1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3 4<html> 5 6<head> 7 8<title> Postfix Basic Configuration </title> 9 10<meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> 11 12</head> 13 14<body> 15 16<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Basic Configuration </h1> 17 18<hr> 19 20<h2> Introduction </h2> 21 22<p> Postfix has several hundred configuration parameters that are 23controlled via the <a href="postconf.5.html">main.cf</a> file. Fortunately, all parameters have 24sensible default values. In many cases, you need to configure only 25two or three parameters before you can start to play with the mail 26system. Here's a quick introduction to the syntax: </p> 27 28<ul> 29 30<li> <p> <a href="#syntax">Postfix configuration files</a></p> 31 32</ul> 33 34<p> The text below assumes that you already have Postfix installed 35on the system, either by compiling the source code yourself (as 36described in the <a href="INSTALL.html">INSTALL</a> file) or by installing an already compiled 37version. </p> 38 39<p> This document covers basic Postfix configuration. Information 40about how to configure Postfix for specific applications such as 41mailhub, firewall or dial-up client can be found in the 42<a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> file. But don't go there until you 43already have covered the material presented below. </p> 44 45<p> The first parameters of interest specify the machine's identity 46and role in the network. </p> 47 48<ul> 49 50<li> <p> <a href="#myorigin"> What domain name to use in outbound mail </a> </p> 51 52<li> <p> <a href="#mydestination"> What domains to receive mail for </a> </p> 53 54<li> <p> <a href="#relay_from"> What clients to relay mail from </a> </p> 55 56<li> <p> <a href="#relay_to"> What destinations to relay mail to </a> </p> 57 58<li> <p> <a href="#relayhost"> What delivery method: direct or 59indirect </a> </p> 60 61</ul> 62 63<p> The default values for many other configuration parameters are 64derived from just these. </p> 65 66<p> The next parameter of interest controls the amount of mail sent 67to the local postmaster: </p> 68 69<ul> 70 71<li> <p> <a href="#notify"> What trouble to report to the postmaster 72</a> </p> 73 74</ul> 75 76<p> Be sure to set the following correctly if you're behind a proxy or 77network address translator, and you are running a backup MX host 78for some other domain: </p> 79 80<ul> 81 82<li> <p> <a href="#proxy_interfaces"> Proxy/NAT external network 83addresses </a> </p> 84 85</ul> 86 87<p> Postfix daemon processes run in the background, and log problems 88and normal activity to the syslog daemon. Here are a few things 89that you need to be aware of: </p> 90 91<ul> 92 93<li> <p> <a href="#syslog_howto"> What you need to know about 94Postfix logging </a> </p> 95 96</ul> 97 98<p> If your machine has unusual security requirements you may 99want to run Postfix daemon processes inside a chroot environment. </p> 100 101<ul> 102 103<li> <p> <a href="#chroot_setup"> Running Postfix daemon processes 104chrooted </a> </p> 105 106</ul> 107<p> If you run Postfix on a virtual network interface, or if your 108machine runs other mailers on virtual interfaces, you'll have to 109look at the other parameters listed here as well: </p> 110 111<ul> 112 113<li> <p> <a href="#myhostname"> My own hostname </a> </p> 114 115<li> <p> <a href="#mydomain"> My own domain name </a> </p> 116 117<li> <p> <a href="#inet_interfaces"> My own network addresses </a> </p> 118 119</ul> 120 121<h2> <a name="syntax">Postfix configuration files</a></h2> 122 123<p> By default, Postfix configuration files are in /etc/postfix. 124The two most important files are <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a>; these files 125must be owned by root. Giving someone else write permission to 126<a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a> (or to their parent directories) means giving 127root privileges to that person. </p> 128 129<p> In /etc/postfix/<a href="postconf.5.html">main.cf</a> you will have to set up a minimal number 130of configuration parameters. Postfix configuration parameters 131resemble shell variables, with two important differences: the first 132one is that Postfix does not know about quotes like the UNIX shell 133does.</p> 134 135<p> You specify a configuration parameter as: </p> 136 137<blockquote> 138<pre> 139/etc/postfix/<a href="postconf.5.html">main.cf</a>: 140 parameter = value 141</pre> 142</blockquote> 143 144<p> and you use it by putting a "$" character in front of its name: </p> 145 146<blockquote> 147<pre> 148/etc/postfix/<a href="postconf.5.html">main.cf</a>: 149 other_parameter = $parameter 150</pre> 151</blockquote> 152 153<p> You can use $parameter before it is given a value (that is the 154second main difference with UNIX shell variables). The Postfix 155configuration language uses lazy evaluation, and does not look at 156a parameter value until it is needed at runtime. </p> 157 158<p> Postfix uses database files for access control, address rewriting 159and other purposes. The <a href="DATABASE_README.html">DATABASE_README</a> file gives an introduction 160to how Postfix works with Berkeley DB, LDAP or SQL and other types. 161Here is a common example of how Postfix invokes a database: </p> 162 163<blockquote> 164<pre> 165/etc/postfix/<a href="postconf.5.html">main.cf</a>: 166 <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual 167</pre> 168</blockquote> 169 170<p> Whenever you make a change to the <a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a> file, 171execute the following command as root in order to refresh a running 172mail system: </p> 173 174<blockquote> 175<pre> 176# postfix reload 177</pre> 178</blockquote> 179 180<h2> <a name="myorigin"> What domain name to use in outbound mail </a> </h2> 181 182<p> The <a href="postconf.5.html#myorigin">myorigin</a> parameter specifies the domain that appears in 183mail that is posted on this machine. The default is to use the 184local machine name, $<a href="postconf.5.html#myhostname">myhostname</a>, which defaults to the name of the 185machine. Unless you are running a really small site, you probably 186want to change that into $<a href="postconf.5.html#mydomain">mydomain</a>, which defaults to the parent 187domain of the machine name. </p> 188 189<p> For the sake of consistency between sender and recipient addresses, 190<a href="postconf.5.html#myorigin">myorigin</a> also specifies the domain name that is appended 191to an unqualified recipient address. </p> 192 193<p> Examples (specify only one of the following): </p> 194 195<blockquote> 196<pre> 197/etc/postfix/<a href="postconf.5.html">main.cf</a>: 198 <a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#myhostname">myhostname</a> (default: send mail as "user@$<a href="postconf.5.html#myhostname">myhostname</a>") 199 <a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#mydomain">mydomain</a> (probably desirable: "user@$<a href="postconf.5.html#mydomain">mydomain</a>") 200</pre> 201</blockquote> 202 203<h2><a name="mydestination"> What domains to receive mail for </a> 204</h2> 205 206<p> The <a href="postconf.5.html#mydestination">mydestination</a> parameter specifies what domains this 207machine will deliver locally, instead of forwarding to another 208machine. The default is to receive mail for the machine itself. 209See the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file for how to configure Postfix for 210<a href="VIRTUAL_README.html#canonical">hosted domains</a>. </p> 211 212<p> You can specify zero or more domain names, "/file/name" patterns 213and/or "<a href="DATABASE_README.html">type:table</a>" lookup tables (such as hash:, btree:, nis:, <a href="ldap_table.5.html">ldap</a>:, 214or <a href="mysql_table.5.html">mysql</a>:), separated by whitespace and/or commas. A "/file/name" 215pattern is replaced by its contents; "<a href="DATABASE_README.html">type:table</a>" requests that a 216table lookup is done and merely tests for existence: the lookup 217result is ignored. </p> 218 219<p> IMPORTANT: If your machine is a mail server for its entire 220domain, you must list $<a href="postconf.5.html#mydomain">mydomain</a> as well. </p> 221 222<p> Example 1: default setting. </p> 223 224<blockquote> 225<pre> 226/etc/postfix/<a href="postconf.5.html">main.cf</a>: 227 <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a> localhost.$<a href="postconf.5.html#mydomain">mydomain</a> localhost 228</pre> 229</blockquote> 230 231<p> Example 2: domain-wide mail server. </p> 232 233<blockquote> 234<pre> 235/etc/postfix/<a href="postconf.5.html">main.cf</a>: 236 <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a> localhost.$<a href="postconf.5.html#mydomain">mydomain</a> localhost $<a href="postconf.5.html#mydomain">mydomain</a> 237</pre> 238</blockquote> 239 240<p> Example 3: host with multiple DNS A records. </p> 241 242<blockquote> 243<pre> 244/etc/postfix/<a href="postconf.5.html">main.cf</a>: 245 <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a> localhost.$<a href="postconf.5.html#mydomain">mydomain</a> localhost 246 www.$<a href="postconf.5.html#mydomain">mydomain</a> ftp.$<a href="postconf.5.html#mydomain">mydomain</a> 247</pre> 248</blockquote> 249 250<p> Caution: in order to avoid mail delivery loops, you must list all 251hostnames of the machine, including $<a href="postconf.5.html#myhostname">myhostname</a>, and localhost.$<a href="postconf.5.html#mydomain">mydomain</a>. </p> 252 253<h2> <a name="relay_from"> What clients to relay mail from </a> </h2> 254 255<p> By default, Postfix will forward mail from clients in authorized 256network blocks to any destination. Authorized networks are defined 257with the <a href="postconf.5.html#mynetworks">mynetworks</a> configuration parameter. The default is to 258authorize all clients in the IP subnetworks that the local machine 259is attached to. </p> 260 261<p> IMPORTANT: If your machine is connected to a wide area network 262then your default <a href="postconf.5.html#mynetworks">mynetworks</a> setting may be too friendly. </p> 263 264<p> Examples (specify only one of the following): </p> 265 266<blockquote> 267<pre> 268/etc/postfix/<a href="postconf.5.html">main.cf</a>: 269 <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet (default: authorize subnetworks) 270 <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host (safe: authorize local machine only) 271 <a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 (safe: authorize local machine only) 272 <a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.2/32 (authorize local machine) 273</pre> 274</blockquote> 275 276<p> You can specify the trusted networks in the <a href="postconf.5.html">main.cf</a> file, or 277you can let Postfix do the work for you. The default is to let 278Postfix do the work. The result depends on the <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> 279parameter value. 280 281<ul> 282 283<li> <p> Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host" when Postfix should 284forward mail from only the local machine. </p> 285 286<li> <p> Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" (the default) when 287Postfix should forward mail from SMTP clients in the same IP 288subnetworks as the local machine. On Linux, this works correctly 289only with interfaces specified with the "ifconfig" command. </p> 290 291<li> <p> Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class" when Postfix should 292forward mail from SMTP clients in the same IP class A/B/C networks 293as the local machine. Don't do this with a dialup site - it would 294cause Postfix to "trust" your entire provider's network. Instead, 295specify an explicit <a href="postconf.5.html#mynetworks">mynetworks</a> list by hand, as described below. 296</p> 297 298</ul> 299 300<p> Alternatively, you can specify the <a href="postconf.5.html#mynetworks">mynetworks</a> list by hand, 301in which case Postfix ignores the <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> setting. 302To specify the list of trusted networks by hand, specify network 303blocks in CIDR (network/mask) notation, for example: </p> 304 305<blockquote> 306<pre> 307/etc/postfix/<a href="postconf.5.html">main.cf</a>: 308 <a href="postconf.5.html#mynetworks">mynetworks</a> = 168.100.189.0/28, 127.0.0.0/8 309</pre> 310</blockquote> 311 312<p> You can also specify the absolute pathname of a pattern file instead 313of listing the patterns in the <a href="postconf.5.html">main.cf</a> file. </p> 314 315<h2> <a name="relay_to"> What destinations to relay mail to </a> </h2> 316 317<p> By default, Postfix will forward mail from strangers (clients outside 318authorized networks) to authorized remote destinations only. 319Authorized remote 320destinations are defined with the <a href="postconf.5.html#relay_domains">relay_domains</a> configuration 321parameter. The default is to authorize all domains (and subdomains) 322of the domains listed with the <a href="postconf.5.html#mydestination">mydestination</a> parameter. </p> 323 324<p> Examples (specify only one of the following): </p> 325 326<blockquote> 327<pre> 328/etc/postfix/<a href="postconf.5.html">main.cf</a>: 329 <a href="postconf.5.html#relay_domains">relay_domains</a> = $<a href="postconf.5.html#mydestination">mydestination</a> (default) 330 <a href="postconf.5.html#relay_domains">relay_domains</a> = (safe: never forward mail from strangers) 331 <a href="postconf.5.html#relay_domains">relay_domains</a> = $<a href="postconf.5.html#mydomain">mydomain</a> (forward mail to my domain and subdomains) 332</pre> 333</blockquote> 334 335<h2> <a name="relayhost"> What delivery method: direct or 336indirect </a> </h2> 337 338<p> By default, Postfix tries to deliver mail directly to the 339Internet. Depending on your local conditions this may not be possible 340or desirable. For example, your system may be turned off outside 341office hours, it may be behind a firewall, or it may be connected 342via a provider who does not allow direct mail to the Internet. In 343those cases you need to configure Postfix to deliver mail indirectly 344via a <a href="postconf.5.html#relayhost">relay host</a>. </p> 345 346<p> Examples (specify only one of the following): </p> 347 348<blockquote> 349<pre> 350/etc/postfix/<a href="postconf.5.html">main.cf</a>: 351 <a href="postconf.5.html#relayhost">relayhost</a> = (default: direct delivery to Internet) 352 <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a> (deliver via local mailhub) 353 <a href="postconf.5.html#relayhost">relayhost</a> = [mail.$<a href="postconf.5.html#mydomain">mydomain</a>] (deliver via local mailhub) 354 <a href="postconf.5.html#relayhost">relayhost</a> = [mail.isp.tld] (deliver via provider mailhub) 355</pre> 356</blockquote> 357 358<p> The form enclosed with <tt>[]</tt> eliminates DNS MX lookups. 359Don't worry if you don't know what that means. Just be sure to 360specify the <tt>[]</tt> around the mailhub hostname that your ISP 361gave to you, otherwise mail may be mis-delivered. </p> 362 363<p> The <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> file has more hints and tips 364for firewalled and/or dial-up networks. </p> 365 366<h2> <a name="notify"> What trouble to report to the postmaster</a> </h2> 367 368<p> You should set up a postmaster alias in the <a href="aliases.5.html">aliases(5)</a> table 369that directs mail to a human person. The postmaster address is 370required to exist, so that people can report mail delivery problems. 371While you're updating the <a href="aliases.5.html">aliases(5)</a> table, be sure to direct mail 372for the super-user to a human person too. </p> 373 374<blockquote> 375<pre> 376/etc/aliases: 377 postmaster: you 378 root: you 379</pre> 380</blockquote> 381 382<p> Execute the command "newaliases" after changing the aliases 383file. Instead of /etc/aliases, your alias file may be located 384elsewhere. Use the command "postconf <a href="postconf.5.html#alias_maps">alias_maps</a>" to find out.</p> 385 386<p> The Postfix system reports problems to the postmaster alias. 387You may not be interested in all types of trouble reports, so this 388reporting mechanism is configurable. The default is to report only 389serious problems (resource, software) to postmaster: </p> 390 391<p> Default setting: </p> 392 393<blockquote> 394<pre> 395/etc/postfix/<a href="postconf.5.html">main.cf</a>: 396 <a href="postconf.5.html#notify_classes">notify_classes</a> = resource, software 397</pre> 398</blockquote> 399 400<p> The meaning of the classes is as follows: </p> 401 402<blockquote> 403 404<dl> 405 406<dt> bounce </dt> <dd> Inform the postmaster of undeliverable 407mail. Either send the postmaster a copy of undeliverable mail that 408is returned to the sender, or send a transcript of the SMTP session 409when Postfix rejected mail. For privacy reasons, the postmaster 410copy of undeliverable mail is truncated after the original message 411headers. This implies "2bounce" (see below). See also the 412<a href="postconf.5.html#luser_relay">luser_relay</a> feature. The notification is sent to the address 413specified with the <a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> configuration parameter 414(default: postmaster). </dd> 415 416<dt> 2bounce </dt> <dd> When Postfix is unable to return undeliverable 417mail to the sender, send it to the postmaster instead (without 418truncating the message after the primary headers). The notification 419is sent to the address specified with the <a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a> 420configuration parameter (default: postmaster). </dd> 421 422<dt> delay </dt> <dd> Inform the postmaster of delayed mail. In 423this case, the postmaster receives message headers only. The 424notification is sent to the address specified with the 425<a href="postconf.5.html#delay_notice_recipient">delay_notice_recipient</a> configuration parameter (default: postmaster). 426</dd> 427 428<dt> policy </dt> <dd> Inform the postmaster of client requests 429that were rejected because of (UCE) policy restrictions. The 430postmaster receives a transcript of the SMTP session. The notification 431is sent to the address specified with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> 432configuration parameter (default: postmaster). </dd> 433 434<dt> protocol </dt> <dd> Inform the postmaster of protocol errors 435(client or server side) or attempts by a client to execute 436unimplemented commands. The postmaster receives a transcript of 437the SMTP session. The notification is sent to the address specified 438with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> configuration parameter (default: 439postmaster). </dd> 440 441<dt> resource </dt> <dd> Inform the postmaster of mail not delivered 442due to resource problems (for example, queue file write errors). 443The notification is sent to the address specified with the 444<a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> configuration parameter (default: postmaster). 445</dd> 446 447<dt> software </dt> <dd> Inform the postmaster of mail not delivered 448due to software problems. The notification is sent to the address 449specified with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> configuration parameter 450(default: postmaster). </dd> 451 452</dl> 453 454</blockquote> 455 456<h2><a name="proxy_interfaces"> Proxy/NAT external network 457addresses</a> </h2> 458 459<p> Some mail servers are connected to the Internet via a network 460address translator (NAT) or proxy. This means that systems on the 461Internet connect to the address of the NAT or proxy, instead of 462connecting to the network address of the mail server. The NAT or 463proxy forwards the connection to the network address of the mail 464server, but Postfix does not know this. </p> 465 466<p> If you run a Postfix server behind a proxy or NAT, you need to 467configure the <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> parameter and specify all the external 468proxy or NAT addresses that Postfix receives mail on. You may 469specify symbolic hostnames instead of network addresses. </p> 470 471<p> IMPORTANT: You must specify your proxy/NAT external addresses 472when your system is a backup MX host for other domains, otherwise 473mail delivery loops will happen when the primary MX host is down. 474</p> 475 476<p> Example: host behind NAT box running a backup MX host. </p> 477 478<blockquote> 479<pre> 480/etc/postfix/<a href="postconf.5.html">main.cf</a>: 481 <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4 (the proxy/NAT external network address) 482</pre> 483</blockquote> 484 485<h2> <a name="syslog_howto"> What you need to know about 486Postfix logging </a> </h2> 487 488<p> Postfix daemon processes run in the background, and log problems 489and normal activity to the syslog daemon. The syslogd process sorts 490events by class and severity, and appends them to logfiles. The 491logging classes, levels and logfile names are usually specified in 492/etc/syslog.conf. At the very least you need something like: </p> 493 494<blockquote> 495<pre> 496/etc/syslog.conf: 497 mail.err /dev/console 498 mail.debug /var/log/maillog 499</pre> 500</blockquote> 501 502<p> After changing the syslog.conf file, send a "HUP" signal to 503the syslogd process. </p> 504 505<p> IMPORTANT: many syslogd implementations will not create files. 506You must create files before (re)starting syslogd. </p> 507 508<p> IMPORTANT: on Linux you need to put a "-" character before the 509pathname, e.g., -/var/log/maillog, otherwise the syslogd process 510will use more system resources than Postfix. </p> 511 512<p> Hopefully, the number of problems will be small, but it is a good 513idea to run every night before the syslog files are rotated: </p> 514 515<blockquote> 516<pre> 517# postfix check 518# egrep '(reject|warning|error|fatal|panic):' /some/log/file 519</pre> 520</blockquote> 521 522<ul> 523 524<li> <p> The first line (postfix check) causes Postfix to report 525file permission/ownership discrepancies. </p> 526 527<li> <p> The second line looks for problem reports from the mail 528software, and reports how effective the relay and junk mail access 529blocks are. This may produce a lot of output. You will want to 530apply some postprocessing to eliminate uninteresting information. 531</p> 532 533</ul> 534 535<p> The <a href="DEBUG_README.html#logging"> DEBUG_README </a> 536document describes the meaning of the "warning" etc. labels in 537Postfix logging. </p> 538 539<h2> <a name="chroot_setup"> Running Postfix daemon processes 540chrooted </a> </h2> 541 542<p> Postfix daemon processes can be configured (via the <a href="master.5.html">master.cf</a> 543file) to run in a chroot jail. The processes run at a fixed low 544privilege and with file system access limited to the Postfix queue 545directories (/var/spool/postfix). This provides a significant 546barrier against intrusion. The barrier is not impenetrable (chroot 547limits file system access only), but every little bit helps.</p> 548 549<p>With the exception of Postfix daemons that deliver mail locally 550and/or that execute non-Postfix commands, every Postfix daemon can 551run chrooted.</p> 552 553<p>Sites with high security requirements should consider to chroot 554all daemons that talk to the network: the <a href="smtp.8.html">smtp(8)</a> and <a href="smtpd.8.html">smtpd(8)</a> 555processes, and perhaps also the <a href="lmtp.8.html">lmtp(8)</a> client. The author's own 556porcupine.org mail server runs all daemons chrooted that can be 557chrooted. </p> 558 559<p>The default /etc/postfix/<a href="master.5.html">master.cf</a> file specifies that no Postfix 560daemon runs chrooted. In order to enable chroot operation, edit 561the file /etc/postfix/<a href="master.5.html">master.cf</a>, and follow instructions in the 562file. When you're finished, execute "postfix reload" to make the 563change effective. </p> 564 565<p>Note that a chrooted daemon resolves all filenames relative to 566the Postfix queue directory (/var/spool/postfix). For successful 567use of a chroot jail, most UNIX systems require you to bring in 568some files or device nodes. The examples/chroot-setup directory in 569the source code distribution has a collection of scripts that help 570you set up Postfix chroot environments on different operating 571systems.</p> 572 573<p> Additionally, you almost certainly need to configure syslogd 574so that it listens on a socket inside the Postfix queue directory. 575Examples of syslogd command line options that achieve this for 576specific systems: </p> 577 578<p> FreeBSD: <tt>syslogd -l /var/spool/postfix/var/run/log</tt> </p> 579 580<p> Linux, OpenBSD: <tt>syslogd -a /var/spool/postfix/dev/log</tt> </p> 581 582<h2><a name="myhostname"> My own hostname </a> </h2> 583 584<p> The <a href="postconf.5.html#myhostname">myhostname</a> parameter specifies the fully-qualified domain 585name of the machine running the Postfix system. $<a href="postconf.5.html#myhostname">myhostname</a> 586appears as the default value in many other Postfix configuration 587parameters. </p> 588 589<p> By default, <a href="postconf.5.html#myhostname">myhostname</a> is set to the local machine name. If 590your local machine name is not in fully-qualified domain name form, 591or if you run Postfix on a virtual interface, you will have to 592specify the fully-qualified domain name that the mail system should 593use. </p> 594 595<p> Alternatively, if you specify <a href="postconf.5.html#mydomain">mydomain</a> in <a href="postconf.5.html">main.cf</a>, then Postfix 596will use its value to generate a fully-qualified default value 597for the <a href="postconf.5.html#myhostname">myhostname</a> parameter. </p> 598 599<p> Examples (specify only one of the following): </p> 600 601<blockquote> 602<pre> 603/etc/postfix/<a href="postconf.5.html">main.cf</a>: 604 <a href="postconf.5.html#myhostname">myhostname</a> = host.local.domain (machine name is not FQDN) 605 <a href="postconf.5.html#myhostname">myhostname</a> = host.virtual.domain (virtual interface) 606 <a href="postconf.5.html#myhostname">myhostname</a> = virtual.domain (virtual interface) 607</pre> 608</blockquote> 609 610<h2><a name="mydomain"> My own domain name</a> </h2> 611 612<p> The <a href="postconf.5.html#mydomain">mydomain</a> parameter specifies the parent domain of 613$<a href="postconf.5.html#myhostname">myhostname</a>. By default, it is derived from $<a href="postconf.5.html#myhostname">myhostname</a> 614by stripping off the first part (unless the result would be a 615top-level domain). </p> 616 617<p> Conversely, if you specify <a href="postconf.5.html#mydomain">mydomain</a> in <a href="postconf.5.html">main.cf</a>, then Postfix 618will use its value to generate a fully-qualified default value 619for the <a href="postconf.5.html#myhostname">myhostname</a> parameter. </p> 620 621<p> Examples (specify only one of the following): </p> 622 623<blockquote> 624<pre> 625/etc/postfix/<a href="postconf.5.html">main.cf</a>: 626 <a href="postconf.5.html#mydomain">mydomain</a> = local.domain 627 <a href="postconf.5.html#mydomain">mydomain</a> = virtual.domain (virtual interface) 628</pre> 629</blockquote> 630 631<h2><a name="inet_interfaces">My own network addresses</a> </h2> 632 633<p>The <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> parameter specifies all network interface 634addresses that the Postfix system should listen on; mail addressed 635to "user@[network address]" will be delivered locally, 636as if it is addressed to a domain listed in $<a href="postconf.5.html#mydestination">mydestination</a>.</p> 637 638<p> You can override the <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> setting in the Postfix 639<a href="master.5.html">master.cf</a> file by prepending an IP address to a server name. </p> 640 641<p> The default is to listen on all active interfaces. If you run 642mailers on virtual interfaces, you will have to specify what 643interfaces to listen on. </p> 644 645<p> IMPORTANT: If you run MTAs on virtual interfaces you must 646specify explicit <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> values for the MTA that receives 647mail for the machine itself: this MTA should never listen on the 648virtual interfaces or you would have a mailer loop when a virtual 649MTA is down. </p> 650 651<p> Example: default setting. </p> 652 653<blockquote> 654<pre> 655/etc/postfix/<a href="postconf.5.html">main.cf</a>: 656 <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = all 657</pre> 658</blockquote> 659 660<p> Example: host running one or more virtual mailers. For 661each Postfix instance, specify only one of the following. </p> 662 663<blockquote> 664<pre> 665/etc/postfix/<a href="postconf.5.html">main.cf</a>: 666 <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = virtual.host.tld (virtual Postfix) 667 <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = $<a href="postconf.5.html#myhostname">myhostname</a> localhost... (non-virtual Postfix) 668</pre> 669</blockquote> 670 671<p> Note: you need to stop and start Postfix after changing this 672parameter. </p> 673 674</body> 675 676</html> 677