Posted by Gregory Bartholomew
Communication is key. Your computer might be trying to tell you something important. But if your mail transport agent (MTA) isn’t properly configured, you might not be getting the notifications. Postfix is a MTA that’s easy to configure and known for a strong security record. Follow these steps to ensure that email notifications sent from local services will get routed to your internet email account through the Postfix MTA.
$ sudo -i # dnf install postfix mailx
If you previously had a different MTA configured, you may need to set Postfix to be the system default. Use the alternatives command to set your system default MTA:
$ sudo alternatives --config mta There are 2 programs which provide 'mta'. Selection Command *+ 1 /usr/sbin/sendmail.sendmail 2 /usr/sbin/sendmail.postfix Enter to keep the current selection[+], or type selection number: 2
Create a password_maps file
You will need to create a Postfix lookup table entry containing the email address and password of the account that you want to use to for sending email:
# MY_EMAIL_ADDRESSemail@example.com # MY_EMAIL_PASSWORD=abcdefghijklmnop # MY_SMTP_SERVER=smtp.gmail.com # MY_SMTP_SERVER_PORT=587 # echo "[$MY_SMTP_SERVER]:$MY_SMTP_SERVER_PORT $MY_EMAIL_ADDRESS:$MY_EMAIL_PASSWORD" >> /etc/postfix/password_maps # chmod 600 /etc/postfix/password_maps # unset MY_EMAIL_PASSWORD # history -c
If you are using a Gmail account, you’ll need to configure an “app password” for Postfix, rather than using your gmail password. See “Sign in using App Passwords” for instructions on configuring an app password.
Next, you must run the postmap command against the Postfix lookup table to create or update the hashed version of the file that Postfix actually uses:
# postmap /etc/postfix/password_maps
The hashed version will have the same file name but it will be suffixed with .db.
Update the main.cf file
Update Postfix’s main.cf configuration file to reference the Postfix lookup table you just created. Edit the file and add these lines.
relayhost = smtp.gmail.com:587 smtp_tls_security_level = verify smtp_tls_mandatory_ciphers = high smtp_tls_verify_cert_match = hostname smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/password_maps
The example assumes you’re using Gmail for the relayhost setting, but you can substitute the correct hostname and port for the mail host to which your system should hand off mail for sending.
For the most up-to-date details about the above configuration options, see the man page:
$ man postconf.5
Enable, start, and test Postfix
After you have updated the main.cf file, enable and start the Postfix service:
# systemctl enable --now postfix.service
You can then exit your sudo session as root using the exit command or Ctrl+D. You should now be able to test your configuration with the mail command:
$ echo 'It worked!' | mail -s "Test: $(date)" firstname.lastname@example.org
Optionally, you may want to configure all email that is sent to your local system’s root account to go to your internet email address. Add this line to the /etc/aliases file on your system (you’ll need to use sudo to edit this file, or switch to the root account first):
Now run this command to re-read the aliases:
- TIP: If you are using Gmail, you can add an alpha-numeric mark between your username and the @ symbol as demonstrated above to make it easier to identify and filter the email that you will receive from your computer(s).
View the mail queue:
Clear all email from the queues:
# postsuper -d ALL
Filter the configuration settings for interesting values:
$ postconf | grep "^relayhost\|^smtp_"
View the postfix/smtp logs:
$ journalctl --no-pager -t postfix/smtp
Reload postfix after making configuration changes:
$ systemctl reload postfix