RHEL7: Configure a system to forward all email to a central mail server.
Note: This is an RHCE 7 exam objective.
Prerequisites
In order to test this configuration, you will need to configure a central mail server.
Installation Procedure
The configuration of a master DNSserver can be avoided by using the [mail.example.com] syntax (see below) or the IP address of the mail gateway.
Install the postfixpackage if it is not already there:
# yum install -y postfix
Activate the postfixservice at boot (normally already enabled):
# systemctl enable postfix
Start the postfixservice (normally already started):
# systemctl restart postfix
Main Configurations
There are two cases to distinguish:
- the system doesn’t receive any mail from outside but forwards all mails sent by local users (even mails from local users to local users) to a central mail server: this is the null-client configuration,
- the system accepts any mail from the local network and forwards them with the ones sent by the local users to a central mail server: this is the mail gateway configuration.
The RHCE 7 exam objective seems to be more geared towards the null-client configuration. This tutorial will explain how to put in place this configuration. Details related to the mail gateway configuration will be shown later.
Null-client Configuration
Let’s assume that your server is called server.example.com on the 192.168.1.0/24 network and your central mail server (outgoing mail gateway) is called mail.example.com at 192.168.1.1. Edit the /etc/postfix/main.cf file and change the following directives:
myhostname = server.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = loopback-only
mydestination =
relayhost = 192.168.1.1
Note1: Be careful not to specify $mydomain in the mydestination option (this will store all the mails locally, which is not exactly what you want). Note2: If you’ve got a DNS server dealing with MX records, you can specify relayhost = mail.example.com instead of the IP address. Note3: If you don’t set up a DNS server (but use the /etc/hosts file) or if your DNS server doesn’t deal with MX records, you can specify relayhost = [mail.example.com], this form turns off MX lookups.
Check the syntax:
# postfix check
Check the non-default configuration:
# postconf -n
Reload the postfix configuration:
# systemctl restart postfix
Note: It is normally not necessary to restart the processes when parameters are changed, a reload is enough. However, when changing the inet_interfaces parameter, you need to restart all the processes.** **
There is an quicker way than editing the /etc/postfix/main.cf file, you can also use the postconf command. This command with the -e option changes a parameter with its specified value and writes everything in the /etc/postfix/main.cf file! You can check that by restarting the postfix processes or rebooting the server!
# postconf -e 'relayhost = 192.168.1.1'
To get the value associated with the relayhost parameter, type:
# postconf relayhost
relayhost = 192.168.1.1
Time To Test
To send a mail to me at the central mail server (you need to create such a user on your central mail server), type:
# echo "This is a test." | mail -s "Test" me@example.com
Note: The echo command introduces the content of the mail. The -s option specifies the mail subject followed by the recipient.
To check the local mail queue, type:
# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
822FA3DE4 535 Tue Aug 5 16:54:45 root@example.com
(cannot update mailbox /var/mail/me for user me. destination /var/mail/me is not owned by recipient)
me@example.com
-- 0 Kbytes in 1 Request.
To requeue a mail (-r), type:
# postsuper -r 822FA3DE4
postsuper: name_mask: all
postsuper: inet_addr_local: configured 2 IPv4 addresses
postsuper: inet_addr_local: configured 2 IPv6 addresses
postsuper: renamed file deferred/8/822FA3DE4 as maildrop/822FA3DE4
postsuper: 822FA3DE4: requeued
postsuper: Requeued: 1 message
To delete the mail (-d) in the local queue, type:
# postsuper -d 822FA3DE4
Note: The postsuper -d ALL command deletes all the mails in the mail queue (ALL in upper case).
To read the previous mail for me on the central mail server (here mail.example.com), connect to it and type:
[mail]# su - me
$ mail
Heirloom Mail version 12.4 7/29/08. Type ? for help.
"/var/spool/mail/me": 1 message
U 1 root Tue Aug 5 18:31 22/755 "Subject: Test"
To check all the process followed by an email, type:
# tail -f /var/log/maillog
18:07:40 postfix/pickup[2338]: 822FA3DE4: uid=89 from=<root@example.com> orig_id=0FB353E45
18:07:40 postfix/cleanup[24446]: 822FA3DE4: message-id=<20140805145446.0FB353E45@server.example.com>
18:07:40 postfix/qmgr[2339]: 822FA3DE4: from=<root@example.com>, size=535, nrcpt=1 (queue active)
18:07:40 postfix/local[24448]: warning: specify "strict_mailbox_ownership = no" to ignore mailbox ownership mismatch
18:07:41 postfix/local[24448]: 822FA3DE4: to=<me@example.com>, relay=local, delay=4375, delays=4375/0.02/0/0.25, dsn=4.2.0, status=deferred (cannot update mailbox /var/mail/me for user me. destination /var/mail/me is not owned by recipient)
Gateway Configuration
In case you want to set up a mail gateway configuration (a server receiving emails from the local network and forwarding them to a central mail server), execute the following steps.
Edit the /etc/postfix/main.cf file and change the following directives:
myhostname = server.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 192.168.1.0/24, 127.0.0.0/8
relayhost = 192.168.1.1
Note: Compared to the null-client configuration, Postfix processes listen to all network interfaces (the inet_interfaces directive), accept mails sent to the example.com domain (the mydestination directive) restricted to the local network (the mynetworks directive).
Caution: Don’t specify $mydomain in the mydestination variable if you don’t want to store mails locally (this mistake was previously made in this tutorial).
Check the syntax:
# postfix check
Check the non-default configuration:
# postconf -n
Reload the postfix configuration:
# systemctl restart postfix
Open the firewall to receive emails from outside:
# firewall-cmd --permanent --add-service=smtp
success
Reload the firewall configuration:
# firewall-cmd --reload
success
Useful Tips
Before or during the exam, you can go to the /usr/share/doc/postfix-2.10.1/README_FILES directory to read the BASIC_CONFIGURATION_README and STANDARD_CONFIGURATION_README files filled with many Postfix configuration examples.
Additional Resources
Useful free Postfix resources can be found at the Postfix website. The Postfix Overview page is a good place to start. Also, this global picture of Postfix can help you better understand the numerous processes involved.
Beyond the exam objectives, you can also read this article about configuring a Postfix Relay through Gmail on CentOS 7.
Leave a comment