Domains
In order to tell Postfix for which domains mail has to be accepted we create a new file:
nano /etc/postfix/mysql-virtual-mailbox-domains.cf
and add the following content:
user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT name FROM domains WHERE name='%s'
You can already use your own password here, but we will add a couple more files with the same password, so we will update them all with one single command later on.
To add the file to the Postfix configuration:
postconf -e virtual_mailbox_domains=proxy:mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
Users
The users (or mailboxes) are defined in the following (new) file:
nano /etc/postfix/mysql-virtual-mailbox-maps.cf
Add the following lines:
user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
To add the file to the Postfix configuration:
postconf -e virtual_mailbox_maps=proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
Aliases
The aliases are defined in the following file:
nano /etc/postfix/mysql-virtual-alias-maps.cf
Add the following lines:
user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT destination FROM aliases WHERE source='%s'
To get the catchall address working you also need to map each address to itself:
nano /etc/postfix/mysql-virtual-email2email.cf
Add the following lines:
user = mail_user
password = mail_user_password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT email FROM users WHERE email='%s'
To add the files to the Postfix configuration:
postconf -e virtual_alias_maps=proxy:mysql:/etc/postfix/mysql-virtual-alias-maps.cf,proxy:mysql:/etc/postfix/mysql-virtual-email2email.cf
Finishing touches on the configuration files
Now change the placeholder text mail_user_password for the real password in all the config files (do not forget to specify your password):
perl -pi -e 's/mail_user_password/the-real-password/' /etc/postfix/*.cf
Change the permissions and group of these files:
chmod o= /etc/postfix/mysql-*.cf
chgrp postfix /etc/postfix/mysql-*.cf
Add a user and group vmail and a home directory /home/vmail/. All the mailboxes will be stored here.
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m
Some additional Postfix configuration settings (you can check the actual settings with postconf -n | grep <parameter> or postconf | grep <parameter>):
postconf -e 'myhostname = server1.example.com'
postconf -e 'mydestination = server1.example.com, localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8'
postconf -e 'virtual_alias_domains ='
postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual-alias-maps.cf, proxy:mysql:/etc/postfix/mysql-virtual-email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_maps'
postconf -e 'virtual_transport = dovecot'
Check the Postfix-settings:
cat /etc/postfix/main.cf
Create a SSL certificate needed for TLS:
cd /etc/postfix
openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509
chmod o= /etc/postfix/smtpd.key
Checks
Domain
Check if Postfix accepts mail for a specific domain:
postmap -q example.com mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
The domain you requested should be returned. If an empty line is returned, the mail will be sent back with a Relay access denied message.
User
Check if a mailbox for the specified address exists:
postmap -q info@example.com mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
If it exists you will get the directory where the messages will be stored (example.com/info/).
Alias
Check if the address points to a valid mailbox:
postmap -q alias@example.com mysql:/etc/postfix/mysql-virtual-alias-maps.cf
postmap -q info@example.com mysql:/etc/postfix/mysql-virtual-email2email.cf
In both examples you are expected to see the address [email protected].