The Mail Delivery Agent (MUA) is the application being used to interact with a users email account (e.g. Outlook)
Postfix is the Mail Transfer Agent (MTA) that is used for
- incoming email for user accounts on the Postfix system
- outgoing email from a user account on the Postfix system to some recipient
Dovecot is the Mail Delivery Agent (MDA) that is used to
- list/view/read/delete emails stored in the users inbox on the Postfix system
Use apt-get on a Debian distribution (Debian, Ubuntu, Mint) or dnf or yum on a Red Hat distribution (CentOS, Fedora, Red Hat) to install Postfix.
dnf install postfix
In /etc/postfix/main.cf
- myhostname = whatever you want to follow the @ symbol for your users email address (e.g. example.com for email such as john.doe@example.com)
- There are two types of mailbox, mbox (this is the default) and maildir. To use maildir set home_mailbox to Maildir/ and ensure mailbox_command contains no value so that when a new user account is created, the new users home directory will contain Maildir (e.g. /home/username/Maildir)
- ensure local_recipient_maps is not commented out, as this line is needed in order for Postfix to locate the accounts listed in the /etc/passwd file.
- mynetworks_styles = host (only the Postfix server will be trusted) or subnet (trust any client in the subnet) or class (trust any client in class A or class B or class C IP address range).
- inet_interfaces = all to allow remote hosts to be able to connect to your Postfix server.
- smtpd_recipient_restrictions = permit_mynetworks (to allow mynetworks_style)
myhostname = example.com, localhost.example.com, localhost
home_mailbox = Maildir/
mailbox_command =
local_recipient_maps = unix:passwd:byname $alias_maps
mynetworks_styles = host
inet_interfaces = all
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination
Use the systemctl command to start and enable postfix and to ensure Postfix is running
systemctl enable postfix
systemctl start postfix
systemctl status postfix
Ensure whatever DNS system you are using contains the following records.
Record Type | Name | Value |
A | IP address of your Postfix system | |
MX | hostname (e.g. mail.example.com.) |
The nslookup command on the Postfix system should return something like this.
~]$ nslookup -type=mx example.com
Server: 172.31.0.2
Address: 172.31.0.2#53
Non-authoritative answer:
example.com mail exchanger = 10 mail.example.com.
By default, /etc/postfix/master.cf should contain the following, which configures Postfix to listen on SMTP port 25.
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
The netstat command should show that Postfix is listening on port 25 (SMTP).
~]$ netstat -anop
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name Timer
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 18907/master off (0.00/0/0)
Allow SMTP port 25 in iptables or firewalld.
If using an Amazon Web Services (AWS):
- Ensure the Security Group allows incoming connections on SMTP port 25
- Associate an Elastic IP (static IP) with your EC2 instance
- Use this form to request email to be sent from AWS and to setup reverse DNS
Use OpenSSL to test the connection.
~]$ openssl s_client -connect <IP address or hostname of your Postfix server>:25
CONNECTED(00000003)
It is not a good idea to open port 25 in your Internet facing router until Postfix has been secured with
- SASL authentication
- SSL encryption
- Sender Policy Framework (SPF)
- DomainKeys Identified Mail (DKIM)
- SpamAssassin
Opening up an unsecured mail server to the Internet creates the possibility for your email server to become a spam relay.
On the Postfix system, send your user a test email to create the users email account and inbox using the sendmail, mail, or mailx command.
echo -e "From: no-reply@example.com\nTo: $(whoami)@example.com\nSubject: Example Subject \n\n email body goes here" | sendmail $(whoami)@example.com
The Postfix log should now contain something like this.
Mar 06 11:31:37 post postfix/local[177]: 725FC12D34A: to=<john.doe@example.com>, relay=local, delay=0.03, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Your users home directory should contain the following sub directories. Postfix creates the Maildir directory and sub directories after the first email is sent to the user.
/home/john.doe/Maildir/cur
/home/john.doe/Maildir/new
/home/john.doe/Maildir/tmp
The "new" directory should have one file, for the email that was sent to John Doe.
/home/john.doe/Maildir/new/1448670731.V803I6c004bM330351.example.com
Did you find this article helpful?
If so, consider buying me a coffee over at