Last updated on Feb 24th, 2015 but started on May 18th, 2012 and marked as config mail postfix

Domains

In order to tell Postfix for which domains mail has to be accepted we create a new file:

nano /etc/postfix/mysql-virtual-mailbox-domains.cf

and add the following content:

user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT name FROM domains WHERE name='%s'

You can already use your own password here, but we will add a couple more files with the same password, so we will update them all with one single command later on.

To add the file to the Postfix configuration:

postconf -e virtual_mailbox_domains=proxy:mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

Users

The users (or mailboxes) are defined in the following (new) file:

nano /etc/postfix/mysql-virtual-mailbox-maps.cf

Add the following lines:

user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'

To add the file to the Postfix configuration:

postconf -e virtual_mailbox_maps=proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

Aliases

The aliases are defined in the following file:

nano /etc/postfix/mysql-virtual-alias-maps.cf

Add the following lines:

user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT destination FROM aliases WHERE source='%s'

To get the catchall address working you also need to map each address to itself:

nano /etc/postfix/mysql-virtual-email2email.cf

Add the following lines:

user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT email FROM users WHERE email='%s'

To add the files to the Postfix configuration:

postconf -e virtual_alias_maps=proxy:mysql:/etc/postfix/mysql-virtual-alias-maps.cf,proxy:mysql:/etc/postfix/mysql-virtual-email2email.cf

Finishing touches on the configuration files

Now change the placeholder text mail_user_password for the real password in all the config files (do not forget to specify your password):

perl -pi -e 's/mail_user_password/the-real-password/' /etc/postfix/*.cf

Change the permissions and group of these files:

chmod o= /etc/postfix/mysql-*.cf
chgrp postfix /etc/postfix/mysql-*.cf

Add a user and group vmail and a home directory /home/vmail/. All the mailboxes will be stored here.

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

Some additional Postfix configuration settings (you can check the actual settings with postconf -n | grep <parameter> or postconf | grep <parameter>):

postconf -e 'myhostname = server1.example.com'
postconf -e 'mydestination = server1.example.com, localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8'
postconf -e 'virtual_alias_domains ='
postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual-alias-maps.cf, proxy:mysql:/etc/postfix/mysql-virtual-email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_maps'
postconf -e 'virtual_transport = dovecot'

Check the Postfix-settings:

cat /etc/postfix/main.cf

Create a SSL certificate needed for TLS:

cd /etc/postfix
openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509

chmod o= /etc/postfix/smtpd.key

Checks

Domain

Check if Postfix accepts mail for a specific domain:

postmap -q example.com mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

The domain you requested should be returned. If an empty line is returned, the mail will be sent back with a Relay access denied message.

User

Check if a mailbox for the specified address exists:

postmap -q [email protected]com mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

If it exists you will get the directory where the messages will be stored (example.com/info/).

Alias

Check if the address points to a valid mailbox:

postmap -q [email protected]com mysql:/etc/postfix/mysql-virtual-alias-maps.cf
postmap -q [email protected]com mysql:/etc/postfix/mysql-virtual-email2email.cf

In both examples you are expected to see the address [email protected].