Build Your Own Email

Server on Ubuntu: Basic

Postfix Setup
 Last Updated: July 5, 2020  Xiao Guoan (Admin)  102
Comments  Mail Server

Why run your own email server? Perhaps you have a

website, which needs to send emails to users, or maybe you
want to store your emails on your own server to protect your
privacy. However, building your own email server can be a
pain in the butt because there are so many software
components you need to install and configure properly. To
make this journey easy for you, I’m creating a tutorial series
on how to build your own email server on Ubuntu.

I’m confident to say that this is the best tutorial series about
building email server from scratch on the Internet. Not only
will you have a working email server, but also you will have
a much better understanding about how email works. This
tutorial series is divided into 9 parts.

1. Setting up a basic Postfix SMTP server

2. Set up Dovecot IMAP server and TLS encryption
3. Create Virtual Mailboxes with PostfixAdmin (Ubuntu
18.04, Ubuntu 20.04)
4. Creating SPF and DKIM record to get through spam
filters
5. Setting Up DMARC to protect your domain reputation
6. How to Stop Your Email From Being Marked as Spam
7. How to Host Multiple Mail Domains in PostfixAdmin
8. Blocking Email Spam with Postfix
9. Blocking Email Spam with SpamAssassin

I know this seems to be a very daunting task. However,

based on what you want to achieve, you might not need to
follow all of them. My articles are easy to follow, so if you
dedicate sometime to it, you will have a working email
server.

Hint: If you don’t want to build an email server from

scratch, which is a long and tedious process, you can
use iRedMail to quickly and easily set up a full-
featured mail server.

This article is part 1 of this tutorial series. In this article, I

will show you how to set up a very basic Postfix SMTP
server, also known as an MTA (message transport agent).
Once you finish this article, you should be able to send and
receive emails with your own email domain on your own
email server. This tutorial is tested on Ubuntu 20.04 and
Ubuntu 18.04 server.

About Postfix

Postfix is a state-of-the-art message transport agent (MTA),

aka SMTP server, which serves two purposes.

It’s responsible for transporting email messages from a

mail client/mail user agent (MUA) to a remote SMTP
server.
It’s also used to accept emails from other SMTP
servers.

Postfix was built by Wietse Venema who is a Unix and

security expert. It’s easy to use, designed with security and
modularity in mind, with each module running at the lowest
possible privilege level required to get the job done. Postfix
integrates tightly with Unix/Linux and does not provide
functionalities that Unix/Linux already provides. It’s reliable
in both simple and stressful conditions.

Postfix was originally designed as a replacement for

Sendmail – the traditional SMTP server on Unix. In
comparison, Postfix is more secure and easier to configure. It
is compatible with Sendmail, so if you uninstall Sendmail
and replace it with Postfix, your existing scripts and
programs will continue to work seamlessly.

In this tutorial, you will learn how to configure Postfix for a

single domain.

Prerequisites

In order to send emails from your server, port 25 (outbound)

must be open. Many ISPs and hosting providers such as
DigitalOcean block port 25 to control spam and they would
not unblock it. I recommend using Hostwinds VPS (virtual
private server), because it doesn’t block port 25 (outbound),
so you can send unlimited emails with no extra cost. Before
you buy a VPS, you can ask them if port 25 is blocked.
Here’s a transcript of a live chat with hostwinds.

Once you have a hostwinds server, install Ubuntu on it and

follow the instructions below.
You also need a domain name. I registered my domain name
from NameCheap because the price is low and they give you
whois privacy protection free for life.

Things To Do Before Installing Postfix

To make Postfix perform better and get the most out of

Postfix, you need to properly set up your Ubuntu server.

Set A Correct Hostname for Ubuntu Server

By default, Postfix uses your server’s hostname to identify

itself when communicating with other MTAs. Hostname can
have two forms: a single word and FQDN.

The single word form is used mostly on personal computers.

Your Linux home computer might be named linux ,
debian , ubuntu etc. FQDN (Fully Qualified Domain
Name) is commonly used on Internet-facing servers and we
should use FQDN on our mail servers. It consists of two
parts: a node name and a domain name. For example:

mail.linuxbabe.com

is an FQDN. mail is the nodename, linuxbabe.com is

the domain name. FQDN will appear in the smtpd banner.
Some MTAs reject messages if your Postfix does not provide
FQDN in smtpd banner. Some MTAs even query DNS to
see if FQDN in the smtpd banner resolves to the IP of
your mail server.

Enter the following command to see the FQDN form of your

hostname.

hostname -f

If your Ubuntu server doesn’t have an FQDN yet, you can

use hostnamectl to set one.
 sudo hostnamectl set-hostname your-fq
dn

A common FQDN for mail server is

mail.yourdomain.com . You need to log out and log back
in to see this change at the command prompt.

Set Up DNS Records for Your Mail Server

You need to go to your DNS hosting service (usually

your domain registrar) to set up DNS records

MX record

An MX record tells other MTAs that your mail server

mail.yourdomain.com is responsible for email delivery
for your domain name.

MX record @           mail.linuxba

be.com

A common name for the MX host is

mail.yourdomain.com . You can specify more than one
MX record and set priority for your mail servers. A lower
number means higher priority. Here we only use one MX
record and set 0 as the priority value. (0 – 65355)

Note that when you create the MX record, you should enter
@ or your apex domain name in the name field like below.
An apex domain name is a domain name without any sub-
domain.

A record

An A record maps an FQDN to an IP address.

 mail.linuxbabe.com        <IP-address
>

AAAA record

If your server uses IPv6 address, it’s also a good idea to add
AAAA record for mail.yourdomain.com .

mail.linuxbabe.com        <IPv6-addre
ss>

Hint: If you use Cloudflare DNS service, you should

not enable the CDN feature when creating A and
AAAA record for mail.your-domain.com .
Cloudflare does not support SMTP proxy.

PTR record

A pointer record, or PTR record, maps an IP address to an

FQDN. It’s the counterpart to the A record and is used for
reverse DNS (rDNS) lookup.

Reverse resolution of IP address with PTR record can help

with blocking spammers. Many MTAs accept email only if
the server is really responsible for a certain domain. You
should definitely set a PTR record for your email server so
your emails have a better chance of landing in recipient’s
inbox instead of spam folder.

To check the PTR record for an IP address, you can use the
following command.

dig -x <IP> +short

or

host <IP>
Because you get IP address from your hosting provider, not
from your domain registrar, so you must set PTR record for
your IP address in your hosting provider’s control panel. Its
value should be your mail server’s hostname: mail.your-
domain.com . If your server uses IPv6 address, then add
PTR record for your IPv6 address as well.

To edit the reverse DNS record for your Hostwinds VPS, log
into Hostwinds client area, select Domains -> Manage
rDNS , Then you can edit the reverse DNS record for both
IPv4 and IPv6 addresses.

After all of the above is done, let’s play with Postfix.

Installing Postfix

On your ubuntu server, run the following two commands.

sudo apt-get update

sudo apt-get install postfix -y

You will be asked to select a type for mail configuration.

Normally, you will want to select the second type:
Internet Site .
 No configuration means the installation process
will not configure any parameters.
Internet Site means using Postfix for sending
emails to other MTAs and receiving email from other
MTAs.
Internet with smarthost means using postfix
to receive email from other MTAs, but using another
smart host to relay emails to the recipient.
Satellite system means using smart host for
sending and receiving email.
Local only means emails are transmitted only
between local user accounts.

Next, enter your domain name for the system mail name, i.e.
the domain name after @ symbol. For example, my email
address is [email protected], so I entered
linuxbabe.com for the system mail name. This domain
name will be appended to addresses that doesn’t have a
domain name specified.
Once installed, Postfix will be automatically started and a
/etc/postfix/main.cf file will be generated. Now we
can check Postfix version with this command:

postconf mail_version

On Ubuntu 18.04, the Postfix version is 3.3.0, and Ubuntu

20.04 ships with version 3.4.10.

mail_version = 3.4.10

The netstat utility tells us that the Postfix master process

is listening on TCP port 25. (If your Ubuntu server doesn’t
have the netstat command, you can run sudo apt
install net-tools command to install it.)

sudo netstat -lnpt

Postfix ships with many binaries under the /usr/sbin/

directory, as can be seen with the following command.

dpkg -L postfix | grep /usr/sbin/

Output:

/usr/sbin/postalias
/usr/sbin/postcat
/usr/sbin/postconf
/usr/sbin/postdrop
/usr/sbin/postfix
/usr/sbin/postfix-add-filter
/usr/sbin/postfix-add-policy
/usr/sbin/postkick
 /usr/sbin/postlock
/usr/sbin/postlog
/usr/sbin/postmap
/usr/sbin/postmulti
/usr/sbin/postqueue
/usr/sbin/postsuper
/usr/sbin/posttls-finger
/usr/sbin/qmqp-sink
/usr/sbin/qmqp-source
/usr/sbin/qshape
/usr/sbin/rmail
/usr/sbin/sendmail
/usr/sbin/smtp-sink
/usr/sbin/smtp-source

Open Port 25 (inbound) in Firewall

Ubuntu doesn’t enable a firewall by default. If you have

enabled the UFW firewall, you need to open port 25
(inbound) with the following command, so Postfix can
receive emails from other SMTP servers.

sudo ufw allow 25/tcp

Then we can use nmap to scan open ports on our server. Run
the following command on a separate computer such as your
personal computer. (I assume you are reading this tutorial on
a Linux computer.) Replace your-server-ip with actual
IP.

sudo nmap your-server-ip

You can see from the above screenshot that TCP port 25 is
open on my server.
nmap can be installed on Linux with one of the following
commands, depending on your Linux distro.

sudo apt install nmap

sudo yum install nmap

sudo zypper install nmap

sudo pacman -S nmap

Checking If Port 25 (outbound) is

blocked

Run the following command on your mail server to check if

port 25 (outbound) is blocked.

telnet gmail-smtp-in.l.google.com 25

If it’s not blocked, you would see messages like below,

which indicates a connection is successfully established.
(Hint: Type in quit and press Enter to close the
connection.)

Trying 74.125.68.26...
Connected to gmail-smtp-in.l.google.c
om.
Escape character is '^]'.
220 mx.google.com ESMTP y22si1641751p
ll.208 - gsmtp

If port 25 (outbound) is blocked, you would see something

like:

Trying 2607:f8b0:400e:c06::1a...
Trying 74.125.195.27...
 telnet: Unable to connect to remote h
ost: Connection timed out

In this case, your Postfix can’t send emails to other SMTP

servers. Ask your ISP/hosting provider to open it for you. If
they refuse your request, you need to set up SMTP relay to
bypass port 25 blocking.

Sending Test Email

As a matter of fact, we can now send and receive email from

the command line. If your Ubuntu server has a user account
called user1 , then the email address for this user is
[email protected] . You can send an email to root
user [email protected] . You can also send emails to
Gmail, yahoo mail or any other email service.

When installing Postfix, a sendmail binary is placed at

/usr/sbin/sendmail , which is compatible with the
traditional Sendmail SMTP server. You can use Postfix’s
sendmail binary to send a test email to your Gmail account
like this:

echo "test email" | sendmail your-acc

[email protected]

In this simple command, sendmail reads a message from

standard input and make “test email” as the message body,
then send this message to your Gmail account. You should be
able to receive this test email in your Gmail inbox (or spam
folder). You can see that although we didn’t specify the from
address, Postfix automatically append a domain name for the
from address. That’s because we added our domain name in
system mail name when installing Postfix.

Also, you can try to reply to this test email to see if Postfix
can receive email messages. It’s likely that emails sent from
your domain are labeled as spam. Don’t worry about it now.
We will solve this problem in later parts of this tutorial
series.

The inbox for each user is located at

/var/spool/mail/<username> or
/var/mail/<username> file. If you are unsure where to
look for the inbox, use this command.

postconf mail_spool_directory

The Postfix mail log is stored at /var/log/mail.log .

Using the mail program to Send and

Read Email

Now let’s install a command-line MUA (mail user agent).

sudo apt-get install mailutils

To send email, type

mail [email protected]

user@mail:~$ mail [email protected]

Cc:
Subject: 2nd test email
I'm sending this email using the mail
program.

Enter the subject line and the body text. To tell mail that
you have finished writing, press Ctrl+D and mail will send
this email message for you.

To read incoming emails, just type mail .

mail
Here’s how to use the mail program to manage your
mailbox.

To read the first email message, type 1 . If only parts of

the message is displayed, press Enter to show the
remaining part of the message.
To display message headers starting from message 1,
type h .
To show the last screenful of messages, type h$ or z .
To read the next email message, type n .
To delete message 1, type d 1 .
To delete message 1, 2 and 3, type d 1 2 3 .
To delete messages from 1 to 10, type d 1-10 .
To replay to message 1, type reply 1 .
To exit out of mail, type q .

Messages that have been opened will be moved from

/var/mail/<username> to /home/<username>/mbox
file. That means other mail clients can’t read those messages.
To prevent this from happening, type x instead of q to exit
out of the mail.

How To Increase Attachment Size

Limit

By default, the attachment cannot be larger than 10MB,

which is indicated by the message_size_limit
parameter.

postconf | grep message_size_limit

Output:

message_size_limit = 10240000

This parameter defines the size limit for emails originating

from your own mail server and for emails coming to your
mail server.
To allow attachment of 50MB in size, run the following
command.

sudo postconf -e message_size_limit=5

2428800

When postconf command is invoked with the -e (edit)

option, it will try to find the parameter
( message_size_limit ) in the Postfix main configuration
file ( /etc/postfix/main.cf ) and change the value. If
the parameter can’t be found, then it adds the parameter at
the end of the file.

Note that the message_size_limit should not be larger

than the mailbox_size_limit , whose default value is
51200000 bytes (about 48MB) in the upstream Postfix
package. On Ubuntu, the default value is set to 0, as can be
seen with

postconf | grep mailbox_size_limit

Output:

mailbox_size_limit = 0

This means that the mailbox has no size limit.

Restart Postfix for the changes to take effect.

sudo systemctl restart postfix

When sending an email with large attachments from your

mail server, you should also beware of the receiving server’s
attachment size limit. For example, You can not send an
attachment larger than 25MB to a Gmail address.

Setting the Postfix Hostname

By default, Postfix SMTP server uses the OS’s hostname.
However, the OS hostname might change, so it’s a good
practice to set the hostname directly in Postfix configuration
file. Open the Postfix main configuration file with a
command line text editor, such as Nano.

sudo nano /etc/postfix/main.cf

Find the myhostname parameter and set

mail.yourdomain.com as the value. (Note: You should
not use the apex domain yourdomain.com as
myhostname .)

myhostname = mail.yourdomain.com

Save and close the file. (To save a file in Nano text editor,
press Ctrl+O , then press Enter to confirm. To exit, press
Ctrl+X .) Restart Postfix for the change to take effect.

sudo systemctl restart postfix

Creating Email Alias

There are certain required aliases that you should configure

when operating your mail server in a production
environment. You can add email alias in the
/etc/aliases file, which is a special Postfix lookup table
file using a Sendmail-compatible format.

sudo nano /etc/aliases

By default, there are only two lines in this file.

# See man 5 aliases for format

postmaster: root
The first line is a comment. The second line is the only
definition of an alias in this file. The left-hand side is the
alias name. The right-hand side is the final destination of the
email message. So emails for [email protected]
will be delivered to [email protected]. The postmaster
email address is required by RFC 2142.

Normally we don’t use the root email address. Instead, the

postmaster can use a normal login name to access emails. So
you can add the following line. Replace username with
your real username.

root:   username

This way, emails for [email protected] will be

delivered to [email protected]. Now you can
save and close the file. Then rebuild the alias database with
the newaliases command

sudo newaliases

Using IPv4 Only

By default, Postfix uses both IPv4 and IPv6 protocols, as can

been seen with:

postconf inet_protocols

Output:

inet_protocols = all

If your mail server doesn’t have a public IPv6 address, it’s

better to disable IPv6 in Postfix to prevent unnecessary IPv6
connections. Simply run the following command to disable
IPv6 in Postfix.
 sudo postconf -e "inet_protocols = ip
v4"

Then restart Postfix.

sudo systemctl restart postfix

Next Step

Congrats! Now you have a basic Postfix email server up and

running. You can send plain text emails and read incoming
emails using the command line. In the next part of this
tutorial series, we will learn how to install Dovecot IMAP
server and enable TLS encryption, which will allow us to use
a desktop mail client like Mozilla Thunderbird to send and
receive emails. Stay tuned!

Rate this tutorial

[Total: 62 Average: 4.4]

You may also like:

How to How to How to How to

Set U… Set u… Easil… Set u…

How to Enable Run Set Up

Quic… SMTP… Your… Open…
 Email server on ubuntu hostname mail server



MX Record port 25 postfix system time
