Back

Postfix Email Server

HOW-TO setup an Email server with Postfix on Ubuntu 20.04

INTRO - OBJ

In this guide we will be setting up virtual MailBoxes (virtual users and virtual domains)
Local users will not have an account, and email will not go to local unix account (/etc/passwd)
Mail location /var/vmail/$domain/$user
each user will be unique to a domain (joe@blizblaze.com will not go to joe@blizblaze.info)
we will use lookup(hash) tables for user management, instad of databases for simplicity sake
Finally we will setup Dovecot IMAP with Thunderbird and Outlook
Once it's setup, secure it with SPF, DKIM, DMARC, also PTR records for our domain
also we will encrypt using TLS/SASL (LetsEncrypt)

BOOKs

Postfix: The Definitive Guide: A Secure and Easy-to-Use MTA for UNIX (1st Edition) W3Schools
The Book of Postfix: State-of-the-Art Message Transport (1st Edition)
Postfix (1st Edition)

DOCs

RED HAT doc
Postfix BASIC_CONFIGURATION_README
Postfix Virtual Domain Hosting Howto
Ubuntu Server Docs Mail - Postfix
Ubuntu Community Docs - Postfix
Let's Encrypt / Dovecot / Postfix / UFW firewall / Certbot

VIDs

Linux Mail Server Configuration Step by Step
[Ubuntu 20.04] Install & Setup Mail Server, IMAP/POP3 server and EMail Client
Debian mailserver with Postfix & Dovecot + Thunderbird demo

CONFIGs

--Prerequisites

00 Update

# update

01 Install postfix

# install postfix

02 Backup original config files

# cd /etc/postfix
# sudo cp main.cf main.cf.orig
# sudo cp master.cf master.cf.orig

--Create Virtual user mail linux account "vmail" and create home directory

# useradd -U -m -d /var/vmail -s /sbin/nologin -u 2000 vmail

--Create Virtual Mail Folder "/var/vmail"

# mkdir /var/vmail

--Change virtual mail folder ownership

# cd /var
# sudo chown
# sudo chmod

03 Configure PostFix

# sudo vim /etc/postfix/main.cf

#Banner that is displayed upon connection
smtpd_banner = $mail_name ESMTP

#Display onscreen notifications
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

#
readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on fresh installs.
compatibility_level = 3.6

# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_tls_security_level=may
#smtpd_sasl_type = dovecot
#
#smtp_tls_security_level=may
#smtp_tls_CApath=/etc/ssl/certs
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

## Use $users home dir for new mail (/home/username/Maildir)
#home_mailbox = Maildir/

## System Mail Store
mail_spool_directory = /var/mail/

## LMTP Dovecot handoff for MDA, mail store
#local_transport = lmtp

myhostname = mail.blizblaze.com
myorigin = /etc/mailname
mydestination = $myhostname, blizblaze.com, localhost.localdomain, localhost

relayhost =
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 52428800
recipient_delimiter = + .
inet_interfaces = all
inet_protocols = all
mynetworks = 127.0.0.0/8, 192.168.2.0/24, 24.179.17.105, [::ffff:127.0.0.0]/104, [::1]/128
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

#allow old ass clients to connect
broken_sasl_auth_clients = yes

#IF server is behind NAT/firewall or router aka does not have perminant external IP address
proxy_interfaces = 24.179.17.105

## file assigns displayed/outgoing email addresses
#canonical_maps = hash:/etc/postfix/canonical

## Map email addresses to local accounts
#virtual_alias_maps = hash:/etc/postfix/virtual_alias

## Virtual Domains (separate mailboxes)
#virtual_alias_domains = blizblaze.com, blizblaze.info

## Default /etc/passwd, all local recipients should be listed here to avoid accepting mail for unkown users
# local_recipient_maps =



Sender Policy Framework (SPF)

DKIM