# Notification & Delimiter
biff = no
recipient_delimiter = +
# Domain and Address Handling
# Specifies Domain That Appears in Mail That is Posted on/through This Machine
append_dot_mydomain = no
# Note: This is not a standard Postfix parameter and might be ignored
append_at_myorigin = yes
# Inbound Security and Authentication
# Clients Must Send A HELO/EHLO Command Beginning Of An SMTP Session.
smtpd_helo_required = yes
# SMTP Banner
smtpd_banner = $myhostname ESMTP - All Spam is Reported
# SMTPD TLS Certs
smtpd_use_tls= yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
# Outbound Security and Authentication
smtp_use_tls = yes
smtp_tls_security_level = encrypt
smtp_tls_note_starttls_offer = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# Enable SASL Authentication
smtp_sasl_auth_enable = yes
# Disallow Methods That Allow Anonymous Authentication
smtp_sasl_security_options = noanonymous
# Location of sasl_passwd
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# Additional Configuration
compatibility_level = 2
readme_directory = no
service postfix restart
journalctl -f -u postfix
# OR
tail -f /var/log/mail.log
echo "Test Postfix SMTP Broadcast from Linux VM" | mail -s "Postfix SMTP Configuration Check" [email protected]
