Configure outgoing mail server: Postfix

Postfix is our Message Transfer Agent or MTA, it is used by users to send mail, in other words, we will connect to our MTA to send an email; and between servers to deliver these e-mails. For example, we ( want to send an e-mail to our friend ( When we click send button, our mail client sends to our SMTP server (our MTA) all the information. Then, as soon as possible, tries to locate where can he send an email for (resolves domain, search MX servers, etc), when the destination is located, connect to that place and serve the e-mail. Then, it can happen several things: the e-mail is delivered correctly, maybe doesn’t respond (in this case, our MTA may try again later)… For example, if our friend canceled his account, will send us a new message explaining the e-mail couldn’t be delivered.

I’ll be using Ubuntu Server 12.04 for this guide, so commands like apt-get or sudo may not be used in your distribution, but the basis and configuration files are probably the same.

Let’s install postfix:

$ sudo apt-get install postfix

Maybe something become uninstalled (if you have another mta installed, even a dummy stmp server).

Make sure, user postfix belongs to group sasl (for identification), if not, then add it:

$ groups postfix
postfix : postfix
cloud@ubuntu:/run/cyrus$ sudo gpasswd -a postfix sasl
Adding user postfix to group sasl

Let’s edit some configuration files, starting with /etc/postfix/ (I won’t put the whole configuration file, just the important lines with the changes in bold:

smtpd_recipient_restrictions= permit_sasl_authenticated,
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost

mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp
virtual_transport = lmtp:unix:/var/run/cyrus/socket/lmtp

virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_alias_maps = hash:/etc/postfix/valias
virtual_mailbox_domains = /etc/postfix/vhosts

Now I will explain these lines:

  • smtp_sasl_auth_enable=no : The SMTP client won’t authenticate when connecting to other server.
  • smtpd_sasl_auth_enable=yes : Enable sasl auth for a user connecting to us.
  • smtp_recipient_restrictions : Restrictions applied to smtpd
  • smtpd_sasl_security_options=noanonymous : Reject anonymous connections.
  • myhostname : The host name where this server is.
  • mailbox_transport / virtual_transport : How can we communicate with the mailboxes
  • virtual_mailbox_maps : Associates in a map virtual mailboxes and addresses
  • virtual_alias_maps : Creates email aliases.
  • virtual_mailbox_domains : Virtual domains used in mailboxes


smtp      inet  n       -       n       -       -       smtpd
lmtp      unix  -       -       n       -       -       lmtp

It’s to disable chrooting for smtp / lmtp (it’s a bit more secure to enable it, but first we will keep it simple).

Let’s create our virtual domain list (a file with one domain per line): /etc/postfix/vhosts

Then, associate the e-mail with the mailbox (from the Cyrus example). We will also create two aliases for this address:



Then, these files must become maps files, so:

$ sudo postmap /etc/postfix/vmailbox

$ sudo postmap /etc/postfix/valias

Now, create the file /etc/postfix/sasl/smtpd.conf for user authentication and put this content into:

pwcheck_method: saslauthd

These can be compared to sasl_pwcheck_method and sasl_mech_list of Cyrus configuration, they mean the same: the way we’re going to authenticate users and the mechanism sasl will use for that purpose.

Now, restart the server

$ sudo service postfix restart

Now, if we set up this new server in our mail client, we will be able to send e-mails to any internet address (if we cannot receive these mails, may be due to spam filters). Let’s try to send e-mails to any of the alias from internal addresses, you can also set up MX registers of your domain to start sending and receiving e-mails.

Leave a Reply

Your email address will not be published. Required fields are marked *