how to setup postfix mail relay service on Centos 7

In this post I will go through basic mail relay server install and set-up. I installed this in my Jira server to send the Jira, Confluence and Bitbucket server notifications out.

————- THIS POST IS WORK IN PROGRESS —————–

sudo yum update
sudo yum install -y postfix
sudo cp /etc/postfix/access /etc/postfix/access-sender
sudo vim /etc/postfix/access-sender

Add below lines to the end of the file. This will allow email to go out from only those three emails and nothing else.

servicedesk@yourserver.com              OK
jira@yourserver.com                     OK
confluence@yourserver.com               OK
yourserver.com                          REJECT

sudo cp /etc/postfix/access /etc/postfix/access-recipient
sudo vim /etc/postfix/access-recipient

Add below lines to the end of the file to make sure emails can be sent just to the list of recipients mentioned in the file. If emails are meant to go to any address then leave this file with no change.

yourserver.com                  OK

each time you update these files need to execute below command to update the lookup table database.

sudo postmap /etc/postfix/access-sender
sudo postmap /etc/postfix/access-recipient

Update the configuration file to use access lists:

sudo vim /etc/postfix/main.cf

update these lines

77 myhostname = mail.yourserver.com
...
85 mydomain = yourserver.com
...
102 myorigin = $mydomain
688 # Only allow sender from sender_access
689 #smtpd_send_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_access, permit
690 smtpd_delay_reject = yes
691 smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access-sender, reject
692 #smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access-recepient, reject

Note line 692 is commented out to ignore the recipient access list.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.