Postfix: The Definitive Guide

Book description

Postfix is a Mail Transfer Agent (MTA): software that mail servers use to route email. Postfix is highly respected by experts for its secure design and tremendous reliability. And new users like it because it's so simple to configure. In fact, Postfix has been adopted as the default MTA on Mac OS X. It is also compatible with sendmail, so that existing scripts and programs continue to work seamlesslyafter it is installed.Postfix was written by well-known security expert Wietse Venema, who reviewed this book intensively during its entire development. Author Kyle Dent covers a wide range of Postfix tasks, from virtual hosting to controls for unsolicited commercial email.While basic configuration of Postfix is easy, every site has unique needs that call for a certain amount of study. This book, with careful background explanations and generous examples, eases readers from the basic configuration to the full power of Postfix. It discusses the Postfix interfaces to various tools that round out a fully scalable and highly secure email system. These tools include POP, IMAP, LDAP, MySQL, Simple Authentication and Security Layer (SASL), and Transport Layer Security (TLS, an upgrade of SSL). A reference section for Postfix configuration parameters and an installation guide are included.Topics include:

  • Basic installation and configuration
  • DNS configuration for email
  • Working with POP/IMAP servers
  • Hosting multiple domains (virtual hosting)
  • Mailing lists
  • Handling unsolicited email (spam blocking)
  • Security through SASL and TLS
From compiling and installing Postfix to troubleshooting, Postfix: The Definitive Guide offers system administrators and anyone who deals with Postfix an all-in-one, comprehensive tutorial and reference to this MTA.

Publisher resources

View/Submit Errata

Table of contents

  1. Foreword
  2. Preface
    1. Audience
    2. Organization
    3. Conventions Used in This Book
    4. Comments and Questions
    5. Acknowledgments
  3. 1. Introduction
    1. 1.1. Postfix Origins and Philosophy
    2. 1.2. Email and the Internet
      1. 1.2.1. Email Components
      2. 1.2.2. Major Email Protocols
        1. 1.2.2.1. SMTP and email submission
        2. 1.2.2.2. POP/IMAP and mailbox access
    3. 1.3. The Role of Postfix
    4. 1.4. Postfix Security
      1. 1.4.1. Modular Design
      2. 1.4.2. Shells and Processes
      3. 1.4.3. Security by Design
    5. 1.5. Additional Information and How to Obtain Postfix
  4. 2. Prerequisites
    1. 2.1. Unix Topics
      1. 2.1.1. Login Names and UID Numbers
      2. 2.1.2. Pseudo-Accounts
      3. 2.1.3. Standard Input/Standard Output
      4. 2.1.4. The Superuser
      5. 2.1.5. Command Prompts
      6. 2.1.6. Long Lines
      7. 2.1.7. ManPages
    2. 2.2. Email Topics
      1. 2.2.1. RFCs
      2. 2.2.2. Email Agents
      3. 2.2.3. The Postmaster
      4. 2.2.4. Reject or Bounce
      5. 2.2.5. Envelope Addresses and Message Headers
      6. 2.2.6. Local Parts of Email Addresses
      7. 2.2.7. Email Message Format
        1. 2.2.7.1. RFC 2822 messages
      8. 2.2.8. The SMTP Protocol
  5. 3. Postfix Architecture
    1. 3.1. Postfix Components
    2. 3.2. How Messages Enter the Postfix System
      1. 3.2.1. Local Email Submission
      2. 3.2.2. Email from the Network
      3. 3.2.3. Postfix Email Notifications
      4. 3.2.4. Email Forwarding
    3. 3.3. The Postfix Queue
    4. 3.4. Mail Delivery
      1. 3.4.1. Local Delivery
      2. 3.4.2. Virtual Alias Messages
      3. 3.4.3. Virtual Mailbox Messages
      4. 3.4.4. Relay Messages
      5. 3.4.5. Other Messages
      6. 3.4.6. Other Delivery Agents
        1. 3.4.6.1. Delivery via LMTP
        2. 3.4.6.2. Pipe delivery
    5. 3.5. Tracing a Message Through Postfix
  6. 4. General Configuration and Administration
    1. 4.1. Starting Postfix the First Time
    2. 4.2. Configuration Files
      1. 4.2.1. The main.cf Configuration File
        1. 4.2.1.1. Line continuation
        2. 4.2.1.2. Configuration variables
        3. 4.2.1.3. Multiple values
      2. 4.2.2. Lookup Tables
        1. 4.2.2.1. Lookup table format
        2. 4.2.2.2. Database formats
        3. 4.2.2.3. Search order
        4. 4.2.2.4. Lookup tables and simple lists
        5. 4.2.2.5. Regular expression tables
      3. 4.2.3. Other Formats
      4. 4.2.4. Alias Files
        1. 4.2.4.1. Locating aliases
        2. 4.2.4.2. Building alias database files
        3. 4.2.4.3. Alias file format
        4. 4.2.4.4. Alias restrictions
        5. 4.2.4.5. Important aliases
    3. 4.3. Important Configuration Considerations
      1. 4.3.1. Configuring Your MTA Identity
        1. 4.3.1.1. myhostname and mydomain
        2. 4.3.1.2. myorigin
        3. 4.3.1.3. mydestination
      2. 4.3.2. Relay Control
        1. 4.3.2.1. Restricting relay access
        2. 4.3.2.2. SMTP authentication
        3. 4.3.2.3. Dynamic IP solutions
        4. 4.3.2.4. Certificate authentication
    4. 4.4. Administration
      1. 4.4.1. Logging
      2. 4.4.2. Starting, Stopping, and Reloading Postfix
      3. 4.4.3. Running Postfix at System Startup
        1. 4.4.3.1. Do it yourself
      4. 4.4.4. Queue Management
    5. 4.5. master.cf
    6. 4.6. Receiving Limits
    7. 4.7. Rewriting Addresses
      1. 4.7.1. Canonical Addresses
      2. 4.7.2. Masquerading Hostnames
      3. 4.7.3. Relocated Users
      4. 4.7.4. Unknown Users
    8. 4.8. chroot
    9. 4.9. Documentation
  7. 5. Queue Management
    1. 5.1. How qmgr Works
      1. 5.1.1. Deferred Mail
      2. 5.1.2. Queue Scheduling
      3. 5.1.3. Message Delivery
      4. 5.1.4. Corrupt Messages
      5. 5.1.5. Error Notifications
    2. 5.2. Queue Tools
      1. 5.2.1. Listing the Queue
      2. 5.2.2. Deleting Messages
      3. 5.2.3. Holding Messages
      4. 5.2.4. Requeuing Messages
      5. 5.2.5. Displaying Messages
      6. 5.2.6. Flushing Messages
  8. 6. Email and DNS
    1. 6.1. DNS Overview
    2. 6.2. Email Routing
    3. 6.3. Postfix and DNS
      1. 6.3.1. DNS and Sending Mail
        1. 6.3.1.1. Configuration options
        2. 6.3.1.2. Reverse PTR records
      2. 6.3.2. DNS and Receiving Mail
    4. 6.4. Common Problems
  9. 7. Local Delivery and POP/IMAP
    1. 7.1. Postfix Delivery Transports
    2. 7.2. Message Store Formats
      1. 7.2.1. The Mbox Format
      2. 7.2.2. The Maildir Format
      3. 7.2.3. Mbox Versus Maildir
    3. 7.3. Local Delivery
      1. 7.3.1. .forward Files
      2. 7.3.2. Alias Deliveries
      3. 7.3.3. Mailbox Delivery
    4. 7.4. POP and IMAP
      1. 7.4.1. POP Versus IMAP
      2. 7.4.2. Postfix and POP/IMAP Servers
    5. 7.5. Local Mail Transfer Protocol
      1. 7.5.1. Postfix and Cyrus IMAP
      2. 7.5.2. A Postfix and Cyrus IMAP Example
  10. 8. Hosting Multiple Domains
    1. 8.1. Shared Domains with System Accounts
    2. 8.2. Separate Domains with System Accounts
    3. 8.3. Separate Domains with Virtual Accounts
      1. 8.3.1. Mailbox File Ownership
      2. 8.3.2. Virtual Aliases
      3. 8.3.3. Catchall Addresses
        1. 8.3.3.1. Virtual mailbox catchall
        2. 8.3.3.2. Virtual alias catchall
    4. 8.4. Separate Message Store
    5. 8.5. Delivery to Commands
      1. 8.5.1. Configuring a Virtual Auto-Responder
      2. 8.5.2. Configuring a Virtual Mailing List Manager
  11. 9. Mail Relaying
    1. 9.1. Backup MX
      1. 9.1.1. Relay Recipients
      2. 9.1.2. Fast Flushing
    2. 9.2. Transport Maps
      1. 9.2.1. Postponing Mail Delivery
        1. 9.2.1.1. Deferring mail relay
        2. 9.2.1.2. Deferring delivery
    3. 9.3. Inbound Mail Gateway
    4. 9.4. Outbound Mail Relay
    5. 9.5. UUCP, Fax, and Other Deliveries
  12. 10. Mailing Lists
    1. 10.1. Simple Mailing Lists
      1. 10.1.1. Mailing-List Owners
      2. 10.1.2. Separate List Files
      3. 10.1.3. Additional Alias Files
      4. 10.1.4. Creating a Simple Mailing List
      5. 10.1.5. Testing Your List
    2. 10.2. Mailing-List Managers
      1. 10.2.1. Majordomo
        1. 10.2.1.1. Creating a Majordomo list
        2. 10.2.1.2. Potential problems
      2. 10.2.2. Mailman
        1. 10.2.2.1. Creating a Mailman list
  13. 11. Blocking Unsolicited Bulk Email
    1. 11.1. The Nature of Spam
    2. 11.2. The Problem of Spam
    3. 11.3. Open Relays
    4. 11.4. Spam Detection
      1. 11.4.1. Client-Based Spam Detection
        1. 11.4.1.1. DNS-based blacklists
      2. 11.4.2. Content-Based Spam Detection
      3. 11.4.3. Detection Difficulties
    5. 11.5. Anti-Spam Actions
    6. 11.6. Postfix Configuration
    7. 11.7. Client-Detection Rules
      1. 11.7.1. The SMTP Conversation (Briefly)
      2. 11.7.2. Listing Restrictions
        1. 11.7.2.1. How restrictions work
        2. 11.7.2.2. Testing new restrictions
        3. 11.7.2.3. A simple example
      3. 11.7.3. Restriction Definitions
        1. 11.7.3.1. Access maps
        2. 11.7.3.2. Other client-checking restrictions
        3. 11.7.3.3. Strict syntax restrictions
        4. 11.7.3.4. DNS restrictions
        5. 11.7.3.5. Real-time blacklists
        6. 11.7.3.6. Generic restrictions
      4. 11.7.4. Tracing a Restriction List
    8. 11.8. Strict Syntax Parameters
    9. 11.9. Content-Checking
      1. 11.9.1. Content Checking Configuration
      2. 11.9.2. Content Checking Actions
      3. 11.9.3. Comparing Patterns
    10. 11.10. Customized Restriction Classes
      1. 11.10.1. Sample Restriction Classes
    11. 11.11. Postfix Anti-Spam Example
  14. 12. SASL Authentication
    1. 12.1. SASL Overview
      1. 12.1.1. Choosing an Authentication Mechanism
      2. 12.1.2. Choosing an Authentication Framework
    2. 12.2. Postfix and SASL
    3. 12.3. Configuring Postfix for SASL
      1. 12.3.1. Specifying a Framework
        1. 12.3.1.1. Unix passwords
        2. 12.3.1.2. SASL passwords
      2. 12.3.2. Configuring Postfix
        1. 12.3.2.1. Enabling SASL
        2. 12.3.2.2. Preventing sender spoofing
        3. 12.3.2.3. Permitting authenticated users
        4. 12.3.2.4. Specifying mechanisms
      3. 12.3.3. Configuration Summary
    4. 12.4. Testing Your Authentication Configuration
    5. 12.5. SMTP Client Authentication
      1. 12.5.1. Procedure to Enable SMTP Client Authentication
  15. 13. Transport Layer Security
    1. 13.1. Postfix and TLS
    2. 13.2. TLS Certificates
      1. 13.2.1. Becoming a CA
      2. 13.2.2. Generating Server Certificates
      3. 13.2.3. Installing CA Certificates
      4. 13.2.4. Postfix/TLS Configuration
      5. 13.2.5. Postfix/TLS Configuration Summary
      6. 13.2.6. Requiring Client-Side Certificates
        1. 13.2.6.1. Creating client certificates
        2. 13.2.6.2. Configuring client-side certificate authentication
      7. 13.2.7. Configuring TLS/SMTP Client
  16. 14. Content Filtering
    1. 14.1. Command-Based Filtering
      1. 14.1.1. Configuration
    2. 14.2. Daemon-Based Filtering
      1. 14.2.1. Configuration
        1. 14.2.1.1. Creating a pseudoaccount
        2. 14.2.1.2. Installing a content filter
        3. 14.2.1.3. Configuring additional Postfix components
        4. 14.2.1.4. Turning on filtering
      2. 14.2.2. Daemon-Based Filter Example
    3. 14.3. Other Considerations
  17. 15. External Databases
    1. 15.1. MySQL
      1. 15.1.1. MySQL Configuration
        1. 15.1.1.1. MySQL parameters
      2. 15.1.2. MySQL Example
        1. 15.1.2.1. Configuring local_recipient_maps
        2. 15.1.2.2. Configuring alias_maps
        3. 15.1.2.3. Configuring virtual domains
    2. 15.2. LDAP
      1. 15.2.1. LDAP Configuration
      2. 15.2.2. LDAP Example
        1. 15.2.2.1. Configuring local_recipient_maps
        2. 15.2.2.2. Configuring transport_maps
  18. A. Configuration Parameters
    1. A.1. Postfix Parameter Reference
  19. B. Postfix Commands
  20. C. Compiling and Installing Postfix
    1. C.1. Obtaining Postfix
    2. C.2. Postfix Compiling Primer
      1. C.2.1. Compiler Options
      2. C.2.2. Linker Options
    3. C.3. Building Postfix
      1. C.3.1. Customizing Your Build
      2. C.3.2. Modifying Postfix Defaults
    4. C.4. Installation
      1. C.4.1. Upgrading
    5. C.5. Compiling Add-on Packages
      1. C.5.1. Cyrus SASL
      2. C.5.2. TLS
      3. C.5.3. MySQL
      4. C.5.4. LDAP
    6. C.6. Common Problems
      1. C.6.1. Compile Time
      2. C.6.2. Runtime
    7. C.7. Wrapping Things Up
  21. D. Frequently Asked Questions
  22. Index
  23. About the Author
  24. Colophon
  25. Copyright

Product information

  • Title: Postfix: The Definitive Guide
  • Author(s): Kyle D. Dent
  • Release date: December 2003
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9780596002121