This is an old revision of the document!
Configure A System To Forward All Email To A Central Mail Server
General Information
Configuring postfix.
On the exam, you will be provided all the information of an already configured central SMTP server.
You will be expected to configure a null client only. (server that forwards mail but does not receive any)
Null Client Setup
THIS IS ON THE EXAM: A mail null client forwards local email. It does not receive any mail from network sources.
Install required package
yum install postfix
Enable and start the postfix service
systemctl enable postfix
systemctl start postfix
Edit the main configuration
vim /etc/postfix/main.cf ## Set the origin (where mail came from) to the domain variable myorigin = $mydomain # Relayhost to forward mail to # gmail for testing purposes; exam will provide an IP/hostname of a mail server to use relayhost = [smtp.gmail.com]:587 # Forward from loopback interfaces and networks only (local system) inet_interfaces = loopback-only mynetworks = 127.0.0.0/8 [::1]/128 # Configure destination as blank, because we aren't delivering mail locally (only forwarding outgoing) mydestination = # Prevent postfix from putting mail into mail boxes local_transport = error: local delivery disabled
NOT ON EXAM → Gmail specific: Add gmail settings to the main.cf file
vim /etc/postfix/main.cf #### Gmail specific settings - NOT ON THE EXAM #### smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous #### End of Gmail specific settings ####
NOT ON EXAM → Gmail specific: Config to sign into a secure SMTP
vim /etc/postfix/sasl_passwd [smtp.gmail.com]:587 username@gmail.com:password
- Replace username and password with actual gmail username and password.
NOT ON EXAM → Gmail specific: Set restrictive permissions on the sasl file
chown root:postfix /etc/postfix/sasl_passwd chmod 640 /etc/postfix/sasl_passwd
NOT ON EXAM → Gmail specific: Convert sasl file so postfix can use it
postmap /etc/postfix/sasl_passwd
Check postfix syntax
postfix check
Restart the service
systemctl restart postfix
Postfix Central Mail Server
THIS IS NOT ON THE EXAM: This section setups up a mail server to receive mail in order to test the null client configured previously.
From server2
Install postfix
yum install postfix
Enable and start postfix
systemctl enable postfix
systemctl start postfix
Open the firewall to receive SMTP
firewall-cmd --permanent --add-service=smtp firewall-cmd --reload
Edit the main configuration file
vim /etc/postfix/main.cf inet_interfaces = all inet_protocols = ipv4 mydestination = example.com, server2.example.com, server2
Restart the service
systemctl restart postfix
Null Client Testing
From server1.
Install a mail client (if not already installed)
yum install mailx
Send a test message
echo "This is the subject body" | mail -s "This is a postfix forward test" root@server2.example.com
Watch the mail log file for status messages
tail -f /var/log/maillog