Postfix Frequently Asked Questions


Up one level | Postfix Overview | Postfix Anatomy | Postfix Configuration | Postfix FAQ

Table of contents


Running Postfix inside an intranet

The simplest way to set up Postfix on a host inside a firewalled network is to send all your mail to the intranet mail gateway, and to let that gateway take care of forwarding.


Running Postfix on a firewall

Note: this section depends on accidental properties of the implementation so this information is subject to change.

How to set up Postfix on the firewall machine so that it relays mail for my.domain to a gateway machine on the inside, and so that it refuses mail for *.my.domain? The problem is that the standard relay_domains mail relaying restriction allows mail to *.my.domain when you specify my.domain.

Unfortunately, the solution cannot use the transport table, because that table is ignored for destinations that match $mydestination. That's an implementation error, and it will be removed.


Support for maildir-style mailboxes

Maildir is a specific one-file-per-message organization that was intruduced with the qmail system by Daniel Bernstein.

Out of the box, Postfix does not support the maildir mailbox format. However, you can get maildir support by using the popular procmail program for local delivery. See the procmail FAQ item.


Using Procmail for local delivery


Postfix breaks "sendmail -v"

Some people will complain that sendmail -v no longer shows the actual mail delivery.

With a distributed mail system such as Postfix, this is difficult to implement. Postfix does not run any mail delivery process under control by a user. Instead, mail delivery is done by daemon processes that have no parental relationship with user processes. This eliminates a large variety of potential security exploits with environment variables, signal handlers, and with other process attributes that UNIX passes on from parent to child.

In addition, Postfix uses multiple processes in order to insulate subsystems from each other. Making the delivery agents talk directly to user processes would defeat a lot of the effort that went into making Postfix more secure than ordinary mailers.


Getting rid of Delivered-To:

Some people will complain about the ugly Delivered-To: message header that Postfix prepends to their mail.

With the Postfix architecture, Delivered-To: is required to prevent mail forwarding loops. Fortunately, many mail user agents have per-user or even system-wide configuration files that can be set up to suppress specific message headers (for example ~/.mailrc and /usr/lib/Mail.rc).

With mailing lists, Delivered-To: can get in the way when the list exploder uses a "secret" alias that should not be shown in outbound mail. In order to tackle this, look up the FEATURE CONTROL section in the documentation of the local delivery agent.

See also the FAQ item for problems with the majordomo approve command.


Postfix breaks the majordomo "approve" command

The Postfix local delivery agent prepends a Delivered-To: message header to prevent mail forwarding loops. With majordomo mailing lists, Delivered-To: gets in the way when the moderator wants to approve postings that were sent to the list. The Postfix system claims that the mail is looping.

Currently, the workaround is to edit the approve script to strip any header lines that match:

/delivered-to/i

Yes, this assumes that the moderator knows what she is doing.


Setting up an Internet to UUCP gateway

Here is how to set up a machine that sends some but not all mail via UUCP. See the UUCP-only FAQ entry for setting a UUCP-only host.


Using UUCP as the default transport

Here is how to relay all your mail over a UUCP link. See the Internet to UUCP FAQ entry for setting up a machine that gateways between UUCP and SMTP.


Using DB libraries on Solaris etc.

The old dbm UNIX database has severe limitations when you try to store lots of information. It breaks when the number of hash collisions becomes so large that the entries no longer fit together in a single disk block. The more modern db database does not suffer these limitations. It is standard on 4.4BSD and Linux systems.

In order to build Postfix with db support on UNIX systems that do not have db support out of the box, you currently need the db-1.85 release. Later versions have an incompatible interface. Use the following commands in the Postfix top-level directory:

% make tidy
% make makefiles CCARGS="-DHAS_DB -I/some/where/include" AUXLIBS=/some/where/libdb.a
% make

Of course you will have to specify the actual location of the include directory and of the object library.


Up one level | Postfix Overview | Postfix Anatomy | Postfix Configuration | Postfix FAQ