General Information

Configuring postfix.

On the exam, you will be provided all the information of an already configured central SMTP server.

You will be expected to configure a null client only. (server that forwards mail but does not receive any)

THIS IS ON THE EXAM: A mail null client forwards local email. It does not receive any mail from network sources.

Install required package

yum install postfix

Enable and start the postfix service

systemctl enable postfix
systemctl start postfix

Edit the main configuration

vim /etc/postfix/main.cf
 
## Set the origin (where mail came from) to the domain variable
myorigin = $mydomain
 
# Relayhost to forward mail to
# gmail for testing purposes; exam will provide an IP/hostname of a mail server to use
relayhost = [smtp.gmail.com]:587
 
# Forward from loopback interfaces and networks only (local system)
inet_interfaces = loopback-only
mynetworks = 127.0.0.0/8 [::1]/128
 
# Configure destination as blank, because we aren't delivering mail locally (only forwarding outgoing)
mydestination = 
 
# Prevent postfix from putting mail into mail boxes
local_transport = error: local delivery disabled

NOT ON EXAM → Gmail specific: Add gmail settings to the main.cf file

vim /etc/postfix/main.cf
 
 
#### Gmail specific settings - NOT ON THE EXAM ####
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
#### End of Gmail specific settings ####

NOT ON EXAM → Gmail specific: Config to sign into a secure SMTP

vim /etc/postfix/sasl_passwd
 
[smtp.gmail.com]:587 username@gmail.com:password

• Replace username and password with actual gmail username and password.

NOT ON EXAM → Gmail specific: Set restrictive permissions on the sasl file

chown root:postfix /etc/postfix/sasl_passwd
chmod 640 /etc/postfix/sasl_passwd

NOT ON EXAM → Gmail specific: Convert sasl file so postfix can use it

postmap /etc/postfix/sasl_passwd

Check postfix syntax

postfix check

Restart the service

systemctl restart postfix

THIS IS NOT ON THE EXAM: This section setups up a mail server to receive mail in order to test the null client configured previously.

Install postfix

yum install postfix

Enable and start postfix

systemctl enable postfix
systemctl start postfix

Open the firewall to receive SMTP

firewall-cmd --permanent --add-service=smtp
firewall-cmd --reload

Edit the main configuration file

vim /etc/postfix/main.cf
 
inet_interfaces = all
inet_protocols = ipv4
mydestination = example.com, server2.example.com, server2

Restart the service

systemctl restart postfix

Install a mail client (if not already installed)

yum install mailx

Send a test message

echo "This is the subject body" | mail -s "This is a postfix forward test" username@gmail.com

Watch the mail log file for status messages

tail -f /var/log/maillog