I have started getting more involved with servers etc lately and wanted to setup a pure webserver, but realised that i would need a sendmail type facility, I came across the below link which is pretty nifty and sorted me out with having SMTP without pop / imap.
In most cases Sendmail is the default MTA (Mail Transfer Agent) for many systems (like with CentOS), it can however be hard to configure or maintain (although it has improved over the last years).
I myself prefer to use postfix for various reasons.
Postfix describes itself as “Postfix attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.”
Postfix can be easily installed and configured, just follow the steps ahead.
First, before we install Postfix, we need to make sure all the DNS is in place.
It’s important that the DNS for your mail server’s host, resolves back to itself. Resolving a host is often used by systems to calculate the SPAM probability of the mail they receive (when it doesn’t resolve back).
An example of properly setup DNS:
[CaliMonk@DYV001 ~]$ nslookup mail.labcoding.com
Non-authoritative answer:
Name: mail.labcoding.com
Address: 123.123.123.123
[CaliMonk@DYV001 ~]$ nslookup 123.123.123.123
Non-authoritative answer:
123.123.123.123.in-addr.arpa name = mail.labcoding.com.
Setup the DNS for mail.yourdomain.com, to point towards an IP address you’ve picked (Doesn’t matter if it’s with your registrar, in a zonefile, etcetera).
mail.mydomain.com IN A 123.123.123.123
Make sure to setup the REVERSE DNS if you can.
TIP
If you need to bind the ‘extra’ IP address to your server, just create an alias of eth0 for instance:
$ sudo cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:0
$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0:0
$ sudo ifup eth0:0
Install Postfix
Use the power of YUM, install the postfix RPM.
$ sudo yum install postfix
Edit the configuration file for postfix:
$ sudo vi /etc/postfix/main.cf
Be sure to at least configure the following:
* the fully-qualified server name (mail.mydomain.com):
myhostname = mail.mydomain.com
* the path of the primary domain (mydomain.com):
mydomain = mydomain.com
* the path of the fully-qualified domain (mail.mydomain.com) or the path of the primary domain (mydomain..com):
myorigin = $myhostname
# or
myorigin = $mydomain
Make sure postfix starts when your server reboots and make sure sendmail doesn’t! Also, time to start Postfix!
$ sudo /etc/init.d/sendmail stop
$ sudo /sbin/chkconfig sendmail off
$ sudo /sbin/chkconfig postfix on
$ sudo /etc/init.d/postfix start
Your server should be running postfix by now!
Now, to make testing bit easier edit /etc/aliases and change root (All the way down, don’t forget to remove the #) to an external address with for instance gmail.com.
$ sudo vi /etc/aliases
$ sudo newaliases
Setup SPF records
SPF is strongly recommended to use if you want to increase the chance that the mail send from your mailserver will actually arrive at the location you send it. If you don’t plan to use this mailserver for sending outgoing mail, then skip this part.
SPF is the Sender Policy Framework, you can use a SPF tool to create the appropriate SPF record for your domain.
Once you’ve got your SPF record created, you need to add it to the DNS of your domain as a TXT record.
MX Record
Don’t forget to change the MX record for your domain to your new mailserver address, mail.mydomain.com!
All set!
Your mailserver is now fully working and should accept mail for your aliases. I won’t discuss setting up antivirus, antispam and things like that yet, perhaps in a future post.
Testing the server
$ telnet mail.mydomain.com 25
response: Trying 123.123.123.123…
Connected to mail.mydomain.com
Escape character is ‘^]’.
220 mail.mydomain.tld ESMTP Postfix
(Connected to mail.mydomain.tld identified by ESMTP postfix)
HELO test.com
250 remotehost.domain.com
mail.mydomain.tld responds by saying hello back to remotehost.domain.com by doing a reverse dns lookup. This helps prevent host spoofing (which is exactly what SPF helps with!).
MAIL FROM:my@test.com
250 ok
The server responds that the email address my@test.com is acceptable and issues an ok.
RCPT TO:mylocaluser@localhost
250 ok
The server recognizes mylocaluser as a valid system user. If the recipient does not exist, the server would issue a user unknown response.
DATA
glkdsjglsdgsd
gsd
gsd
gds
ds
bye bye!
.
250 Ok: queued as AEE1242
Now, fire up your browser and login to the gmail account you setup, you should have a new mail (NOT in your SPAM folder). Open it and click “Show original”. Below you can see my test (with some hosts changed) which demonstrates that Google uses SPF.
Delivered-To: calimonk@gmail.com
Received: by 10.143.159.14 with SMTP id l14cs19361wfo;
Fri, 25 Jan 2008 10:23:13 -0800 (PST)
Received: by 10.100.123.4 with SMTP id v4mr1962852anc.55.1201285392842;
Fri, 25 Jan 2008 10:23:12 -0800 (PST)
Return-Path: <mytest@mydomain.com>
Received: from mail.mydomain.com ([123.123.123.123])
by mx.google.com with ESMTP id d25si4941327nfh.33.2008.01.25.10.23.11;
Fri, 25 Jan 2008 10:23:12 -0800 (PST)
Received-SPF: pass (google.com: domain of mytest@mydomain.com designates 123.123.123.123 as permitted sender) client-ip=123.132.123.132;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of mytest@mydomain.com designates 123.123.123.123 as permitted sender) smtp.mail=mytest@mydomain.com
Received: by mail.mydomain.com (Postfix)
id 7643DF4435E; Fri, 25 Jan 2008 19:23:11 +0100 (CET)
Delivered-To: mytest@mydomain.com
Received: from mail.mydomain.com (unknown [123.123.123.123])
by mail.mydomain.com (Postfix) with SMTP id 466B0F4435D
for <mytest@mydomain.com>; Fri, 25 Jan 2008 19:22:56 +0100 (CET)
Message-Id: <20080125182304.466B0F4435D@mail.mydomain.com>
Date: Fri, 25 Jan 2008 19:22:56 +0100 (CET)
From: mytest@mydomain.com
To: undisclosed-recipients:;
glkdsjglsdgsd
gsd
gsd
gds
ds
bye bye!
It’s as simple as that!
Comments