Prerequisites
In order to test a central mail server in a standard way using MX record, you will need to set up a master DNS server.
It is still possible to avoid setting up a master DNS server if you only want to test a null-client configuration (RHCE 7 requirement). In this case, you will have to use the relayhost = [mail.example.com] or relayhost = [ipaddress] syntax (see Configure a system to forward all email to a central mail server).
Also, you can set the disable_dns_lookups directive to yes, to force Postfix to read the local /etc/hosts file instead of sending DNS requests to get the MX records.
Installation Procedure
Install the postfix package (if it is not already there):
# yum install -y postfix
Add a new service to the firewall:
# firewall-cmd --permanent --add-service=smtp success
Reload the firewall configuration:
# firewall-cmd --reload success
Activate the postfix service at boot:
# systemctl enable postfix
Start the postfix service:
# systemctl restart postfix
Let’s assume that your server is called mail.example.com on the 192.168.1.0/24 network.
Edit the /etc/postfix/main.cf file and change the following directives:
myhostname = mail.example.com mydomain = example.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks = 192.168.1.0/24, 127.0.0.0/8
Check the syntax:
# postfix check
Check the non-default configuration:
# postconf -n
Set the SELinux allow_postfix_local_write_mail_spool boolean to ‘on‘:
# setsebool -P allow_postfix_local_write_mail_spool on
Restart the postfix configuration:
# systemctl restart postfix
Test from a client with the nmap command, it should display: “25/tcp open smtp“:
# yum install -y nmap # nmap mail.example.com Starting Nmap 6.40 ( http://nmap.org ) at 2014-08-05 23:41 CEST Nmap scan report for mail.example.com (192.168.1.24) Host is up (0.00076s latency). Not shown: 998 filtered ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp MAC Address: 52:54:00:44:23:51 (QEMU Virtual NIC) Nmap done: 1 IP address (1 host up) scanned in 6.16 seconds
Alternatively, test from a client with the telnet command:
# yum install -y telnet # telnet mail.example.com 25 Trying 192.168.1.24... Connected to mail.example.com. Escape character is '^]'. 220 mail.example.com ESMTP Postfix HELO client 250 mail.example.com quit 221 2.0.0 Bye Connection closed by foreign host.
On the central mail server, create a user called me:
# adduser me
Then, send a mail to me:
# echo "This is a test." | mail -s "Test" me@example.com
Note: The echo command introduces the content of the mail. The -s option specifies the mail subject followed by the recipient.
Finally, check the user gets his mail:
# su - me $ mail Heirloom Mail version 12.5 7/5/10. Type ? for help. "/var/spool/mail/me": 1 message 1 new >N 1 root Tue Aug 5 23:47 21/785 "Test"
This is excellent. Thank you so much for all of the effort you’ve gone through to provide us with this wonderful resource, CertDepot.
Thanks.
Hello, guys! During analyzing SMTP topic, I became a bit confused. When I try to send message from null client SRV02.EXAMPLE.COM to relayhost SRV01.EXAMPLE.COM to user, let’s say, davis and to make delivery successful I must type mail -s mysubject davis@srv01.example.com <. . But using "mail -s mysubject davis@example.com <." or "mail -s mysubject davis <." isn't working well and I'm afraid that I might fail this task on exam. What is your opinion, colleagues?
So it is working, but just not working well? Or not working at all? Can you give us more details?
It is not working well. As I said it is working when I’m typing FQDN after “@”: mail -s mysubject davis@srv01.example.com. But it’s not working without FQDN after “@”: “mail -s mysubject davis@example.com” “mail -s mysubject davis”
Can you post the mail log from the client as well as the server?
Assuming a dns is setup correctly. Ask your self which server is the mail been hosted on, is it srv01.example.com or example.com, and what way the mail is been routed. The answer is in the understanding of the /etc/postfix/main.cf file. Take a closer look at the my networks, relay host, inet_faces and the my destinations, setting.
Sidenote you need to understand the problem before understanding the answer.
Dear Sam, DNS configured correctly 100%. I’ve got perfectly resolving of both servers and domain as well. srv01.example.com is relayhost, srv02.example.com is null-client. I used Sander van Vugt’s video to setup mail exchange. Here are the setting of /etc/postfix/main.cf
srv01.example.com:
inet_interfaces = all
inet_protocols = ipv4
mydomain = example.com
myorigin = example.com
mydestination = mydomain
srv02.example.com:
inet_interfaces = all (I know, unsecured, but for the lab it is OK)
inet_protocols = ipv4
mydestination = example.com
relayhost = [srv01.example.com]
Networks section in main.cf is default on both servers.
Correct me if I’m wrong with settings.
At a quick glance, on the srv01.example.com as on this page, the configuration should read
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
take note of the $someVariable. and “,”. you will have to do something similar to the srv02.example.com
A stupid question – what does “$” mean?
It means that we are dealing with a variable like in Bash shell.
Dear Sam,
I followed your advice and made settings as you said:
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
The result is the same – I can send message to lisa@srv01.example.com, but can’t to lisa@example.com or lisa.
Is mydestination set to include $mydomain. and what is mydomain set to?
When I nmap from a client to the server I get 25/tcp closed and telnet on the server give me the message “connection refused”. Anyone knows how to fix that?
First, check your firewalld configuration.
firewall+inet_interfaces