RHEL7: Configure a system to forward all email to a central mail server.

Share this link

Note: This is an RHCE 7 exam objective.

Prerequisites

In order to test this configuration, you will need to configure a central mail server.

Installation Procedure

The configuration of a master DNS server can be avoided by using the [mail.example.com] syntax (see below) or the IP address of the mail gateway.

Install the postfix package if it is not already there:

# yum install -y postfix

Activate the postfix service at boot (normally already enabled):

# systemctl enable postfix

Start the postfix service (normally already started):

# systemctl restart postfix

Main Configurations

There are two cases to distinguish:

  • the system doesn’t receive any mail from outside but forwards all mails sent by local users (even mails from local users to local users) to a central mail server: this is the null-client configuration,
  • the system accepts any mail from the local network and forwards them with the ones sent by the local users to a central mail server: this is the mail gateway configuration.

The RHCE 7 exam objective seems to be more geared towards the null-client configuration.
This tutorial will explain how to put in place this configuration. Details related to the mail gateway configuration will be shown later.

Null-client Configuration

Let’s assume that your server is called server.example.com on the 192.168.1.0/24 network and your central mail server (outgoing mail gateway) is called mail.example.com at 192.168.1.1.
Edit the /etc/postfix/main.cf file and change the following directives:

myhostname = server.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = loopback-only
mydestination =
relayhost = 192.168.1.1

Note1: Be careful not to specify $mydomain in the mydestination option (this will store all the mails locally, which is not exactly what you want).
Note2: If you’ve got a DNS server dealing with MX records, you can specify relayhost = mail.example.com instead of the IP address.
Note3: If you don’t set up a DNS server (but use the /etc/hosts file) or if your DNS server doesn’t deal with MX records, you can specify relayhost = [mail.example.com], this form turns off MX lookups.

Check the syntax:

# postfix check

Check the non-default configuration:

# postconf -n

Reload the postfix configuration:

# systemctl restart postfix

Note: It is normally not necessary to restart the processes when parameters are changed, a reload is enough. However, when changing the inet_interfaces parameter, you need to restart all the processes.

There is an quicker way than editing the /etc/postfix/main.cf file, you can also use the postconf command. This command with the -e option changes a parameter with its specified value and writes everything in the /etc/postfix/main.cf file! You can check that by restarting the postfix processes or rebooting the server!

# postconf -e 'relayhost = 192.168.1.1'

To get the value associated with the relayhost parameter, type:

# postconf relayhost
relayhost = 192.168.1.1

Time To Test

To send a mail to me at the central mail server (you need to create such a user on your central mail server), type:

# echo "This is a test." | mail -s "Test" me@example.com

Note: The echo command introduces the content of the mail. The -s option specifies the mail subject followed by the recipient.

To check the local mail queue, type:

# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
822FA3DE4       535 Tue Aug  5 16:54:45  root@example.com
(cannot update mailbox /var/mail/me for user me. destination /var/mail/me is not owned by recipient)
me@example.com

-- 0 Kbytes in 1 Request.

To requeue a mail (-r), type:

# postsuper -r 822FA3DE4
postsuper: name_mask: all
postsuper: inet_addr_local: configured 2 IPv4 addresses
postsuper: inet_addr_local: configured 2 IPv6 addresses
postsuper: renamed file deferred/8/822FA3DE4 as maildrop/822FA3DE4
postsuper: 822FA3DE4: requeued
postsuper: Requeued: 1 message

To delete the mail (-d) in the local queue, type:

# postsuper -d 822FA3DE4

Note: The postsuper -d ALL command deletes all the mails in the mail queue (ALL in upper case).

To read the previous mail for me on the central mail server (here mail.example.com), connect to it and type:

[mail]# su - me
$ mail
Heirloom Mail version 12.4 7/29/08.  Type ? for help.
"/var/spool/mail/me": 1 message
 U  1 root                  Tue Aug  5 18:31  22/755   "Subject: Test"

To check all the process followed by an email, type:

# tail -f /var/log/maillog
18:07:40 postfix/pickup[2338]: 822FA3DE4: uid=89 from=<root@example.com> orig_id=0FB353E45
18:07:40 postfix/cleanup[24446]: 822FA3DE4: message-id=<20140805145446.0FB353E45@server.example.com>
18:07:40 postfix/qmgr[2339]: 822FA3DE4: from=<root@example.com>, size=535, nrcpt=1 (queue active)
18:07:40 postfix/local[24448]: warning: specify "strict_mailbox_ownership = no" to ignore mailbox ownership mismatch
18:07:41 postfix/local[24448]: 822FA3DE4: to=<me@example.com>, relay=local, delay=4375, delays=4375/0.02/0/0.25, dsn=4.2.0, status=deferred (cannot update mailbox /var/mail/me for user me. destination /var/mail/me is not owned by recipient)

Gateway Configuration

In case you want to set up a mail gateway configuration (a server receiving emails from the local network and forwarding them to a central mail server), execute the following steps.

Edit the /etc/postfix/main.cf file and change the following directives:

myhostname = server.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 192.168.1.0/24, 127.0.0.0/8
relayhost = 192.168.1.1

Note: Compared to the null-client configuration, Postfix processes listen to all network interfaces (the inet_interfaces directive), accept mails sent to the example.com domain (the mydestination directive) restricted to the local network (the mynetworks directive).

Check the syntax:

# postfix check

Check the non-default configuration:

# postconf -n

Reload the postfix configuration:

# systemctl restart postfix

Open the firewall to receive emails from outside:

# firewall-cmd --permanent --add-service=smtp
success

Reload the firewall configuration:

# firewall-cmd --reload
success

Useful Tips

Before or during the exam, you can go to the /usr/share/doc/postfix-2.10.1/README_FILES directory to read the BASIC_CONFIGURATION_README and STANDARD_CONFIGURATION_README files filled with many Postfix configuration examples.

Additional Resources

Useful free Postfix resources can be found at the Postfix website. The Postfix Overview page is a good place to start. Also, this global picture of Postfix can help you to better understand the numerous processes involved.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave a Reply

9 Comments on "RHEL7: Configure a system to forward all email to a central mail server."

Notify of
Sort by:   newest | oldest
Shikaz
Member
Shikaz

I want to be sure of something, when a question comes like “all the mails should be routed to aaa.bbb.ccc.ddd” that means that this what should be placed in relayhost ?

Thanks

Lisenet
Member
I may be barking up the wrong tree here, but saw quite a few cases where people allow an smtp service on firewalld when configuring Postfix null-client. I cannot think of any valid reason why it should be required, as a null-client cannot receive emails from outside. It’s funny as a training provider did the same thing. This does apply to MariaDB too actually, when explicitly asked to configure a MariaDB server to be accessible locally only, some people put a firewalld rule to allow traffic on TCP port 3306. What’s the point here? Anyone’s got ideas? You would never… Read more »
power
Member
power

Please correct me if I say wrong: If in exam they say: “Configure the SMTP mail service on serverX and desktopX which relay the mail only from local system ” then I should leave “mydestination” blank. Otherwise I should leave that as default main.cf config file. Is that correct ??? Or should I leave that blank anyway ???

Thanks

Lisenet
Member

You are right, you have to disable local mail delivery by not specifying mydestination.

rhcptexas
Member
rhcptexas
There is another configuration that sometimes shows in practice exams for the RHCE where the null client is a hybrid configuration which forwards some traffic for specific IPs or subnet(s), while retaining local SMTP messages directed at itself only. Below is an example of this question. desktopX is running an SMTP smartrelay. serverX will be a null client for relaying SMTP messages for systems that use it similar to a relay gateway, but will retain messages directed at itself. This is a valid configuration and is commonly used in situations where systems behind a firewall must relay mail in a… Read more »
Lisenet
Member

My apologies, but I struggled to parse your sentences. What does “See not on NO local_transport configuration required above.” mean?

wpDiscuz

RHCSA7: Task of the day

Allowed time: 5 minutes.
Create a user called tom. Create a directory named /private. Use an acl to only allow access (rwx) to tom to the private directory.

RHCE7: Task of the day

Allowed time: 3 minutes.
Configure your machine to be a router.

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...

Recent Comments