Postfix 基本设置指南


This howto will help you to have a basic Postfix mail server setup for your corporate environment. The main intention of this howto is to teach how you can install and configure a basic Postfix mail server setup with IMAP and POP3 services. I do not intend to tell you how you can integrate advanced stuffs like virus checking and spam filtering with this guide.


This how to is going to be a kind of more academic howto for staters with Postfix. My advanced postfix guides are PostfixVirtualMailBoxClamSmtpHowto and PostfixCompleteVirtualMailSystemHowto. If you are a newbie to Postfix enjoy them once you have finished this basic howto.

这份说明是针对刚开始使用Postfix的用户提供一个基础的认识。其它的高级指南是[:PostfixVirtualMailBoxClamSmtpHowto:Postfix - Postfix 虚拟邮箱和病毒过滤指南]以及[:PostfixCompleteVirtualMailSystemHowto:Postfix - Postfix 完整虚拟邮件系统指南]。如果你是一个 Postfix 的新手,但希望使用那些高级功能的话,你应当事先了解本说明。

Setup Overview(安装提示)

In our setup, Postfix sends & recieves mail from Internet and stores in the user mail boxes while clients in the Internet can retrieve their mails either from Courier IMAP or POP3. The user authentication is done by Courier Authdaemon. The following diagram shows this process.

本指南提供的安装方法,Postfix通过网络来发送及接收邮件并将它们存入用户邮箱中,用户可以通过Courier IMAP 或者 POP3 服务器来回复他们的邮件。用户验证是由 Courier Authdaemon 这个守护进程来完成的。下面的图片表现了这个过程。

Anatomy of Postfix(Postfix的结构)


The Following figure shows the main Postfix system components, and the main information flows between them.


  • Yellow ellipsoids are mail programs.黄色椭圆是邮件程序。
  • Yellow boxes are mail queues or files.黄色方框是邮件队列或文件。
  • Blue boxes are lookup tables.蓝色方框是查找表。
  • Programs in the large box run under control by the Postfix resident master daemon.在大方框中运行的程序是由Postfix主驻留守护进程控制的。
  • Data in the large box is property of the Postfix mail system. 大方框中的数字是Postfix邮件系统的属性。

Receiving Mail(接收邮件)

When a message enters the Postfix mail system, the first stop on the inside is the incoming queue. The figure below shows the main components that are involved with new mail.


  • Mail is posted locally. The Postfix sendmail program invokes the privileged postdrop program which deposits the message into the maildrop directory, where the message is picked up by the sendmail daemon. This daemon does some sanity checks, in order to protect the rest of the Postfix system.
  • 邮件是在本地发送的。Postfix邮件发送程序将首先调用邮件丢弃程序将邮件丢弃到“回收站”目录下,在那里,邮件又将被 邮件发送 进程所处理。这个进程执行一些完整性检查,以保护Postfix邮件服务器的工作。
  • Mail comes in via the network. The Postfix SMTP server receives the message and does some sanity checks, in order to protect the rest of the Postfix system.
  • 邮件是来自网络的。PostfixSMTP 服务器将接收这些邮件并进行完整性检查,以保护Postfix邮件服务器的工作。
  • Mail is generated internally by the Postfix system itself, in order to return undeliverable mail to the sender. The [bounce or defer] daemon brings the bad news.
  • 邮件是由Postfix系统自己生成来返回无法传送的返回邮件给发送者。[|bounce or defer]进程处理该消息。
  • Mail is forwarded by the local delivery agent, either via an entry in the system-wide alias database, or via an entry in a per-user [.forward] file. This is indicated with the unlabeled arrow.
  • 邮件被[本地传输代理]转发时,或是通过一个在系统级的别名数据库中的条目,或者通过一个每个用户自己的[.forward]文件中的条目。这被一个没有标签的箭头指明。
  • Mail is generated internally by the Postfix system itself, in order to [|notify] the postmaster of a problem (this path is also indicated with the unlabeled arrow).The Postfix system can be configured to notify the postmaster of SMTP protocol problems, [|UCE] policy violations, and so on.
  • 邮件由Postfix服务器自己在内部生成,为了向邮件管理员[|通知]这个问题(这条路径也被一个没有标签的箭头指明)。Postfix服务器能够配置来向邮件管理员通知SMTP协议的问题,[|UCE] 策略的问题,等等。
  • The [|cleanup] daemon implements the final processing stage for new mail. It adds missing From: and other message headers, arranges for address rewriting to the standard [email protected] form, and optionally extracts recipient addresses from message headers. The cleanup daemon inserts the result as a single queue file into the incoming queue, and notifies the [|queue manager] of the arrival of new mail. The cleanup daemon can be configured to transform addresses on the basis of [|canonical] and [|virtua] table lookups.
  • [|cleanup] 守护进程完成对于新邮件处理的最后阶段。它添加了缺失的From:和其他的邮件头信息,将地址重写成标准的 [email protected] 格式,并且从邮件头有选择性的展开收到邮件的地址。cleanup守护进程将处理作为一个简单的队列插入到incoming队列,并且通知[|队列管理员]新邮件到达。cleanup守护进程能够配置来在查询[|canonical]和 [|virtual]表的基础上转换地址。

Install Postfix(安装 Postfix)

In this setup I assume that your domain is {{{yourdomain.com}}} and it has a valid MX record call {{{mail.yourdomain.com}}}. Remember to replace {{{yourdomain.com}}} with your actual domain in the example codes in this howto. Also I assume that you know what an MX record is. To find out MX your type in a terminal:

在安装中假定你的域名是 'yourdomain.com',并且它有一个有效的 MX 记录叫做'mail.yourdomain.com'。请一定记得将这份指南中的'yourdomain.com'替换成你的真实的域名。并且我还假定你知道"MX记录"是什么。要找出MX你需要在终端中输入

dig mx yourdomain.com

To install postfix(安装 postfix')

sudo apt-get install postfix

Intall mailx package for use as command mail utility program. Mail command is installed with this package.


sudo apt-get install mailx

Test your default setup(测试默认的安装)

Add a user before you start this.


sudo useradd -m -s /bin/bash fmaster
sudo passwd fmaster

Test your default installation using the following code segment.


telnet localhost 25

Postfix will prompt like following in the terminal so that you can use to type SMTP commands.


Connected to mail.fossedu.org.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Ubuntu)

Type the following code segment in Postfix's prompt.


ehlo localhost
mail from: root@localhost
rcpt to: fmaster@localhost
Subjet: My first mail on Postfix
Are you there?
. (Type the .[dot] in a new Line and press Enter )

Check the mailbox of 'fmaster'


su - fmaster

When your type mail command an output like follows display in your terminal.


Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/fmaster": 2 messages 2 new
>N  1 root@localhost     Mon Mar  6 12:49   13/479   Just a test
 N  2 root@localhost     Mon Mar  6 12:51   15/487   My first mail

You will observe that mails are indexed by numbers and you can type the number of which the mail that you want to read. For example type no "2" to read the 2nd mail. The type "q" to quit. The mail will be written to a file called 'mbox' in user's home directory. According to our example it will be '/home/fmaster/mbox'.


All messages in an mbox type of mailbox are concatenated and stored in a single file. The beginning of each message is indicated by a line whose first five characters are "From " and a blank line is appended to the end of each message


Setting Postfix Support for Maildir-style Mailboxes(设置Postfix支持Maildir型的邮箱)

Maildir is a format for an e-mail spool that does not require file locking to maintain message integrity because the messages are kept in separate files with unique names. A Maildir is a directory (often named Maildir) with three subdirectories named tmp, new, and cur. The subdirectories should all reside on the same filesystem.

Maildir 是一个邮件池的格式,这种邮件格式不需要文件锁定来保证消息的完整性,因为邮件以一个特有的名字被保存在一个个单独的文件中。一个Maildir是一个包含3个叫做tmp, new和curd的子目录的目录(常常以Maildir命名)。这些子目录应该在同一个文件系统中。

Another reason to use Maildir format is that Courier IMAP/POP3 servers only work with Maildir format of mailboxes.

另一个使用Maildir格式的邮箱的理由是Courier IMAP/POP3服务器只支持Maildir格式的邮箱。

Please find out more about Maildir [|here]


 sudo  vi /etc/postfix/main.cf

Add the following code segment:


home_mailbox = Maildir/

Comment the Line ' mailbox_command = procmail -a "$EXTENSION" ' adding a "#" at the beginning

在' mailbox_command = procmail -a "$EXTENSION" '那一行前面加上一个"#"将其注释掉。

Restart Postfix to make changes effect.

重启 Postfix 使改变生效。

sudo  /etc/init.d/postfix restart

Test your setup again


Installing courier IMAP and POP3 (安装 courier IMAP 和 POP3)

sudo apt-get install courier-pop
sudo apt-get install courier-imap

Adding local domains to postfix


sudo   vi /etc/postfix/main.cf

Add your domain to 'mydestination'. Once added it should be like the following code segment.

将你的域名增加到 'mydestination'。增加完成后它看起来应该象这样:

mydestination = mail.fossedu.org, localhost.localdomain, localhost, yourdoamin.com

Add your local network to:


sudo vi /etc/postfix/main.cf

I assume that your local network is and add your local network to 'mynetworks'. Once added it should be like the following code segment.

我假定你的本地网络是 并且将你的本地网络加入到{{{mynetworks}}}。完成后它看起来应该像这样:

mynetworks =,

Make Postfix to receive mail from the Internet


Set 'inet_interfaces = all' in '/etc/postfix/main.cf' using:

使用下面的命令在'/etc/postfix/main.cf'增加'inet_interfaces = all'

sudo vi /etc/postfix/main.cf

Finally Restart Postfix;


sudo  /etc/init.d/postfix restart

Test your setup again using following code:


telnet mail.yourdomain.com 25
ehlo yourdmain.com
mail from: [email protected]
rcpt to: [email protected]
Subject: My first mail for my domain
Are you there?
. (and Enter In a new Line)

Check the mailbox of 'fmaster'


su - fmaster
cd Maildir/new

Now you will see mail has a separate file


Testing Courier POP3(测试 Courier POP3)

Type in a terminal:


telnet mail.yourdomain.com 110

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.


Connected to mail.yourdomain.com (
Escape character is '^]'.
+OK Hello there.

Type the following code segment in the prompt provided by the Courier POP3 server. I assume that you inetligent enough not to type the lines which starts from '+OK'

在Courier POP3服务器的提示符下面输入下面的代码段。我假定你能够看情况输入'+OK'后的行。

user fmaster
+OK Password required.
pass password
+OK logged in.

Testing Courier IMAP(测试 Courier IMAP)

Type in a terminal:


telnet mail.yourdomain.com 143

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.


XCOURIEROUTBOX=INBOX.Outbox] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.

Type the following code segment in the prompt provided by the Courier IMAP server.

在Courier POP3服务器的提示符下面输入下面的代码段

a login fmaster password
a logout

Local Alias database(本地的别名数据库)

When mail is to be delivered locally, the local delivery agent runs each local recipient name through the aliases database. The mapping does not affect addresses in message headers. Local aliases are typically used to implement distribution lists, or to direct mail for standard aliases such as postmaster to real people. The table can also be used to map Firstname.Lastname addresses to login names.

当邮件要被本地传送时,本地传送代理通过别名数据库来接受每一个名字。这个映射不对邮件头中的地址生效。本地的别名主要是用来实现收发列表,或者直接的将标准的别名例如 postmaster映射成真实的地址。这个表也可用来映射Firstname.Lastname的地址到登录名。

Alias lookups are enabled by default and you will see following code segment in main.cf file.

Postfix默认开启别名查询,你可以在main.cf文件中看到这些代码: <pre。 ... alias_maps = hash:/etc/aliases ...

Creating an alias for an account(为一个账号创建别名)

The following codes illustrate how you can setup an alias. This step is optional since we are going to configure virtual mail domains later in this howto. I have added this step to make understand how you can do this in case of a requirement.


Create a user


sudo useradd -m -s /bin/bash sysadmin
sudo passwd sysadmin

Edit the alias table


Open the alias file with:


sudo vi /etc/aliases

Add the following code:


fmaster: sysadmin

To make your changes effect type:


sudo newaliases

To test your changes send a mail to 'fmaster' and check the mail in '/home/sysadmin/Maildir/new' folder.


Per User .forward Files(各个用户的 .forward 文件)

Users can control their own mail delivery by specifying destinations in a file called .forward in their home directories. The syntax of these files is the same as with system aliases, except that the lookup key and colon are not present.


I will illustrate an example here:


Assume that you need to for all the mails which comes sysadmin account to an another account do like this


su - sysadmin
touch .forward

Then open the .forward file


vi .forward

Add the following code:


[email protected]

Remember to use email address which exists in this exercise.


Now send a mail to 'sysadmin' and mail should come to [email protected]

现在发送一封邮件到'sysadmin'就会被转发到[email protected]

Postfix virtual Aliases for separate domains and Linux system accounts (Postfix单独域名和Linux系统用户的虚拟别名)

With this approach, every hosted domain can have its own info etc. email address. However, it still uses LINUX system accounts for local mailbox deliveries.


With virtual alias domains, each hosted address is aliased to a local UNIX system account or to a remote address. The example below shows how to use this mechanism for the fossedu.org and linuxelabs.com domains.


Open the main.cf file:


sudo vi /etc/postfix/main.cf

Add the following code segment:


virtual_alias_domains = fossedu.org linuxelabs.com
virtual_alias_maps = hash:/etc/postfix/virtual

Edit the '/etc/postfix/virtual file:


Add two Linux system accounts 加入Linux系统账户:

sudo useradd -m -s /bin/bash sigiri
sudo useradd -m -s /bin/bash kala

Set Password for the above users.


sudo passwd sigiri
sudo passwd kala

sudo vi /etc/postfix/virtual

Add the following code segment:


[email protected]       sigiri
[email protected]    kala

To create a Map Database type :


sudo postmap /etc/postfix/virtual

The postmap is utility program that will convert '/etc/postfix/virtual' to '/etc/postfix/virtual.db' Berkley DB format, so that Postfix can access the data faster.


Restart Postfix to make changes effect:


sudo /etc/init.d/postfix restart

Send mails to both [email protected] and [email protected] and those mails should come to mailboxes of sigiri and kala respectively.

发送邮件到 [email protected][email protected] 这些邮件都会进入相应的sigirikala的邮箱。