Build Your Own Email Server on Ubuntu: Basic Postfix Setup

Why run your own email server? Perhaps you have a website, which needs to send emails to users, or maybe you want to store your emails on your own server to protect your privacy. However, building your own email server can be a pain in the butt because there are so many software components you need to install and configure properly. To make this journey easy for you, I’m creating a tutorial series on how to build your own email server on Ubuntu.

I’m confident to say that this is the best tutorial series about building an email server from scratch on the Internet. Not only will you have a working email server, but also you will have a much better understanding of how email works. This tutorial series is divided into 10 parts.

  1. Setting up a basic Postfix SMTP server
  2. Set up Dovecot IMAP server and TLS encryption
  3. Create Virtual Mailboxes with PostfixAdmin (Ubuntu 18.04, Ubuntu 20.04)
  4. Creating SPF and DKIM record to get through spam filters
  5. Setting Up DMARC to protect your domain reputation
  6. How to Stop Your Email From Being Marked as Spam
  7. How to Host Multiple Mail Domains in PostfixAdmin
  8. Blocking Email Spam with Postfix
  9. Blocking Email Spam with SpamAssassin
  10. Setting Up Amavis and ClamAV on Ubuntu Mail Server
  11. (optional) Enable and Configure Postscreen in Postfix to Block Spambots

I know this seems to be a very daunting task. However, based on what you want to achieve, you might not need to follow all of them. My articles are easy to follow, so if you dedicate some time to it, you will have a working email server.

Hint: If you don’t want to build an email server from scratch, which is a long and tedious process, you can use iRedMail to quickly and easily set up a full-featured mail server.

This article is part 1 of this tutorial series. In this article, I will show you how to set up a very basic Postfix SMTP server, also known as an MTA (message transport agent). Once you finish this article, you should be able to send and receive emails with your own email domain on your own email server. This tutorial is tested on Ubuntu 20.04 and Ubuntu 18.04 server.

About Postfix

Postfix is a state-of-the-art message transport agent (MTA), aka SMTP server, which serves two purposes.

  • It’s responsible for transporting email messages from a mail client/mail user agent (MUA) to a remote SMTP server.
  • It’s also used to accept emails from other SMTP servers.

Postfix was built by Wietse Venema who is a Unix and security expert. It’s easy to use, designed with security and modularity in mind, with each module running at the lowest possible privilege level required to get the job done. Postfix integrates tightly with Unix/Linux and does not provide functionalities that Unix/Linux already provides. It’s reliable in both simple and stressful conditions.

Postfix was originally designed as a replacement for Sendmail – the traditional SMTP server on Unix. In comparison, Postfix is more secure and easier to configure. It is compatible with Sendmail, so if you uninstall Sendmail and replace it with Postfix, your existing scripts and programs will continue to work seamlessly.

In this tutorial, you will learn how to configure Postfix for a single domain.

Prerequisites

In order to send emails from your server, port 25 (outbound) must be open. Many ISPs and hosting providers such as DigitalOcean block port 25 to control spam and they would not unblock it. I recommend using Hostwinds VPS (virtual private server), because it doesn’t block port 25 (outbound), so you can send unlimited emails with no extra cost. Before you buy a VPS, you can ask them if port 25 is blocked. Here’s a transcript of a live chat with hostwinds.

hostwinds live chat transcript

Once you have a hostwinds server, install Ubuntu on it and follow the instructions below.

You also need a domain name. I registered my domain name from NameCheap because the price is low and they give you whois privacy protection free for life.

Things To Do Before Installing Postfix

To make Postfix perform better and get the most out of Postfix, you need to properly set up your Ubuntu server.

Set A Correct Hostname for Ubuntu Server

By default, Postfix uses your server’s hostname to identify itself when communicating with other MTAs. Hostname can have two forms: a single word and FQDN.

The single word form is used mostly on personal computers. Your Linux home computer might be named linux, debian, ubuntu etc. FQDN (Fully Qualified Domain Name) is commonly used on Internet-facing servers and we should use FQDN on our mail servers. It consists of two parts: a node name and a domain name. For example:

mail.linuxbabe.com

is an FQDN. mail is the nodename, linuxbabe.com is the domain name. FQDN will appear in the smtpd banner. Some MTAs reject messages if your Postfix does not provide FQDN in smtpd banner. Some MTAs even query DNS to see if FQDN in the smtpd banner resolves to the IP of your mail server.

Enter the following command to see the FQDN form of your hostname.

hostname -f

If your Ubuntu server doesn’t have an FQDN yet, you can use hostnamectl to set one.

sudo hostnamectl set-hostname your-fqdn

A common FQDN for mail server is mail.yourdomain.com. You need to log out and log back in to see this change at the command prompt.

Set Up DNS Records for Your Mail Server

You need to go to your DNS hosting service (usually your domain registrar) to set up DNS records

MX record

An MX record tells other MTAs that your mail server mail.yourdomain.com is responsible for email delivery for your domain name.

MX record    @           mail.linuxbabe.com

A common name for the MX host is mail.yourdomain.com. You can specify more than one MX record and set priority for your mail servers. A lower number means higher priority. Here we only use one MX record and set 0 as the priority value. (0 – 65355)

Note that when you create the MX record, you should enter @ or your apex domain name in the name field like below. An apex domain name is a domain name without any sub-domain.

email server MX record

A record

An A record maps an FQDN to an IP address.

mail.linuxbabe.com        <IP-address>

AAAA record

If your server uses IPv6 address, it’s also a good idea to add AAAA record for mail.yourdomain.com.

mail.linuxbabe.com        <IPv6-address>

Hint: If you use Cloudflare DNS service, you should not enable the CDN feature when creating A and AAAA record for mail.your-domain.com. Cloudflare does not support SMTP proxy.

PTR record

A pointer record, or PTR record, maps an IP address to an FQDN. It’s the counterpart to the A record and is used for reverse DNS (rDNS) lookup.

Reverse resolution of IP address with PTR record can help with blocking spammers. Many MTAs accept email only if the server is really responsible for a certain domain. You should definitely set a PTR record for your email server so your emails have a better chance of landing in the recipient’s inbox instead of the spam folder.

To check the PTR record for an IP address, you can use the following command.

dig -x <IP> +short

or

host <IP>

Because you get IP address from your hosting provider, not from your domain registrar, so you must set PTR record for your IP address in your hosting provider’s control panel. Its value should be your mail server’s hostname: mail.your-domain.com. If your server uses IPv6 address, then add PTR record for your IPv6 address as well.

To edit the reverse DNS record for your Hostwinds VPS, log into Hostwinds client area, select Domains -> Manage rDNS, Then you can edit the reverse DNS record for both IPv4 and IPv6 addresses.

mail server reverse DNS record

Note: Gmail will actually check the A record of the hostname specified in the PTR record. If the hostname resolves to the same IP address, Gmail will accept your email. Otherwise, it will reject your email.

After all of the above is done, let’s play with Postfix.

Installing Postfix

On your ubuntu server, run the following two commands.

sudo apt-get update

sudo apt-get install postfix -y

You will be asked to select a type for mail configuration. Normally, you will want to select the second type: Internet Site.

build your own email server with postfix

  • No configuration means the installation process will not configure any parameters.
  • Internet Site means using Postfix for sending emails to other MTAs and receiving email from other MTAs.
  • Internet with smarthost means using postfix to receive email from other MTAs, but using another smart host to relay emails to the recipient.
  • Satellite system means using smart host for sending and receiving email.
  • Local only means emails are transmitted only between local user accounts.

Next, enter your domain name for the system mail name, i.e. the domain name after @ symbol. For example, my email address is xiao@linuxbabe.com, so I entered linuxbabe.com for the system mail name. This domain name will be appended to addresses that doesn’t have a domain name specified.

build your own email server with postfix

Once installed, Postfix will be automatically started and a /etc/postfix/main.cf file will be generated. Now we can check Postfix version with this command:

postconf mail_version

On Ubuntu 18.04, the Postfix version is 3.3.0, and Ubuntu 20.04 ships with version 3.4.10.

mail_version = 3.4.10

The netstat utility tells us that the Postfix master process is listening on TCP port 25. (If your Ubuntu server doesn’t have the netstat command, you can run sudo apt install net-tools command to install it.)

sudo netstat -lnpt

build your own email server

Postfix ships with many binaries under the /usr/sbin/ directory, as can be seen with the following command.

dpkg -L postfix | grep /usr/sbin/

Output:

/usr/sbin/postalias
/usr/sbin/postcat
/usr/sbin/postconf
/usr/sbin/postdrop
/usr/sbin/postfix
/usr/sbin/postfix-add-filter
/usr/sbin/postfix-add-policy
/usr/sbin/postkick
/usr/sbin/postlock
/usr/sbin/postlog
/usr/sbin/postmap
/usr/sbin/postmulti
/usr/sbin/postqueue
/usr/sbin/postsuper
/usr/sbin/posttls-finger
/usr/sbin/qmqp-sink
/usr/sbin/qmqp-source
/usr/sbin/qshape
/usr/sbin/rmail
/usr/sbin/sendmail
/usr/sbin/smtp-sink
/usr/sbin/smtp-source

Open Port 25 (inbound) in Firewall

Ubuntu doesn’t enable a firewall by default. If you have enabled the UFW firewall, you need to open port 25 (inbound) with the following command, so Postfix can receive emails from other SMTP servers.

sudo ufw allow 25/tcp

Then we can use nmap to scan open ports on our server. Run the following command on a separate computer such as your personal computer. (I assume you are reading this tutorial on a Linux computer.) Replace your-server-ip with actual IP.

sudo nmap your-server-ip

build your own email server

You can see  from the above screenshot that TCP port 25 is open on my server.

nmap can be installed on Linux with one of the following commands, depending on your Linux distro.

sudo apt install nmap

sudo yum install nmap

sudo zypper install nmap

sudo pacman -S nmap

Checking If Port 25 (outbound) is blocked

Run the following command on your mail server to check if port 25 (outbound) is blocked.

telnet gmail-smtp-in.l.google.com 25

If it’s not blocked, you would see messages like below, which indicates a connection is successfully established. (Hint: Type in quit and press Enter to close the connection.)

Trying 74.125.68.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP y22si1641751pll.208 - gsmtp

If port 25 (outbound) is blocked, you would see something like:

Trying 2607:f8b0:400e:c06::1a...
Trying 74.125.195.27...
telnet: Unable to connect to remote host: Connection timed out

In this case, your Postfix can’t send emails to other SMTP servers. Ask your ISP/hosting provider to open it for you. If they refuse your request, you need to set up SMTP relay to bypass port 25 blocking.

Sending Test Email

As a matter of fact, we can now send and receive email from the command line. If your Ubuntu server has a user account called user1, then the email address for this user is user1@yourdomain.com. You can send an email to root user root@yourdomain.com. You can also send emails to Gmail, yahoo mail or any other email service.

When installing Postfix, a sendmail binary is placed at /usr/sbin/sendmail, which is compatible with the traditional Sendmail SMTP server. You can use Postfix’s sendmail binary to send a test email to your Gmail account like this:

echo "test email" | sendmail your-account@gmail.com

In this simple command, sendmail reads a message from standard input and make “test email” as the message body, then send this message to your Gmail account. You should be able to receive this test email in your Gmail inbox (or spam folder). You can see that although we didn’t specify the from address, Postfix automatically append a domain name for the from address. That’s because we added our domain name in system mail name when installing Postfix.

Also, you can try to reply to this test email to see if Postfix can receive email messages. It’s likely that emails sent from your domain are labeled as spam. Don’t worry about it now. We will solve this problem in later parts of this tutorial series.

The inbox for each user is located at /var/spool/mail/<username> or /var/mail/<username> file. If you are unsure where to look for the inbox, use this command.

postconf mail_spool_directory

The Postfix mail log is stored at /var/log/mail.log.

Using the mail program to Send and Read Email

Now let’s install a command-line MUA (mail user agent).

sudo apt-get install mailutils

To send email, type

mail username@gmail.com
user@mail:~$ mail username@gmail.com
Cc: 
Subject: 2nd test email
I'm sending this email using the mail program.

Enter the subject line and the body text. To tell mail that you have finished writing, press Ctrl+D and mail will send this email message for you.

To read incoming emails, just type mail.

mail

Here’s how to use the mail program to manage your mailbox.

  • To read the first email message, type 1. If only parts of the message is displayed, press Enter to show the remaining part of the message.
  • To display message headers starting from message 1, type h.
  • To show the last screenful of messages, type h$ or z.
  • To read the next email message, type n.
  • To delete message 1, type d 1.
  • To delete message 1, 2 and 3, type d 1 2 3.
  • To delete messages from 1 to 10, type d 1-10.
  • To replay to message 1, type reply 1.
  • To exit out of mail, type q.

Messages that have been opened will be moved from /var/mail/<username> to /home/<username>/mbox file. That means other mail clients can’t read those messages. To prevent this from happening, type x instead of q to exit out of the mail.

How To Increase Attachment Size Limit

By default, the attachment cannot be larger than 10MB, which is indicated by the message_size_limit parameter.

postconf | grep message_size_limit

Output:

message_size_limit = 10240000

This parameter defines the size limit for emails originating from your own mail server and for emails coming to your mail server.

To allow attachment of 50MB in size, run the following command.

sudo postconf -e message_size_limit=52428800

When postconf command is invoked with the -e (edit) option, it will try to find the parameter (message_size_limit) in the Postfix main configuration file (/etc/postfix/main.cf) and change the value. If the parameter can’t be found, then it adds the parameter at the end of the file.

Note that the message_size_limit should not be larger than the mailbox_size_limit, whose default value is 51200000 bytes (about 48MB) in the upstream Postfix package. On Ubuntu, the default value is set to 0, as can be seen with

postconf | grep mailbox_size_limit

Output:

mailbox_size_limit = 0

This means that the mailbox has no size limit.

Restart Postfix for the changes to take effect.

sudo systemctl restart postfix

When sending an email with large attachments from your mail server, you should also beware of the receiving server’s attachment size limit. For example, You can not send an attachment larger than 25MB to a Gmail address.

Setting the Postfix Hostname

By default, Postfix SMTP server uses the OS’s hostname. However, the OS hostname might change, so it’s a good practice to set the hostname directly in Postfix configuration file. Open the Postfix main configuration file with a command line text editor, such as Nano.

sudo nano /etc/postfix/main.cf

Find the myhostname parameter and set mail.yourdomain.com as the value. (Note: You should not use the apex domain yourdomain.com as myhostname.)

myhostname = mail.yourdomain.com

Save and close the file. (To save a file in Nano text editor, press Ctrl+O, then press Enter to confirm. To exit, press Ctrl+X.)  Restart Postfix for the change to take effect.

sudo systemctl restart postfix

Creating Email Alias

There are certain required aliases that you should configure when operating your mail server in a production environment. You can add email alias in the /etc/aliases file, which is a special Postfix lookup table file using a Sendmail-compatible format.

sudo nano /etc/aliases

By default, there are only two lines in this file.

# See man 5 aliases for format
postmaster: root

The first line is a comment. The second line is the only definition of an alias in this file. The left-hand side is the alias name. The right-hand side is the final destination of the email message. So emails for postmaster@your-domain.com will be delivered to root@your-domain.com. The postmaster email address is required by RFC 2142.

Normally we don’t use the root email address. Instead, the postmaster can use a normal login name to access emails. So you can add the following line. Replace username with your real username.

root:   username

This way, emails for postmaster@your-domain.com will be delivered to username@your-domain.com.  Now you can save and close the file. Then rebuild the alias database with the newaliases command

sudo newaliases

Using IPv4 Only

By default, Postfix uses both IPv4 and IPv6 protocols, as can been seen with:

postconf inet_protocols

Output:

inet_protocols = all

If your mail server doesn’t have a public IPv6 address, it’s better to disable IPv6 in Postfix to prevent unnecessary IPv6 connections. Simply run the following command to disable IPv6 in Postfix.

sudo postconf -e "inet_protocols = ipv4"

Then restart Postfix.

sudo systemctl restart postfix

Next Step

Congrats! Now you have a basic Postfix email server up and running. You can send plain text emails and read incoming emails using the command line. In the next part of this tutorial series, we will learn how to install Dovecot IMAP server and enable TLS encryption, which will allow us to use a desktop mail client like Mozilla Thunderbird to send and receive emails. Stay tuned!

Rate this tutorial
[Total: 62 Average: 4.4]

104 Responses to “Build Your Own Email Server on Ubuntu: Basic Postfix Setup

  • Great article…looking forward to the second part of it.

  • Joe Genshlea
    4 years ago

    I’m looking to setup postfix on ubuntu 16.04 to simply relay a message to the gmail smtp server. Will that be discussed?

  • Julio Cesar Sanders
    4 years ago

    Very good !!

  • In which config file ??? thats not clear here !
    Set up DNS Records for Your Mail Server
    MX record

    An MX record tells other MTAs that your mail server mail.yourdomain.com is responsible for email delivery for your domain.

    MX record @ mail.linuxbabe.com

    A common name for a mail host is mail.yourdomain.com. You can specify more than one MX record and set priority for your mail servers. A lower number means higher priority.
    A record

    An A record maps a FQDN to an IP address.

    mail.linuxbabe.com

  • James Young
    2 years ago

    I’m having a lot of difficulty setting up an email server, because in /var/log/mail.log I always get messages like this:

    Sep 12 17:35:30 instance-1 postfix/smtp[19741]: connect to aspmx.l.google.com[2607:f8b0:400c:c02::1b]:25: Network is unreachable
    Sep 12 17:35:33 instance-1 postfix/smtps/smtpd[19735]: disconnect from x.x.x.x.isp.au[x.x.x.x] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
    Sep 12 17:35:35 instance-1 dovecot: imap-login: Login: user=, method=PLAIN, rip=x.x.x.x, lip=10.142.0.2, mpid=19743, TLS, session=
    Sep 12 17:36:00 instance-1 postfix/smtp[19741]: connect to aspmx.l.google.com[74.125.31.27]:25: Connection timed out
    Sep 12 17:36:00 instance-1 postfix/smtp[19741]: connect to alt2.aspmx.l.google.com[2a00:1450:400c:c06::1a]:25: Network is unreachable
    Sep 12 17:36:00 instance-1 postfix/smtp[19741]: connect to alt1.aspmx.l.google.com[2a00:1450:400b:c01::1a]:25: Network is unreachable
    Sep 12 17:36:10 instance-1 dovecot: imap(james@mysite): Logged out in=30633 out=1715
    

    As far as I know, I’ve got the setup alright. I use MySQL and have virtual domains and virtual users. It seems to work fine and the test commands all work out.

    But now I get to the point where I set up Outlook at home, and add my new IMAP account. mail.mysite:993 and mail.mysite:465. This adds the account and a message from Outlook is dropped in /var/mail/.

    But when I go to send email from Outlook, which should go to my server and get passed on, I keep getting blocked. It must be the port 25 it’s trying to reach another server on. I don’t know really, that’s my guess. I want the mail server to connect and e.g. deliver mail over SSL/TLS to the recipient email server on port 465 or 587. How do I get this working, so my mail server will accept mail from me and deliver it?

    I’ve googled for hours and I’m making absolutely no progress!

  • Much appreciated. Well written article.

  • Thank you for the great article explaining what goes into an end-to-end email server. I am using mine now on Ubuntu 18.10.

  • Great article. What would be useful too is how to set up specific email addresses to RECEIVE mail on the server. All the articles I’ve found deal with sending mail… which I can do, but when I try and send from gmail > myServer, I get “550 5.7.1 Relaying denied” email response ( ? )

  • Raymond Wu
    1 year ago

    Thank you for putting all these together. Very helpful!!!!!

  • Shibasis Patel
    1 year ago

    The first time I tried, it worked and I got a mail in my spam folder. The next time I tried, it didn’t send my email and said:

    1] Our system has detected an
        550-5.7.1 unusual rate of unsolicited mail originating from your IP
        address. To 550-5.7.1 protect our users from spam, mail sent from your IP
        address has been 550-5.7.1 blocked. Please visit 550-5.7.1
        https://support.google.com/mail/?p=UnsolicitedIPError to review our 550
        5.7.1 Bulk Email Senders Guidelines. q2si5578154pgd.28 - gsmtp (in reply to
        end of DATA command)
    
    • It’s pretty clear that your IP address had been used to send spam (aka unsolicited commercial email).

      To solve this problem,

      First, stop spam from your server.

      Then, you can try sending email to your own Gmail account a few times to create good user engagement: If the email land into spam folder, mark it as not spam. You should send emails back and forth several times.

      After that, the Gmail rate limiting will gradually be relaxed and finally disappear.

      You can also set up SMTP relay so that Gmail cannot check your mail server’s IP address.

  • Auditor R.
    12 months ago

    Followed all the tutorial parts, everything is good and working.
    Learned a lot by doing from scratch. Big Thanks.
    Got one question. How can i add other domains, ex: alpha@domain2.com, beta@domain3.com ?

  • 5 star writing! Very clear and informative and plain language for understanding. One shot then started as smoothly as expected. Continue learning Part 2 and Part 3.

  • G.R.Regis
    11 months ago

    I’ve alway heard that setting up your own email server with postfix and dovecot was a terrible pain and it was just best to use something like iRedmail or Modoboa if you wanted to host your own. I’ve tried in the past using various tutorial and gave up used those other packages for a while. After being my go to for linux guides because they are always so easy to follow and just work, I decided to try Linuxbabe’s Postfix/Dovecot tutorial series (on Debian 10 instead) and it was a breeze. I highly recommend this entire series and any other tutorial on this site.

    • Hi G.R.Regis,

      Thanks for your comment.

      I just published a new tutorial showing how to create virtual mailboxes with PostfixAdmin, which is an open-source web-based interface to manage mail domains and users, so you can use Maildir format, easily create virtual users and aliases.

      • G.R.Regis
        9 months ago

        I’ve done that tutorial too now, and once again it worked nicely. I had a couple hiccups along the way, but that was probably because I was doing it in a Docker container so if I need to reinstall my server or migrate it, it’ll be easy to keep everything without have to deal with migrating databases.

  • Hello,
    Sorry for my bad English, I’m French and I use google translate.
    Super tutorial very well explained. Too bad he just use the Mbox format. Indeed, it is not very practical to have to create an account on the server for each email address without speaking that we can not, if I’m not mistaken, make aliases. (For example, to postmaster@monDomain.com and info@monDomain.com in the container nathaly@monDomain.com).
    Do you want to follow this tutorial using the Maildir format?
    Otherwise, is it difficult to adapt this tutorial to switch to Maildir format and use MySQL to create postfix accounts?
    In any case, thank you again for this great tutorial!

  • itsmesri
    9 months ago

    IS this works for iRedmail server too? I think I need to implement this.

    • If you use iRedMail, then you don’t need to follow this tutorial. iRedMail is a shell script that automatically installs and configures mail server components for you.

      This tutorial series shows you how to manually set up a mail server.

    • I have already talked about SPF, DKIM, DMARC in the iRedMail tutorial. If you follow the instructions you are good to go.

      iRedMail ships with spam filters in the Postfix configuration file, so you don’t need to follow the blocking spam with Postfix tutorial.

  • Ken Wright
    8 months ago

    I’ve been following your instructions here, but I’d rather set up Postfix to use virtual users. Is there a way to do this?

  • Masood Arif
    8 months ago

    Hey my college assignment is to make email server i found this one but i’m confused that is it a GUI based email server or just terminal based, waiting for your kind response.

  • Hello thank you so much for this wonderful tutorial.
    I have challenges though,…
    I have setup a live website on the main domain (www.website.com). In this tutorial you say that we use mail.website.com as the hostname for mail hosting. You also state that we should set the DNS at the hosting company. So far thankfully very clear. Except am confused because the DNS for www.website.com is the same as DNS for mail.website.com. This has made it really hard to figure things out because:
    1). The current hostname is website.com while you said it should be mail.website.com.
    QUESTION: Should I change the hostname from website.com to mail.website.com?
    2). Setting up TLS encryption has challenges because, again, it’s the same domain name.

    Further, I went ahead and created another server for mail hosting but again encryption won’t work because of share base domain but with a different IP address.

    Main question:
    How would you structure having a main domain name (www.website.com) and wanting an email setup(mail.website.com)? Do they all go to the same server (eg Digital ocean droplet)?

    • If you set the hostname in the Postfix main configuration file (/etc/postfix/main.cf), then you don’t need to change the OS hostname.

      You can have multiple virtual host files in Apache or Nginx to host multiple domain names (www.website.com, mail.website.com). If you follow the instructions in the article, you should have no problem in enabling TLS encryption.

  • Jonathan
    8 months ago

    First page… it says hostnamectl set-hostname will set your machine hostname… and it does but, when I type hostname –long or hostname -f, all I get is mydomain.com. Not mail.mydomain.com, which was set by hostnamectl. I’ve confirmed it is set correctly by typing just hostname, by itself. Any idea why the –long or -f command wouldn’t work properly?

    • I don’t know, but you can set the hostname directly in Postfix, so the OS hostname won’t be used.

      sudo postconf myhostname=mail.yourdomain.com

      Then restart Postfix.

      sudo systemctl restart postfix
    • Just check in the /etc/hosts file. Probably the order is backwards; it should read the fqdn first and then the local hostname on the line that has both. You can just switch them and save the file and it will be fine.

      • Jonathan
        7 months ago

        I went back to verify this when I got the email and I found this…

        127.0.0.1       localhost
        127.0.0.1       localhost.mydomain.com
        127.0.0.1       localhost.myotherdomaincom
        127.0.0.1       localhost.mythirdomain.com
        254.254.254.254   mail.mydomain.com
        254.254.254.254   mydomain.com
        253.253.253.253   mail.myotherdomain.com
        252.252.252.252   mythirddomain.com
        

        obviously I’ve substitued actual IPs for 254,253,252 but you can see that it’s still backwards. However, if I type hostname now, it comes up with mail.mydomain.com… which is strange. I think it stopped returning the fqdn incorrectly when I edited my host file directly, adding localhost.domains.

    • You should put the hostnames on the same line for the same IP address.

      127.0.0.1 mail.your-domain.com localhost.your-domain.com localhost.yourotherdomain.com localhost
  • – This series of articles are EXCELLENT for anyone who want or need to have a dedicated email server.

    – Thank You so much for this great content.

  • hi Xiao,

    I am new to the idea of email server setup I wanted to understand the logic to create a FQDN
    i have a ubuntu machine with machine name as mb and my domain from go daddy is mb.in
    then what should be my FQDN mb.in or mb.mb.in or mail.mb.in.

    please help me in understanding the actual logic for FQDN.

    • An FQDN is a hostname plus your apex domain name. A common FQDN for mail server is mail.your-domain.com. When you change the FQDN, your hostname also changes. It couldn’t be simpler.

  • Once again, this really is a fantastic series – thank you so much. I’m very close to having a great email server – getting an almost perfect score on mail-tester.com. My struggle is the PTR record for reverse DNS. I’m using AWS for everything. My mail server is an EC2 instance, with a public IP and also a public domain assigned by AWS (ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com, where the Xs represent the IP address). Currently, mail-tester reports the following:

    Your IP address XX.XXX.XX.XX is associated with the domain ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com.
    Nevertheless your message appears to be sent from mail.MYDOMAIN.co.uk.

    (I’ve changed my domain and IP address).

    So far, I’ve created a PTR record as described here: https://aws.amazon.com/premiumsupport/knowledge-center/route-53-reverse-dns/

    I’ve also had a little play with a CNAME record.

    If anyone has any tips that would be greatly appreciated. Many thanks in advance.

    • This changed in AWS since Jan Feb 2020, you need to make a request, there is no other way to fix this. Mine took 2 days to complete. Search for the form.

      • Thank you for your response. You’re right – I filled out a form called “Request to remove email sending limitations” and after a few days, the reverse DNS came back with mail.my-domain.co.uk. Thanks very much.

  • Colin Parkinson
    5 months ago

    Hi All
    Can I change the port from 25 to 465 to get around the port blocking of port 25 ??
    Regards to all
    Colin

    • No.

      To send an email, your SMTP server needs to hit the port 25 of the receiving SMTP server. The receiving email server expects you to hit port 25. There’s no other port for receiving email.

      This is like how web server works. Web servers are listening on port 80 and 443. Web browsers need to hit one of the two ports in order to download web pages.

      In the email world, there’s only one port for SMTP servers to receive email and it’s port 25. Port 465 (SMTPS) is used by mail clients to submit outgoing emails to your own email server. It’s not for sending email from one SMTP server to another SMTP server.

      • Hi Xiao
        My apology to contradict you, but most of our email servers in NZ block port 25 as this is susceptible to spamming.
        Our current email server uses port 465 to avoid this and our email clients (local PC) send outgoing email to this server using port 465. (example = mail:somemail.co.nz:465)

        • This must be why I don’t get many emails from NZ 🙂

          When receiving email from some email client software, you can use port 465. When your email server talks to another email server, if you don’t use port 25, you’re not going to get very far with most of them.

    • I think your original question is: If the port 25 (outbound) on the email server is blocked, can Postfix use port 465 to send emails to other SMTP servers? The answer is no.

      Sending emails from one SMTP server to another SMTP server is not the same as sending outgoing emails from email clients to your own email server.

      Email clients can always use port 465 to submit outgoing emails to your own email server.

      The outbound port 25 in this article refers to the port on the email server. It’s not the outbound port 25 on email clients. Actually, it’s unusual these days to use port 25 on email clients to submit outgoing emails to your own email server. It’s common to use port 587 or 465 to submit outgoing emails.

    • “Our current email server uses port 465 to avoid this “. Are you referring to using port 465 to submit outgoing emails to an SMTP relay service? This article has already stated that you can use SMTP relay to bypass port 25 blocking.

      If you are referring to using port 465 to send emails from your mail server directly to the recipients. Your emails are not likely to reach the recipient.

  • Hey,

    thank you for these great tutorials!

    Just two questions:
    – what script/technique/program would you recommend to poll multiple mailboxes from a webhoster like 1und1.de (especially so called catch-all mailboxes) and then transmit the polled emails to this mailsystem with postfix and dovecot, sorting the emails in corresponding virtual mailboxes?

    – will there be any enhancement for this great tutorials to integrate things like spam-filter, virus-filter, sieve, … ?

    Best regards, Alex

    • Just to clarify: I run this setup as a non-internet facing, local mailserversystem, sending outbound mails through postfix configured for relaying over my ISPs mailserver…

    • There’s a program called fetchmail that can transmit mailboxes, but I’m not sure if it can work with catch-all mailboxes and sort the emails. Perhaps you can also download all your emails in Mozilla Thunderbird, then change your mail server hostname and re-sync the emails to your new mail server.

      Spam-filter is discussed in part 8 and part 9 in this tutorial series.
      Sieve filter is explained in the Roundcube article.
      https://www.linuxbabe.com/ubuntu/install-roundcube-webmail-ubuntu-18-04-apache-nginx

      https://www.linuxbabe.com/ubuntu/install-roundcube-webmail-ubuntu-20-04-apache-nginx

      I haven’t published a separate tutorial for virus filter yet, I will add it in my to-do list. However, many emails containing viruses can be blocked by the spam filters in my articles.

      • Thank you for your reply!
        ATM I’m using getmail to poll the external mailserver of my webhoster. getmail works with catchall mailboxes but someone has to feed the fetched emails to postfix again _not_ to dovecot directly, otherwise the alias addresses are not expanded and delivered correctly.

        But in the meantime I discovered another problem: Thunderbird supplies wrong From: and To: addresses when clicking “Reply”. Thunderbird wants me to send the reply-email in the name of the initial sender (which I am not) to my own alias (which makes no sense).

        If I check the source code of the eMail, the From, To, Envelpe-To seems to be correct in my understanding.

        I wrote a post within stackoverflow, but no one can help, can you? https://stackoverflow.com/questions/61424998/local-mailsystem-with-postfix-dovecot-mua-is-tricked-with-wrong-address-inform

        Thank you for your tutorials and your help!

  • Hi Xiao. Thanks a lot for your job, REALLY! I love to learn new things and this is just great stuff.

    Xiao, I can see you have a lot of tutorials for configuring a Mail Server. I’m a bit lost. I’m kind of newbie with mail servers.

    Where to start?

    What can you tell about using sendmail? I mean, I have a LEMP stack VPS for WordPress (Ubuntu 18.04). The way I’ve been managing the SMTP for my WordPress installations is :

    sudo apt-get update && sudo apt-get install sendmail

    Just made a Postfix installation for 1 VPS but with someone help, not on my own. And I want to use Mautic too, so I want to go further and apply everything I’ve been just reading from you since like 8 months ago.

    Does it make sense to you for me to ask you where should I start? Is this post the first step to follow?

    Thank you so much.

    • Yes, you should start with this post.

      It’s not recommended to install the traditional sendmail package. It’s hard to configure. Remove it with:

      sudo apt purge sendmail
  • Guy Merritt
    5 months ago

    I set up Postfix, as a test, about 2 months ago. I had been using Qmail for years. Postfix was working fine, from the local box. Thunderbird connected and worked, etc. I now have two installs, on two different boxes, and Thunderbird cannot send mail from the other server. In other words, if I have example.com on my computer (testing Postfix) sending mail does not work from another computer when trying to use example.com. My logs say: NOQUEUE: reject: RCPT from unknown. What configuration do I need so that a different computer can send mail from my server. Both of my test installations (different domains) exhibit the same behavior. If I am sitting at the computer which has the server installed, I can send mail – other machines cannot connect and use it to send mail.

  • Guy Merritt
    5 months ago

    Ignore my previous comment – I did some reading and got things working, on other boxes, using SASL.

  • Marcus Bahn
    4 months ago

    Thank you very much!
    It’s the best tutorial i have ever seen! It helped so much to understand a mail-server!
    The tutorial works on two different vps…

    GREAT!

  • Robert Tang-wai
    4 months ago

    Hi Xiao,

    Excellent series of tutorials on setting up email services, I have tried this in the past with little success but your instructions are quite a bit clearer and detailed than the documentation I previously referenced.

    I am hosting my own Ubuntu 20.04 server (on a Hyper-V 2019 VM), my ISP blocks port 25 so I had to set up SMTP relay. I have that working so I can send email out just fine, but for some strange reason I cannot receive external email. I can email internally between accounts on the Ubuntu server so that isn’t completely broken.

    I use pfSense as my router/firewall, I confirm I am forwarding ports 25, 80, 143, 443, 465, 587, and 993 to my Ubuntu server (it also hosts my WordPress blog and Nextcloud Hub). Ubuntu itself is not running the internal firewall.

    I confirm the MX and A records are in place with my DNS registrar.

    Any suggestions? I was under the impression that getting send email to work was harder than receive, not the other way around.

    Thanks in advance!

    Robert

  • Regarding aliases, is it possible to set up an alias to send postmaster and root mail to an address off the server? For example, I administer several servers and I’d prefer any emails to postmaster or root to come to my gmail account. Is that possible?

  • After setup Postfix i can send test e-mail:

    echo "test email" | sendmail your-account@gmail.com

    but this command not work for me:

    mail username@gmail.com

    Probably mailutils is not configured and is sending from different DNS – google bouncing email with reject:

    Our system has detected that this 550-5.7.1 message does not meet IPv6 sending guidelines regarding PTR records 550-5.7.1 and authentication.

    What about Virtual Hosts in one VPS? How to configure all emails for all domains?

    • The Gmail reject message tells you to set PTR record for your IPv6 address.

      You will learn how to host multiple domains (virtual hosting) on a single VPS in part 7 of this tutorial series.

  • Hi Xiao
    Great tutorials, first of all!
    I am just going through now.
    need some light, anyway:
    I set up few accounts by inserting manualy into mysql a username and an encrypted passwd.
    How can I create new accounts without typing into mysql?
    How can I recover or change a password?
    Thanks!

  • hostname -f

    Give me this output:

    username.domain.com

    How I should setup DNS and hostname for installation dovecot and postfix?
    Is this correct?

    mail.username.domain.com
  • How I can setup rDNS and PTR for multiple Virtual Hosts? I have only one IPv4 IP and 3 IPv6 IPs

    • You need to set rDNS to the Postfix hostname only once. There’s no need to change the rDNS when you add additional virtual hosts later.

      • It will be work if I set my only one IPv4 to domain.com not a mail.domain.com? If this is not possible can I use 1 of 3 my IPv6 to mail.domain.com?

    • If your postfix hostname is mail.domain.com, then set the rDNS to mail.domain.com.
      If your postfix hostname is domain.com, then set the rDNS to domain.com.

      As I have said earlier, using mail.domain.com is a good practice. Using domain.com as the hostname will likely to get you in trouble.

  • ROK ZNIDARSIC
    3 months ago

    Hello guys,

    Spent quite some time on some issues i had, turned out that my IMAP Inbox was being empty while with mail command i could see the mails in my Inbox.

    There is a missing line in /etc/postfix/main.cf

    home_mailbox = Maildir/

    This sets inbox to Maildir/ which is set to be home mailbox in Dovecot. Without this, your Inbox in whichever client youre using (webmail, mozilla, outlook) will be empty.

    BR,
    Rok

  • When using (nmap your-server-ip) on another pc it does not show port 25. When using (telnet gmail-smtp-in.l.google.com 25), it shows that the outgoing port is ok.

    What do you think?

    • The nmap command checks if the inbound port 25 of your mail server is open. This is for your mail server to receive emails.

      The telnet command checks if the outbound port 25 of your mail server is open. This is for your mail server to send emails.

      If the nmap command didn’t show the inbound port 25, there might be another firewall sitting in front of your server.

  • FQDN mail.linuxbabe.com is the same that www.linuxbabe.com why are you using mail… instead www .
    thanks

    • Because mail makes it easy for you to identify what services this sub-domain provides.

      www is for web services (a website for visitors to browse), right?

  • Thanks a lot for your tutorial. I just started to go through your articles. A little concern I have is regarding any graphical or (in red color) comments since they are not accessible for a blind, screen reader users. I’ll contact you back if get in any difficulties.

  • Hi, how do you know the email address you claim in step 1ish is not already taken? Postfix doesn’t warn you if it is.

  • Thanks for the tutorial. I’m not sure it worked. It’s very esoteric language and I’m sure it’s easy enough to understand if you pore over it for weeks on end. So, in simple terms: Not very simple. Tedious if you opt for tedium.

    But it did get me started. What can I say. Your tutorial is the first one that showed up after I realized I needed a professional email address for my career. Thanks for being there, I love your website/blog, and keep up the good work.

  • IMRON HS
    2 months ago
    root@mailserver:~# sudo systemctl status postfix
    ● postfix.service - Postfix Mail Transport Agent
       Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled)
       Active: active (exited) since Sun 2020-07-19 00:38:38 UTC; 1min 26s ago
      Process: 4374 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
     Main PID: 4374 (code=exited, status=0/SUCCESS)
    
    Jul 19 00:38:38 mail.vanhussen.net systemd[1]: Starting Postfix Mail Transport Agent...
    Jul 19 00:38:38 mail.vanhussen.net systemd[1]: Started Postfix Mail Transport Agent.
    

    Why status Active: active (exited) Xiao? Thanks

    • This is normal. If you open the /lib/systemd/system/postfix.service file, you will see that the Postfix systemd service is a oneshot service. Postfix will run the master process after the main Postfix process exits.

  • Many thanks for this comprehensive guide, I now have multiple domains setup and its very professional.

    One thing though, for development/testing, I need to telnet into my mail server on port 25, but this seems to be blocked, but i dont have a firewall enabled. How can I allow telnet to port 25, which seems to be industry standard?

    • Note. My understanding is that port 25 must remain open, as this how emails get sent between servers, another mail server will connect on port 25 of my server, so it can deliver the message.

    • If you telnet from your local computer to your mail server on port 25 and its blocked, it indicates your local firewall (maybe your local ISP) is blocking outbound traffic on port 25.

      • It did not occur to me thanks, even though I can telnet to aspmx.l.google.com on 25, other mail servers I can’t, so yeah it must be ISP. thanks.

  • hello,
    I’m just wondering if, after installing and configuring postfix, it is possible to receive emails from another domain like gmail for example or whatever domain and forward them to my gmail account ?

  • Hello Xiao,

    there is one thing that i can’t see covered on all those parts and that is the “Unsubscribe link”. Can you help with?

    Greetings

  • Robert Herzog
    1 month ago

    I have the problem that my server does nos accept incoming email. I tend to believe that the problem comes from the master process does not listen to all IP addresses, only to 127.0.0.1 (the localhost), as indicated by the output of netstat -lntp:

    tcp  0  0 127.0.0.1:25  0.0.0.0:* LISTEN  14491/master

    while your example gives:

    tcp  0  0 0.0.0.0:25  0.0.0.0:* LISTEN  1367/master

    Also a remote nmap does not show port 25 open
    How / what shall I change ?
    Thanks !
    Robert

  • Andre Rodrigues
    4 weeks ago

    Hi, amazing article, congratulations.

    I’m using sendgrid to send my email. I configured it through Exim.

    Its possible to replace the sendgrid to a server with postfix?

    Thank you very much

  • AnonymousWH
    3 days ago

    I can’t send me local emails so even 🙁

    proxmox@correo:~$ echo "mail body" | mail -s "test mal" root
    proxmox@correo:~$ echo "mail body" | mail -s "test mal" proxmox
    proxmox@correo:~$ mailq
    Mail queue is empty
    proxmox@correo:~$ mail
    Cannot open mailbox /home/proxmox/Maildir: Permission denied
    No mail for proxmox
    proxmox@correo:~$ sudo -s
    
    • By default, the mail command reads emails in the /var/spool/mail/ directory. Since you changed the mail_location, use the following command to scan emails in other directories.

      mail -f /home/proxmox/Maildir

      And you have a permission problem, check who owns the Maildir.

      ls -lh /home/proxmox/Maildir

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.


The maximum upload file size: 2 MB.
You can upload: image.