This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
This will be the goto to help solve e-mail delivery issues and talk about many practical issues that happen between developers, admins and scripts that send e-mail and do things that may not be acceptable or cause deliverability problems.
Sendmail Stuff
Edit /etc/mail/sendmail.mc
The problem is that if you send directly out from the server using the mail function, the Return-path of the e-mails will be username@thehostnameoftheserver.com. Let........
Aug 10 01:11:54 mailserver postfix/smtp[6180]: 020AE17C2BD1: to=, relay=none, delay=0.29, delays=0.28/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=gmail.con type=A: Host not found)
A user complained that their e-mails weren't being delivered but they actually made a small typo and used gmail.con so it wasn't working as expected of course........
Ithought I'd post this becuase there is some bad information out there. Some guides tell you to edit /etc/postfix/master.cf (-o smtp_bind_address=) but this doesn't work. The same guide also says if you don't change it there you end up changing the listening IP/bind interface which is also not true.
Here is a simple and effective way to change Postfix's sending/binding/outgoing IP address (very important for reverse DNS and so mail servers don't block you)........
Jul 3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms
Jul 3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1
Jul 3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
This only ever happens in my experience when the authentication method is actually Dovecot. Usually the problem........
#from epel repo
yum -y install opendkim
chkconfig opendkim on
cd /etc/opendkim/keys
opendkim-genkey -vd mail.server.com
opendkim-genkey: generating private key
opendkim-genkey: private key written to default.private
opendkim-genkey: extracting public key
opendkim-genkey: DNS TXT record written to default.txt
........
Aug 25 16:43:24 evohostingtor postfix/master[19471]: fatal: /etc/postfix/master.cf: line 24: field "unprivileged": bad value: "???"
Solution: I had the wrong thick dashes when c&ping (just retype them with your keyboard)
Aug 25 16:47:10 mailbox postfix/master[24498]: fatal: /etc/postfix/master.cf: line 25: bad transport type: syslog_name=postfix/auth-cleanup
auth-cleanup unix n - - - 0 cleanup
#-o syslog_name=postfix/........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
On occassion and from a variety of networks and clients, Sent messages don't get saved.
I'm wondering if these log messages could be why:
May 3 14:16:39 mail.box postfix/smtpd[5195]: connect from 192.168.1.58
May 3 14:16:39 mail.box postfix/smtpd[5195]: SSL_accept error from 192.168.1.58: -1
May 3 14:16:39 mail.box postfix/smtpd[5195]: lost connection after CONNECT from 192.168.1.58
May 3 14:16:39 mail.box postfix/smtpd[5195]:........
The size of the message you are trying to send exceeds a temporary size limit of the server. The message was not sent; try to reduce the message size or wait some time and try again. The server responded: 4.5.3 Error: too many recipients.
We set this in main.cf:
smtpd_client_recipient_rate_limit=0
We didn't specify it before and the default is said to be 0/unlimited and it still didn't change anything.........
This is the mail system at host mail.postmail.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
&........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
I'm posting this because it wasn't easy or obvious how this would be accomplished and the man page leaves it to guesswork.
Multi-line body_checks
Example 1
/........
The first thing you need to remember is not to check from the same host/server itself. This is a silly mistake I made, the reason is that many mailservers and especially postfix are configured to allow relaying from the localhost/same host. If you do that you'll get a false positive.
*Make sure you test from another host/system than the mail server itself!
telnet yourmailserverhost.com 25
220 Courier (FreeBS........
Basically you should always be 100% sure that whatever IPyour mail server sends out with has reverse DNS/PTR records. Remember that unless you own your IPs then you won't be able to set your own reverse DNS. Even if you were to create a reverse PTR record on your DNS servers it will be ignored. Reverse DNS is queried to pre-assigned DNS servers of your ISP, so therefore you'll need to contact your ISP/Colo/Hosting provider to do a reverse DNS entry.
If you don't have........
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Postfix SSL config
Edit /etc/postfix/main.cf:
#SSL stuff
smtpd_tls_cert_file = /etc/mailssl/server.crt
smtpd_tls_key_file = /etc/mailssl/server.key
To make smtps w........
understanding /etc/aliases
*remember to apply changes you need to run "newaliases" after editing /etc/aliases
one thing I don't get is that it doesn't allow you to specify the whole e-mail address on the left-hand side
eg:
yourfullemail@domain.com: someotheremail@domain.com
postalias: warning: /etc/aliases, line 109: name must be local (if you try the above)
It works more like this:
your........
Virtualmin Postfix Error:
The status of your system is being checked to ensure that all enabled features are available, that the mail server is properly configured, and that quotas are active ..
A problem was found with your Postfix virtual maps : No map sources were found in the Postfix configuration
.. your system is not ready for use by Virtualmin.
........