How to configure postfix as mail relay server

Configuring Postfix as a mail relay server involves several steps. Here's a step-by-step guide to help you set it up:

Prerequisites

Postfix is installed and running on your server.
You have a valid domain name and a DNS setup.
You have a mail server (MTA) that can send and receive emails.

Step 1: Configure Postfix to listen on a specific IP address

Edit the /etc/postfix/main.cf file and add the following lines:

inet_interfaces = 192.168.1.100
inet_protocols = ipv4

Replace 192.168.1.100 with the IP address you want Postfix to listen on.

Step 2: Configure Postfix to relay mail

Edit the /etc/postfix/main.cf file and add the following lines:

relayhost = [mail.yourdomain.com]:25
mynetworks = 127.0.0.0/8 [::1]/128

Replace mail.yourdomain.com with the hostname or IP address of your mail server (MTA). The relayhost parameter specifies the mail server that Postfix will use to relay mail.

The mynetworks parameter specifies the networks that are allowed to use Postfix as a relay server. In this example, we're allowing local traffic (127.0.0.0/8) and the loopback interface (::1).

Step 3: Configure Postfix to use a specific port

Edit the /etc/postfix/master.cf file and add the following lines:

submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

submission inet n       -       n       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

This configuration sets up a submission port (587) that allows clients to authenticate and send mail using TLS encryption.

Step 4: Configure Postfix to use a specific certificate

Edit the /etc/postfix/main.cf file and add the following lines:

smtpd_tls_cert_file = /path/to/your/cert.pem
smtpd_tls_key_file = /path/to/your/key.pem

Replace /path/to/your/cert.pem and /path/to/your/key.pem with the paths to your SSL/TLS certificate and private key files.

Step 5: Restart Postfix

Restart the Postfix service to apply the changes:

sudo service postfix restart

Step 6: Test the relay server

Use a mail client (e.g., Thunderbird) to send an email to a recipient outside your domain. The email should be relayed through your Postfix server and delivered to the recipient's mail server.

Additional Tips

Make sure to update your DNS records to point to your Postfix server's IP address.
You may need to configure your firewall to allow incoming traffic on the submission port (587).
You can use the postmap command to test your Postfix configuration:
```
postmap -v -c /etc/postfix/main.cf
```
This command will check your Postfix configuration for errors and provide a detailed report.

By following these steps, you should be able to configure Postfix as a mail relay server.

Mail Knowledge

How to configure postfix as mail relay server