I’m interested in using Virtualmin to manage a small mailserver. One for my business and one for my lab.
I’d like to use a relay on Postfix (Mailgun, probably) to send emails for one of the Virtual Servers.
The mailgun docs call for editing /etc/postfix/main.cf.
With Virtualmin, does each user/Virtual Server get their won /postfix/main.cf file? So that I can edit it on a per-Virtual Server basis?
No. That’s not even possible (without running an independent Postfix for every domain, which would require an IP for every domain).
You need to use a sender dependent relayhost map to only use a relay for some sending domains, I believe. Here’s one doc about it: Use Postfix Transport Map & Relayhost Map For Flexible Email Delivery
I don’t know if that’s a good doc, it’s just one of the first tutorials I found.
Depending on what you are trying to accomplish, things like “transport maps” and similar features make it possible to setup per-domain settings while still only using a single main.cf configuration.
For instance, we outsource our email delivery for a few servers to a highly reputable provider that helps us get mail delivered. In order to make use of their service effectively, we setup on their end a “per-domain” configuration, and then do a “per-domain” relay setup on our end so that mail is routed to their system appropriately, and uses different credentials per domain.
I’m having difficulty configuring my sender dependent relay…
I’d like domain1.com to go through the Sendgrid relay, and the rest of the domains to go postfix smtp.
My relay_by_sender file includes
domain1.com [smtp.sendgrid.net]:587
I then sudo postmap /etc/postfix/relay_by_sender
and restarted postfix.
I still send emails through postfix smtp instead of sendgrid as verified by emails I am sending to my gmail.
Is there something else that I must do since I’m using Webmin/Virtualmin?
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.domain1.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, guest.guest, localhost.guest, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_tls_security_level = dane
allow_percent_hack = no
tls_server_sni_maps = hash:/etc/postfix/sni_map
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_security_level = may
smtp_dns_support_level = dnssec
smtp_host_lookup = dns
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
#Transport Maps and Relays
sender_dependent_relayhost_maps = hash:/etc/postfix/relay_by_sender
#sasl
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = may
header_size_limit = 4096000
relayhost =
Did you rehash your relay_by_sender file?
postmap /etc/Postfix/relay_by_sender
I recently setup a client with per domain relay settings.
*** Sent from recovery ward in hospital. Trying to keep myself distracted while in severe pain ***
Thanks for the input; sorry to hear about your health issue, hope you get better soon.
What I did to make it work was add the following to main.cf
sender_dependent_default_transport_maps = hash:/etc/postfix/sender_transport
Then, in /etc/postfix/sender_transport I added
domain1.com relay:[smtp.sendgrid.com]:587
then postmap hash:/etc/postfix/transport and restarted postfix
That seems to do it… I’m only about 90% confident that the right way to do it, but it seems to work.
I can’t deduce what the difference is between sender_transport and relay_by_sender is…
That looks about right. There are a few other settings depending on whether you’re using a global relay or want individual relay settings but you’ve got the right idea now.
Thanks for your kind words. Glad you’ve made some progress.
*** Relaxing in recovery – surviving ***
The challenge I recently conquered related to this topic was setting up per domain relay options which required per domain sasl auth credentials. So I def have a bit more knowledge in this area after accomplishing that.
The only thing I can’t sort out is how to make postfix deliver email to the same domain locally, instead of through the relay, if that’s even possible.
So, for example, if me@domain1.com emails someobdy@gmail.com, it will use sendgrid SMTP relay. But if me@domain1.com sends to me@domain2.com, it will deliver locally instead of going through the SMTP relay.
So figure out what your local domain is. Usually the hostname of the server.
Mine for instance is something like emlX.tpnservers.com (yeah pretty fancy) then add something like.
emlX.tpnservers.com local
*** Looking for the cryo chamber in recovery ward… Oh wait it’s just an ice machine, doh ***
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.