How to setup a Postfix SMTP-only for multiple domains
This is my first question on Stacks. I always read a lot of solutions to problems here almost every other day. So thank you to all contributors. I am a noob here so please spare some space if I am doing something wrong. My question is
I am trying to setup a Postfix server to be an SMTP only host for multiple domain names. I do not allow remote connection I just want to be able to use my cron scripts to send emails for various domains. Currently Postfix is default installation but I have added
myhostname=example.com
Now problem is if I send email from [email protected] the host shown in email headers (not in From address) is example.com the exact header is
Received: from example.com
my from address is correct. Pardon me but I really don't know a lot about email servers. My incoming is handled by another hosting provider and I know I need to add a reverse dns etc. So please if anyone knows what I should do so all domains have right DNS entries plus good postfix configuration. I want postfix to use the same domain name as the from address. I only need smtp and nothing else.
I have searched google and Stacks but none answered the question completely even if the question was similar.
Thanks in advance, I am still RTFMing all over the place.
I am also getting these errors in my mailog. i have replaced a real valid domain name with MYDOMAIN and a real system username with USER
Feb 14 22:53:13 li222-89 postfix/smtpd[28433]: connect from localhost[127.0.0.1]
Feb 14 22:53:13 li222-89 postfix/smtpd[28433]: 428FCA400C: client=localhost[127.0.0.1]
Feb 14 22:53:13 li222-89 postfix/cleanup[28436]: 428FCA400C: message-id=<4d59f8a8-0ab4-4aee-b6e6-6f0c9389ad7c@>
Feb 14 22:53:13 li222-89 postfix/qmgr[27293]: 428FCA400C: from=<[email protected]>, size=1047, nrcpt=1 (queue active)
Feb 14 22:53:13 li222-89 postfix/smtpd[28433]: disconnect from localhost[127.0.0.1]
Feb 14 22:53:13 li222-89 postfix/smtp[27755]: certificate verification failed for gmail-smtp-in.l.google.com: num=20:unable to get local issuer certificate
Feb 14 22:53:13 li222-89 postfix/smtp[27755]: certificate verification failed for gmail-smtp-in.l.google.com: num=27:certificate not trusted
Feb 14 22:53:13 li222-89 postfix/pickup[26953]: C3761A400D: uid=500 from=<USER>
Feb 14 22:53:13 li222-89 postfix/cleanup[28436]: C3761A400D: message-id=<[email protected]>
Feb 14 22:53:13 li222-89 postfix/qmgr[27293]: C3761A400D: from=<[email protected]>, size=3237, nrcpt=1 (queue active)
Feb 14 22:53:14 li222-89 postfix/smtp[26830]: certificate verification failed for aspmx.l.google.com: num=20:unable to get local issuer certificate
Feb 14 22:53:14 li222-89 postfix/smtp[26830]: certificate verification failed for aspmx.l.google.com: num=27:certificate not trusted
Feb 14 22:53:15 li222-89 postfix/smtp[27755]: 428FCA400C: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[74.125.155.27]:25, delay=2.6, delays=0.02/0.02/0.66/1.9, dsn=2.0.0, status=sent (250 2.0.0 OK 1297741995 l9si6487318yhl.10)
Feb 14 22:53:15 li222-89 postfix/qmgr[27293]: 428FCA400C: removed
Feb 14 22:53:17 li222-89 postfix/smtp[26830]: C3761A400D: to=<[email protected]>, orig_to=<USER>, relay=aspmx.l.google.com[74.125.155.27]:25, delay=14, delays=11/0/0.44/3.1, dsn=5.1.1, status=bounced (host aspmx.l.google.com[74.125.155.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 hj39si8560308ibb.50 (in reply to RCPT TO command))
Feb 14 22:53:17 li222-89 postfix/cleanup[28436]: 726DFA400C: message-id=<[email protected]>
Feb 14 22:53:17 li222-89 postfix/qmgr[27293]: 726DFA400C: from=<>, size=5596, nrcpt=1 (queue active)
Feb 14 22:53:17 li222-89 postfix/bounce[28222]: C3761A400D: sender non-delivery notification: 726DFA400C
Feb 14 22:53:17 li222-89 postfix/qmgr[27293]: C3761A400D: removed
Feb 14 22:53:17 li222-89 postfix/smtp[27755]: certificate verification failed for aspmx.l.google.com: num=20:unable to get local issuer certificate
Feb 14 22:53:17 li222-89 postfix/smtp[27755]: certificate verification failed for aspmx.l.google.com: num=27:certificate not trusted
Feb 14 22:53:21 li222-89 postfix/smtp[27755]: 726DFA400C: to=<[email protected]>, relay=aspmx.l.google.com[74.125.155.27]:25, delay=3.6, delays=0.02/0.01/0.44/3.1, dsn=5.1.1, status=bounced (host aspmx.l.google.com[74.125.155.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 mu18si8573893ibb.7 (in reply to RCPT TO command))
Feb 14 22:53:21 li222-89 postfix/qmgr[27293]: 726DFA400C: removed
Obviously its trying to send email to a gmail account but something is wrong ...really wrong.
Solution 1:
I believe this is what you want.
http://www.postfix.org/ADDRESS_REWRITING_README.html#generic
Example:
/etc/postfix/main.cf:
smtp_generic_maps = hash:/etc/postfix/generic
/etc/postfix/generic:
[email protected] [email protected]
[email protected] [email protected]
@localdomain.local [email protected]
So, if you have postfix installed and configured already.
Open main.cf and add the generic maps setting above.
Then open the generic file and add @example.com @example2.com or whatever settings you need for your environment
This is a hash file so when you are done run postmap /etc/postfix/generic
Then restart postfix.
UPDATE
It looks like this is actually what you are after.
edit the master cf file and change this line
smtp inet n - n - - smtpd
To:
localhost:smtp inet n - n - - smtpd
ipaddress1:smtp inet n - n - - smtpd
ipaddress2:smtp inet n - n - - smtpd -o myhostname=hostname2
.
.
.
ipaddressn:smtp inet n - n - - smtpd -o myhostname=hostname3
restart postfix
Obviously this will require you to setup multiple IP address, one for each domain and setting up the reverse DNS etc. I believe this is the only way to do this.
Solution 2:
Feb 14 22:53:17 li222-89 postfix/smtp[27755]: certificate verification failed for aspmx.l.google.com: num=20:unable to get local issuer certificate
Feb 14 22:53:17 li222-89 postfix/smtp[27755]: certificate verification failed for aspmx.l.google.com: num=27:certificate not trusted
If you're attempting to relay mail using Gmail, then it will be necessary to use TLS with Postfix.First, double-check that Postfix was configured with SSL support (ie. ldd should return at least one line starting with libssl):
$ whereis -b postfix
postfix: /usr/sbin/postfix /etc/postfix /usr/libexec/postfix
$ ldd /usr/sbin/postfix
...
libssl.so.6 => /lib/libssl.so.6 (0x00111000)
...
Now we need to find your server's CA root certificate bundle, which is typically distributed with openssl.
$ locate ca-bundle.crt
/etc/pki/tls/certs/ca-bundle.crt
Edit the Postfix main.cf to include TLS and SASL2 for Gmail authentication.
Update your certificate file with new Gmail certificate provider.
relayhost = smtp.gmail.com:587
# your FQDN, or default value below
mydomain = example.com
# your local machine name, or default value below
myhostname = host.example.com
myorigin = $myhostname
# SASL
smtpd_sasl_path = smtpd
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_type = cyrus
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
# TLS
smtp_sasl_tls_security_options = noanonymous
smtp_use_tls = yes
smtp_tls_CAfile = /path/to/your/ca-bundle.crt
smtp_sasl_tls_security_options = noanonymous
Postfix config "how to" ( main.cf )
Setup Postfix with a remote SMTP relay host