www.it-ebooks.info www.it-ebooks.info Postfix The Definitive Guide www.it-ebooks.info Other networking resources from O’Reilly Related titles sendmail qmail sendmail Cookbook Programming Internet Email Essential System Administration TCP/IP Network Administration Running Mac OS X Panther Mac OS X Panther for Unix Geeks Mac OS X Panther in a Nutshell Mac OS X Panther Pocket Guide Learning Unix for Mac OS X Panther Applescript: The Definitive Guide networking.oreilly.com networking.oreilly.com is a complete catalog of O’Reilly books on networking and related technologies, including sample chapters and code examples. oreillynet.com is the essential portal for developers interested in open and emerging technologies, including new platforms, programming languages, and operating systems. Conferences O’Reilly & Associates brings diverse innovators together to nur- ture the ideas that spark revolutionary industries. We specialize in documenting the latest tools and systems, translating the inno- vator’s knowledge into useful skills for those in the trenches. Visit conferences.oreilly.com for our upcoming events. Safari Bookshelf (safari.oreilly.com) is the premier online refer- ence library for programmers and IT professionals. Conduct searches across more than 1,000 books. Subscribers can zero in on answers to time-critical questions in a matter of seconds. Read the books on your Bookshelf from cover to cover or simply flip to the page you need. Try it today with a free trial. www.it-ebooks.info Postfix The Definitive Guide Kyle D. Dent Beijing • Cambridge • Farnham • Köln • Sebastopol • Tokyo ,psfx.book.2768 Page iii Thursday, March 24, 2011 1:20 PM www.it-ebooks.info Postfix: The Definitive Guide by Kyle D. Dent Copyright © 2004 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly Media, Inc. books may be purchased for educational, business, or sales promotional use. On- line editions are also available for most titles (safari.oreilly.com). For more information, contact our cor- porate/institutional sales department: (800) 998-9938 or corporate@oreilly.com. Editor: Andy Oram Production Editor: Reg Aubry Cover Designer: Ellie Volckhausen Interior Designer: David Futato Printing History: December 2003: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Postfix: The Definitive Guide, the image of a dove, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. ISBN: 978-0-596-00212-1 [LSI] [2011-03-25] ,psfx.book.2768 Page iv Thursday, March 24, 2011 1:20 PM www.it-ebooks.info v Table of Contents Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Postfix Origins and Philosophy 1 Email and the Internet 3 The Role of Postfix 5 Postfix Security 6 Additional Information and How to Obtain Postfix 8 2. Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Unix Topics 10 Email Topics 12 3. Postfix Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Postfix Components 19 How Messages Enter the Postfix System 20 The Postfix Queue 22 Mail Delivery 22 Tracing a Message Through Postfix 25 4. General Configuration and Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Starting Postfix the First Time 29 Configuration Files 30 Important Configuration Considerations 41 Administration 44 www.it-ebooks.info vi | Table of Contents master.cf 47 Receiving Limits 51 Rewriting Addresses 52 chroot 56 Documentation 57 5. Queue Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 How qmgr Works 58 Queue Tools 62 6. Email and DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 DNS Overview 68 Email Routing 69 Postfix and DNS 72 Common Problems 75 7. Local Delivery and POP/IMAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 Postfix Delivery Transports 77 Message Store Formats 78 Local Delivery 80 POP and IMAP 83 Local Mail Transfer Protocol 84 8. Hosting Multiple Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Shared Domains with System Accounts 90 Separate Domains with System Accounts 90 Separate Domains with Virtual Accounts 91 Separate Message Store 95 Delivery to Commands 95 9. Mail Relaying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Backup MX 103 Transport Maps 106 Inbound Mail Gateway 109 Outbound Mail Relay 110 UUCP, Fax, and Other Deliveries 111 www.it-ebooks.info Table of Contents | vii 10. Mailing Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Simple Mailing Lists 113 Mailing-List Managers 117 11. Blocking Unsolicited Bulk Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 The Nature of Spam 125 The Problem of Spam 126 Open Relays 127 Spam Detection 127 Anti-Spam Actions 129 Postfix Configuration 130 Client-Detection Rules 131 Strict Syntax Parameters 143 Content-Checking 144 Customized Restriction Classes 147 Postfix Anti-Spam Example 149 12. SASL Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 SASL Overview 152 Postfix and SASL 154 Configuring Postfix for SASL 154 Testing Your Authentication Configuration 159 SMTP Client Authentication 162 13. Transport Layer Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 Postfix and TLS 165 TLS Certificates 165 14. Content Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 Command-Based Filtering 175 Daemon-Based Filtering 177 Other Considerations 181 15. External Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 MySQL 184 LDAP 190 www.it-ebooks.info viii | Table of Contents A. Configuration Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 B. Postfix Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219 C. Compiling and Installing Postfix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 D. Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 www.it-ebooks.info [...]... (space or tab characters) to show that they are continuations of the previous line The standard document provides a lot of detail about the header fields and what they should be used for There are rules about how fields relate to each other and when one or another must be used, but in the simplest case, the only required fields are the Date: and the From: fields The standard also provides for customized... level Status 2xx The requested action was successful The client may continue to the next step 3xx Command was accepted, but the server expects additional information The client should send another command with the additional information 4xx The command was not successful, but the problem is temporary The client should retry the action at a later time 5xx The command was not successful, and the problem is... address as the envelope destination address, but this is not required nor is it always the case From the MTA’s point of view, message headers are part of the content of an email message The delivery of a message is determined by the addresses specified during the SMTP conversation These addresses are the envelope addresses, and they are the only thing that determine where messages go See The SMTP Protocol”... permanent The client should not retry the action After receiving the welcome banner, introduce yourself with the HELO command The hostname after the HELO command should be the name of the system you’re connecting from: HELO mail.oreilly.com The server replies with a success So you may continue: 250 mail.oreilly.com Indicate who the message is from with the MAIL FROM command: MAIL FROM: The. .. for email The term message store applies to persistent message storage regardless of how or where it is kept Once the message has been placed in the message store, it stays there until the intended recipient is ready to pick it up The recipient uses an MUA to retrieve the message and read it The MUA contacts the server that provides access to the message store This server is separate from the MTA that... determines during the SMTP conversation (see The SMTP Protocol” later in the chapter) that it will not accept the message, it rejects the message At that point the sending system should generate an error report to deliver to the original sender Sometimes the MTA accepts a message and later discovers that it cannot be delivered—perhaps the intended recipient doesn’t exist or there is a problem in the final... message flow Email and the Internet This is the Title of the Book, eMatter Edition www.it-ebooks.info Copyright © 2007 O’Reilly & Associates, Inc All rights reserved | 3 Ultimately, a message arrives at the MTA that is the final destination If the message is destined for a user on the system, the MTA passes it to a message delivery agent (MDA) for the final delivery The MDA might store the message as a plain... FROM: The server accepts the sending address: 250 Ok Indicate who the message is to with the RCPT TO command: RCPT TO: The server accepts the recipient address: 250 Ok Now you are ready to send the content of the message The DATA command tells the server that you have an RFC 2822 message ready to transfer: DATA The server replies that it accepts the command and is expecting you... specification describes the format for transmission, but many implementations use the same or a similar format to store messages A message is comprised of two parts: the header and the body The header contains specific fields with names such as To, From, or Subject followed by a colon (:) After the colon comes the contents of the field One message 14 | Chapter 2: Prerequisites This is the Title of the Book, eMatter... another MTA to relay or deliver a message Originally, SMTP had no means to authenticate users, but extensions to the protocol provide the capability, if required See Chapter 7 for more information on authenticating SMTP users POP/IMAP and mailbox access When users want to retrieve their messages, they use their MUA to connect to a POP or IMAP server to retrieve them POP users generally take all their . Network Administration Running Mac OS X Panther Mac OS X Panther for Unix Geeks Mac OS X Panther in a Nutshell Mac OS X Panther Pocket Guide Learning Unix for Mac OS X Panther Applescript: The Definitive Guide networking.oreilly.com networking.oreilly.com. of seconds. Read the books on your Bookshelf from cover to cover or simply flip to the page you need. Try it today with a free trial. www.it-ebooks.info Postfix The Definitive Guide Kyle D. Dent Beijing • Cambridge • Farnham • Köln • Sebastopol • Tokyo ,psfx.book.2768. First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Postfix: The Definitive Guide, the image of a dove, and related