Please read the previous part first
This article is the seventh in the "Building a Mail Server on Linux" series.
In the previous part, we covered how to integrate Dovecot with PostgreSQL to set up user authentication.
If you haven't checked it yet, I recommend reading it first.
👉 Previous Part: Dovecot's auth-sql.conf.ext Configuration and Password Hashing
Postfix Configuration File Structure
Postfix is an SMTP server responsible for mail delivery, using various configuration files to adjust its operation.
This article explains the configuration file structure and key roles of Postfix.
Main Postfix Configuration Files
| Filename | Role |
|---|---|
| /etc/postfix/main.cf | Main configuration file for Postfix (mail transmission, network settings, etc.) |
| /etc/postfix/master.cf | Manage Postfix services (SMTP, LMTP, SASL authentication, etc.) |
| /etc/postfix/virtual | Mapping of virtual users (domains) |
| /etc/postfix/aliases | Management of email aliases for system users |
| /etc/postfix/transport | Specify mail transmission routes for specific domains/addresses |
| /etc/postfix/relay_domains | Configuration of domains allowed for relay |
| /etc/postfix/sasl_passwd | Storage of authentication information for SMTP relay servers |
| /etc/postfix/sql/*.cf | Configuration files for database integration (PostgreSQL) |
Main Postfix Configuration Items (main.cf)
Let’s take a look at the key configurations that define how Postfix operates.
The file is located at /etc/postfix/main.cf.
1️⃣ Basic Mail Server Configuration
myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = all
inet_protocols = ipv4
myhostname→ Hostname of the mail servermydomain→ Default domain configurationinet_interfaces→ Set to receive mail on all network interfacesinet_protocols→ Use only IPv4 (can disable IPv6)
2️⃣ Mail Relay Restrictions
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
permit_mynetworks→ Allow relay from trusted networkspermit_sasl_authenticated→ Only SASL authenticated users can relay maildefer_unauth_destination→ Block unauthenticated external relay
3️⃣ Virtual Users and Database Integration
To manage virtual domains and mailboxes using PostgreSQL, you need to add the following settings.
virtual_mailbox_domains = pgsql:/etc/postfix/sql/virtual_domains.cf
virtual_mailbox_maps = pgsql:/etc/postfix/sql/virtual_mailboxes.cf
virtual_alias_maps = pgsql:/etc/postfix/sql/virtual_aliases.cf
🔹 Explanation
- virtual_mailbox_domains → Queries the database for the virtual domains that can receive mail
- virtual_mailbox_maps → Queries the database for user mailbox information
- virtual_alias_maps → Queries the database for email aliases
💡 If using MySQL
You can usemysql:instead ofpgsql:.💡 In high-traffic environments, using proxy:pgsql: may provide performance benefits. However, it works sufficiently without proxy: in typical environments.
Setting Up Postfix to Use the Database
Postfix must have related packages installed to use PostgreSQL.
sudo apt update
sudo apt install postfix postfix-pgsql
postfix→ Basic Postfix SMTP serverpostfix-pgsql→ Package allowing Postfix to integrate with PostgreSQL
Once the installation is complete, you will need to create configuration files that allow Postfix to fetch user information from PostgreSQL.
Postfix Database Integration Configuration (virtual_*.cf File Creation)
Postfix uses virtual_domains.cf, virtual_mailboxes.cf, and virtual_aliases.cf to retrieve information from the database.
These files need to be created manually, and you can create them based on the content below.
1️⃣ /etc/postfix/sql/virtual_domains.cf (Domain Query Configuration)
user = mailadmin
password = yourpassword
dbname = mail
hosts = 127.0.0.1
query = SELECT domain_name FROM mail_domain WHERE domain_name='%s' AND active=true
Explanation
user → PostgreSQL user account (make sure to create a user in the DB so that postfix can access the DB.)
password → PostgreSQL account password (password for the previously created DB user mailadmin)
dbname → Database name
hosts → Database server address (using local server)
query → Query to lookup the domains that can receive mail in the mail_domain table
2️⃣ /etc/postfix/sql/virtual_mailboxes.cf (Mailbox Query Configuration)
user = mailadmin
password = yourpassword
dbname = mail
hosts = 127.0.0.1
query = SELECT home_directory FROM mail_users WHERE email='%s'
Explanation
query → Queries the user's mail storage path (returns the home_directory field from the mail_users table)
Postfix will return the path to save the user's mail in the correct directory
3️⃣ /etc/postfix/sql/virtual_aliases.cf (Email Alias Query Configuration)
user = mailadmin
password = yourpassword
dbname = mail
hosts = 127.0.0.1
query = SELECT destination_email FROM mail_alias WHERE source_email='%s'
Explanation
query → If there are aliases, queries the actual destination email where mail will be delivered
Finds and returns the email registered as an alias by referring to the mail_alias table
Security Settings
These configuration files must have restricted permissions due to the inclusion of passwords.
sudo chmod 640 /etc/postfix/sql/virtual_*.cf
sudo chown root:postfix /etc/postfix/sql/virtual_*.cf
🔒 Security Note:
Since the configuration files contain passwords, permissions must be restricted so that other users cannot read them. By applying chmod 640, access is only allowed for the Postfix process (the postfix group).
Reloading Postfix Configuration
Once the configuration is complete, you need to reload Postfix to apply the changes.
sudo systemctl restart postfix
Summary and Next Steps
✅ Explanation of Postfix configuration file structure and roles
✅ Added key configurations in Postfix's main.cf
✅ Configured virtual_*.cf files for Postfix to integrate with PostgreSQL
In the next part, we will cover how to integrate Postfix with Dovecot for SMTP authentication.
This will ensure that the mail server is fully equipped for sending and receiving functionalities.
👉 Next Part: Integration of Postfix and Dovecot for SMTP Authentication (Coming Soon!)
Add a New Comment