# Help with postfix and mail setup - networking newbie

## s003apr

I'm trying to set up a mail server and I have absolutely no experience.

I want to use the setup outlined in the gentoo Desktop Configuration Guide.  That is: Postfix for mail transferring, Apache webserver,  Courier IMAP,  and Squirrel mail.

I registered for a dynamic DNS domain at dyndns.org.  I have also managed to successfully setup ddclient to update dyndns.org when my IP changes.

currently I have two computers attached to a router which is in turn attached to my dsl modem.  Say the computers were named comp1 and comp2.  comp1 is my everyday workstation and will not be used as a server in any way.  comp2 is going to be the server.  Currently my router is set to forward the ports of interest to comp2 and nothing is forwarded to comp1(because there is no need).

Now say my example domain name that I chose from dyndns.org is: foo.dyndns.org (with wildcards enabled).

My question now involves the setup /etc/postfix/main.cf.

The gentoo example has the following code for main.cf:

```

# RECEIVING MAIL

# The inet_interfaces parameter specifies the network interface

# addresses that this mail system receives mail on.  By default,

# the software claims all active interfaces on the machine. The

# parameter also controls delivery of mail to user@[ip.address].

#

#inet_interfaces = all

#inet_interfaces = $myhostname

#inet_interfaces = $myhostname, localhost

inet_interfaces = $myhostname, localhost

mydestination = $myhostname, localhost.$mydomain

```

I am not clear on what to put in for $myhostname, localhost, and $mydomain

Using the information I've given, could somebody help me out?  an example with my specific info would be greatly appreciated. 

Thanks in advance for the help.  :Very Happy: 

----------

## sisyphus

Do you actually want to use postfix to receive mail? 

There are two ways you might be trying to configure in that case:

1) You've set foo.dyndns.org to your DSL IP address and want to receive and send mail for that domain on\from your server. In this situation, you take full responsibility for sending and receiving mail for your domain. Bear in mind that a dynamic DNS probably won't be sufficient for this to work. Firstly there is a dleay between your IP changing and you getting the record updated (lost mail results). Secondly, you really need the in-addr.arpa record for your IP address pointed at your domain name. This record allows a resolver to reverse resolve your IP address to your domain name and is necessary for most smtp servers to deliver to you. 

Sadly, you don't get this service with a dynamic dns service as your ISP holds the in-addr.arpa record. 

You need to get hold of a fixed IP (several better) and an ISP who'll play ball and set up the DNS properly. There aren't many out there but if you're in the uk there are several (eclipse.net.uk is who I use).

Personally, though the facility is there, I don't use it as it's a lot of effort to manage it securely.

2) You've got an SMTP mail feed and an ISP provided SMTP server that you can use as "Smart Host". This works well. you set up your mail server so that it'll only relay for your intenal network and let your ISP get on with the dirty business of dealing with the internet  :Smile: 

In either the case, I'm not sure that you need to set up the variables you've specified. I'd really advise reading up on this subject quite carefully. I know that this is probably not the quick answer you were after but if you set this up wrong you could end up turning yourself into an open relay and thus become "The Spammers Friend". Trust me, you don't want to do this.

The documents over at http://www.postfix.org are your friend. I really would read them before doing this as a screw up could be really embarassing (you could get yourself on the RBL lists and thus no longer be relayed from - no more outgoing email).

----------

## s003apr

 *Quote:*   

> Do you actually want to use postfix to receive mail? 

 

What would you use?

 *Quote:*   

> Firstly there is a dleay between your IP changing and you getting the record updated 

 

Not that big a problem, my ip doesn't change that often, and besides, this is just experimental.  Once I have the knowledge to configure a working server, I may someday pay for a static IP and domain name once I'm more comfortable.

 *Quote:*   

> Secondly, you really need the in-addr.arpa record for your IP address pointed at your domain name. This record allows a resolver to reverse resolve your IP address to your domain name and is necessary for most smtp servers to deliver to you. 

 

 :Sad: 

----------

## sisyphus

I use Postfix. It's the SMTP server for my local network receiving its mail from my ISP. As I have an SMTP mail feed, it's just as good as running as a full blown relay (I create new email addys whenever I want etc.). It uses my ISPs mail server as "Smart Host" and thus relays all email through that rather than directly to destination.

It's running on an old Sparc Station5 (Solaris 8 ) under my telly along with a POP3 server  :Smile: . I was just wondering what exactly you wanted to do with it. 

The first line was pretty redundant as I asked what the real questions later   :Embarassed:  .

Another mistake in my post:

 *Quote:*   

> necessary for most smtp servers to deliver to you. 
> 
> 

 

Should have read

 *Quote:*   

> necessary for most smtp servers to accept mail from you.

 

There's also a further potential problem. You need to have the mx dns record pointed at you - I'm not sure if most DDNS folk'll do this.

Good luck either way.

----------

## splooge

I use postfix under this same exact scenario.  Updating IPs on the internet isn't as slow as the above poster would have you believe.  I can ping my hostname on the internet immediately after ddclient does its update.

All that arpa crap you don't need to worry about.

dyndns.org does mx record handling just fine also.

The lines you're asking about can be left as is if your /etc/hostname matches your foo.dyndns.org hostname.

inet_interfaces = all  # should be fine

mydestination = foo.dyndns.org

When you do get your new domain name, may I suggest hosting it at zoneedit.com?  Their interface is intuitive, the speed is great, and best of all they can handle dynamic IP addresses with your own domain (as opposed to having to choose one from a list of theirs).  Your first 5 domains are free, but I'm thinking of paying anyways just cause they rock so much.

----------

## rizzo

I use postfix for the smtp server, but that just relays to my ISP.  That same server uses fetchmail to get my mail from my ISP.  So my ISP is really the true mail server.  I've found trying to run your own mail server of MX record on DSL or PPP is dangerous because if it goes down there is a chance that mail will not be delivered.

----------

## sisyphus

Splooge,

 *Quote:*   

> I use postfix under this same exact scenario. Updating IPs on the internet isn't as slow as the above poster would have you believe. I can ping my hostname on the internet immediately after ddclient does its update. 

 

Very true (that's what low TTLs are for). But, not if you forget to update it. That's the issue. I know for a fact that I'm not that great at doing it (tried it and forgot  :Smile: ). Forget and you risk losing mail.  :Smile: .

As for ignoring the reverse PTR. Well, fine - just don't expect all your mail to be deliverable. Many hosts won't accept mail from without the in-addr pointing back at your domain name and will reject mail from you with a 550.

----------

## splooge

I put my ddclient in a file called /etc/ppp/ip-up which is a script that gets executed every time ip goes down and up.  The setup works so well, that I almost forgot how I installed it ... !  The DSL line "redials" immediately after it's dropped so downtime has never been more than 15-20 seconds.

I was on a network that for two years had no in-addr point back to any of its ip addersses and we had several mail servers there that worked flawlessly, never once got a 550.  The only time we had an issue was when we tried to download something that wasn't allowed to be exported off the web.  (Microsoft 128-bit updates, for example)

----------

## s003apr

 :Shocked: 

Now I'm really confused.  So many conflicting sources   :Shocked: 

So, I guess instead of jumping into choosing my software, I should do a better job of explaining what my goals are and what resources I have available to me.

Goals:

1.  Have a handful of freinds and family (and myself) able to get their mail from a domain which I can manage myself.

2.  Be able to see my mail and send mail messages from anywhere with an internet connection (ie. home, work, or freinds house)

3.  Have it easy for the users to set up and manage themselves.

(the above two reasons are why I would like a webmail setup like squirrelmail.)

4.  Have my own unique domain (ie. foo.dyndns.org)

5.  Run a secure server that won't be turned into an open-relay

Available Resources:

1. I have a dsl connection (Ameritech)

2. Cheap Router (D-link) capable of forwarding all incoming connections to my server.

3. An underused computer that I will use for a server.

4. Ameritech DSL provides an SMTP server that I can use without authentication as long as I am using it from my DSL connection (mailhost.day.ameritech.net).

5. An account with dyndns.org that I keep updated with ddclient (although I would be willing to use a different dynamic dns provider if needed).  My IP rarely changes and when it does it is updated with dyndns very quickly.

Splooge:

 *Quote:*   

> dyndns.org does mx record handling just fine also.

 

Do I NEED mx record handling?

 *Quote:*   

> inet_interfaces = all # should be fine

 

I think you just confused me more, what do you mean by #?  Can you give an example?

sisyphus:

 *Quote:*   

> As for ignoring the reverse PTR. Well, fine - just don't expect all your mail to be deliverable. Many hosts won't accept mail from without the in-addr pointing back at your domain name and will reject mail from you with a 550.

 

My ISP seems to be fairly tolerant (ie. they don't block any connections).  If by chance they don't require my IP to be reverse resolved, then will all hosts except my mail?

 *Quote:*   

> The documents over at http://www.postfix.org are your friend

 

I've looked at this and much other documentation (lots of documentation).  It's really just managed to confuse me more because the documentation always seems to be geared toward ppl with more experience who are running large internal networks and have the support and assistance of thier ISP.

----------

## splooge

1) Yes, you need a Mail eXchanger record to receive e-mail.  With dyndns.org it's simply a matter of checking a check-box!  (eg: Do you want MX?  yes/no)

(Hmm actually I just remembered reading somewhere that you can use a FQDN without an MX record...but wouldn't advise it.  Hell, 10 years ago I was sending mail to user@ip.add.re.ss but that's another story)

2) Everything after the # is considered a comment and will be ignored...just like the rest of the file if you take a looksee =)

----------

## sisyphus

s003apr,

A few useful resources:

http://www.redhat.com/support/resources/faqs/RH-postfix-FAQ/book1.html

http://www.mandrakeuser.org/docs/mdoc/server/service-smtp.html

http://www.exim.org/

It should be said that Postfix is not the easiest mail server to set up. It knocks chunks off Sendmail but its still not easy. It's worth remembering that it's not the only thing out there (though I like it, that's largely because Senmail is so bloody horrible).

There's Qmail, Exim and a bunch of others (Linux Format in the UK recommeded Exim and its documentation this month, I've not tried it but it's maybe worth a try).

----------

## splooge

Also -- if you're worried about lost mail behind a dynamic IP address, and you want to use your own domain name -- zoneedit.com, the DNS hosters I talked about, offer a mail back-up service:

Backup Mail Service  - Want to run your own mail server, but you're afraid of missing important e-mails? Our optional "Store and Forward" service will accept e-mails for you while your mail server is down or unavailable, and redeliver them when you're back up! 

FWIW,

----------

## s003apr

 *Quote:*   

> Hell, 10 years ago I was sending mail to user@ip.add.re.ss but that's another story

 

can you really do that?

For instance, could I send mail to:

user@111.11.111.11

??????????

----------

## exhilaration

I finally have something to contribute!!!!!!!!!!!!!!!!!!!!!!!!!!!

 *Quote:*   

> can you really do that? 
> 
> For instance, could I send mail to: 
> 
> user@111.11.111.11 
> ...

 

NO, you can't.  Mail must be handled via DNS because individual users are tied to domains, NOT IP addresses.  I'll try to find some documentation to back that up, but you can forget about that option over the Internet.  (Though within a local network you can make your own rules.)

Wow, my first post.  :Smile: 

----------

## s003apr

Thanks everybody for your help, finally got it up and going.

I was confused because I thought I actually had to type a value in for hostname and such, I guess you actually just leave that alone and it gets the hostname and all by itself.

A few other things I found out for future reference of others:

1. If you have ameritech-SBC DSL they do not block your ports

2. If you have an account with dyndns.org for dynamic IP service they automatically handle the MX for you. ie my address of foo.dyndns.org is pointed to by there MX, so as long as your software is set to recieve then you don't need to worry about an MX

Well, Off to learn a little bit more about security.   :Smile: 

----------

## splooge

 *exhilaration wrote:*   

> I finally have something to contribute!!!!!!!!!!!!!!!!!!!!!!!!!!!
> 
>  *Quote:*   can you really do that? 
> 
> For instance, could I send mail to: 
> ...

 

=(  Research is your friend.

 *Gentoo Linux Desktop Configuration Guide wrote:*   

> 
> 
> Code listing 6.2: Turning on mail reception in main.cf
> 
> # RECEIVING MAIL
> ...

 

While it may not be 'acceptable' or proper 'net etiquette', and in some cases breaks many rules, yes, there are still many e-mail servers who are capable of sending and receiving mail to user@[ip.address] much as the one you're using (postfix).

----------

