Docs

• Homepage
• http://www.postfix.org/ADDRESS_CLASS_README.html
• Postfix on FreeBSD
• Postfix survival guide
• Postfix and Amavis
• Postfix and SpamAssassin
• postfix+spamd
• postfix with spamassass-milter on freebsd
• FAQ
• Postfix with clamav-milter
• Postfix wiki
• postfix dovecot
• postfix amavisd-new freebsd
• http://souptonuts.sourceforge.net/postfix_tutorial.html
• Setting up automatic relay_recipient_maps in postfix
• http://wiki.kartbuilding.net/index.php/Postfix_SMTP#Blocking_Spam_with_spamhaus_and_Postfix
• Postfix on Debian
• http://www.postfix.org/VIRTUAL_README.html
• https://skrilnetz.net/setup-your-own-mailserver/
• How To Configure a Mail Server Using Postfix, Dovecot, MySQL, and SpamAssassin

Postfix and smtp auth/sasl

• http://mirrors.loonybin.net/postfix_tls/doc/setup.html (this is a good one!)
• http://www.postfix.org/SASL_README.html
• http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL?action=show&redirect=PostfixAndDovecotSASL
• http://adomas.org/2006/08/postfix-dovecot/
• http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailservers.html
• http://forums.macosxhints.com/archive/index.php/t-96919.html

Postfix and Network Solutions certificates

#The private key you created together with privkey.csr, readable for root only!
smtpd_tls_key_file = privkey.pem

#the certificate you received from NS
smtpd_tls_cert_file = /etc/ssl/MY.HOST.COM.crt

#NetworkSolutions_CA.crt and UTNAddTrustServer_CA.crt combined in a single file
smtpd_tls_CAfile = /etc/postfix/intermediate.pem

Postfix and LDAP

• Postfix LDAP
• Hosting Multiple Domains with Virtual Accounts
• LDAP Support in Postfix
• Virtual hosting with LDAP
• Postfix LDAP Howto v2.1
• http://www.root-it.fiberworld.nl/vriesman.tk/postfix-courier-ldap-howto.html
• http://swik.net/Postfix+LDAP
• http://gentoo-wiki.com/HOWTO_Postfix-LDAP_virtual_users_with_qmail_schema
• http://www.ldapsource.com/content/ldap_postfix.html
• http://www.boobah.info/howto/postfix-ldap.html

Spam filtering

• http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
• Postfwd
• Postscreen
• Postscreen cheatsheet
• http://www.xnote.com/howto/postfix-spamassassin.html
• http://www.akadia.com/services/postfix_spamassassin.html
• Filtering spam with Postfix
• Postfix and spamass-milter

ldap and aliases

• http://www.postfix.org/LDAP_README.html
• http://www.howtoforge.com/mandriva-directory-server-on-debian-etch-p3

man ldap_table
man maildirquota

Tools

• postfwd

pflogsumm

Log analyzer

vimbadmin

vimbadmin

Notes

• postconf
• postsuper

anti spam measures that work for me

smtpd_recipient_restrictions =
   permit_sasl_authenticated,
   reject_unverified_recipient,
   permit_mynetworks,
   reject_sender_login_mismatch,
   reject_invalid_hostname,
   reject_unknown_reverse_client_hostname,
   reject_non_fqdn_hostname,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_sender_domain,
   reject_unknown_recipient_domain,
   reject_unauth_destination,
   check_recipient_access  hash:/etc/postfix/recipient_access,
   reject_rbl_client bl.spamcop.net,

1. reject_rbl_client safe.dnsbl.sorbs.net,

   reject_rbl_client b.barracudacentral.org,
   permit

tls on outgoing mail

smtp_use_tls = yes smtp_tls_security_level = may smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_cert_file = /etc/postfix/ssl/domainname.com.pem smtp_tls_key_file = /etc/postfix/ssl/domainname.com.key smtp_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache smtp_tls_loglevel = 1

CentOS packages

gf-plus repository or epel :)

FAQ

Limit CC

/etc/postfix/header_checks

/^To:([^@]*@){50,}/ REJECT Sorry, your message has too many recepients.
/^Cc:([^@]*@){50,}/ REJECT Sorry, your message has too many recepients.

log subject

Create file /etc/postfix/header_checks and put in:

/^[Ss]ubject:/  WARN

and in /etc/postfix/main.cf

header_checks: regexp:/etc/postfix/header_checks

rate limit outgoing mail

• Postfix rate limiting – Politeness goes a long way
• limit by domain

Probably start with

smtp_destination_rate_delay = 5s

queue

Clean the postfix queue

mailq | grep ^[A-F0-9]| awk '{ print $1 }'| sed 's/*//' | while read i;do postsuper -d  ${i};done

Or simple:

postsuper -d ALL

View message in queue

postcat

Delete message from queue

postsuper -d

Requeue mails

postsuper -r ALL

or

postqueue -f

Postfix as secondary MX

relay_domains = foo.com, bar.com
relay_recipient_maps =
          hash:/etc/postfix/relay_recipients

milter-reject 4.7.0 DNS timeout

Most likely caused by sid-filter, aka milter-sid, aka sid-milter. Try adding "-D" to the rc.conf or defaults or whatever file starting it.

postqueue: fatal: Connect to the Postfix showq service: Permission denied

postfix set-permissions

too many concurrent connections

If that's what you get sending to a server you don't control, check

initial_destination_limit

warning: SASL authentication failure: No worthy mechs found

could be missing cyrus-sasl-plain

Sender address rejected: need fully-qualified address

myorigin = /etc/mailname