RSS feedConfiguring Postfix means editing files, I’ll only note the settings that differ from the default settings. We will start by editing the ‘main.cf‘ configuration file located in the directory ‘/etc/postfix/‘ (before you start changing make a copy of the original file for safe keeping, which you should do always). Please note that only the difference from the default settings is documented:
main.cf
# The hostname is the hostname you get from your ISP.
# Don't take one from your virtual domains
myhostname = server.isp-domain.tld
# you can reduce to level 0 when every is working.
debug_peer_level = 2
#
# my additions for the virtual domain administration
# to use the MySQL database.
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:102
virtual_mailbox_base = /usr/local/virtual/
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 102
virtual_transport = virtual
virtual_uid_maps = static:102
#
# The settings for the SASL authentication using the autdaemon.
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_pw_server_security_options = noanonymous
#
# OPTIONAL PART
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_etrn_restrictions = reject
As a last step there are the new files that are to be created to accommodate the MySQL access for the user administration. The are to be created in the directory ‘/etc/postfix‘.
mysql_virtual_alias_maps.cf
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = 1
mysql_virtual_domains_maps.cf
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s'
mysql_virtual_mailbox_maps.cf
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = 1
Next step: Configuring Courier-auth to use MySQL
6:10 am
Can you post your database structure with some data?
7:55 am
The database structure can be found here
12:14 pm
I have a almost the config but it’s not working. Evry minute I have those 3 lines :
postfix/virtual[8902]: fatal: open dictionary: expecting “type:name” form instead of “#”
postfix/master[8890]: warning: process /usr/lib/postfix/virtual pid 8902 exit status 1
postfix/master[8890]: warning: /usr/lib/postfix/virtual: bad command startup — throttling
I check the cf files with postmap and they are ok.
I don’t know what’s wrong
8:14 pm
Hi Richard,
You cannot be praised enough for your informative site!
Now to my questions, I have two, completely unrelated ones:
1) from reading the comments in the main.cf file (not your comments, but the comments already present at installation) I understand that the unknown_local_recipient_reject_code is only relevant if local_recipient_maps is set. Which it is not by default. Did you mean to set that also? Or did I (probably, since I am not a server-expert) misunderstand something?
2) It seems unsafe to keep the postfix username and password in the three mysql_*.cf files created here. Is it?
8:31 pm
@marc,
1 - It doesn’t matter really, it works both ways.
2 - It looks like it, but regular users using your mailserver cannot login via the shell.