DevOps · K8s · Volleyball · Travel  •  DevOps · K8s · Volleyball · Travel  •  DevOps · K8s · Volleyball · Travel
Explore NY Stream

— Kiaasa Dhanori Pune

How to Configure Postfix Email Server on Linux

Configuring a Postfix email server on Linux means installing the Postfix Mail Transfer Agent, editing /etc/postfix/main.cf to set your hostname and domain, opening SMTP, and verifying mail flow in the logs. This guide walks through the full process on both legacy RHEL 6 and modern RHEL 8/9 (and compatible distributions such as Rocky Linux, AlmaLinux, CentOS Stream, and Fedora), so you can stand up a working mail system whether you are maintaining an old box or building a new one.

Important: RHEL 6 reached its end of maintenance in November 2020 and is no longer supported. The original commands below are kept for anyone maintaining a legacy system, but every step also shows the modern equivalent using systemctl and dnf on RHEL 8/9. New deployments should always use a supported release.

Why Linux email looks complicated (and why Postfix is the easy path)

Email on Linux feels overwhelming to newcomers because a complete mail system is not one program but a chain of cooperating components. Most of that complexity exists so that experienced administrators can build large enterprise configurations. For a basic send-and-receive setup, the work is genuinely straightforward once you understand the pieces.

Before installing a Postfix email server it helps to know the four moving parts of any Linux mail stack and the protocol that ties them together.

Mail User Agent (MUA)

The MUA is the mail client a person actually sees: the application used to compose, send, and read messages. Graphical clients on Linux include Evolution, Thunderbird, and KMail. Text-based options include the classic mail, mutt, and the historical pine (now maintained as Alpine).

Mail Transfer Agent (MTA)

The MTA does the heavy lifting of moving messages from one machine to another, whether across a local network or over the internet. Most users never interact with it directly once it is configured. Common Linux MTAs are Postfix, Sendmail, Exim, and qmail. (Note: Fetchmail is not an MTA at all — it is a tool for retrieving mail from remote POP/IMAP servers, so do not confuse it with a transfer agent.)

Mail Delivery Agent (MDA)

The MDA sits behind the scenes between the MTA and the user's mailbox, handling final delivery and filtering. The most familiar filtering job is spam control. Popular tools include Procmail, the more modern maildrop, and the content scanner SpamAssassin. Some graphical clients (Evolution, Thunderbird, KMail) include their own filtering, while bare text clients do not — a frequent source of confusion for beginners.

SMTP

SMTP stands for Simple Mail Transfer Protocol (note: transfer, not "transport"). It is the language MTAs speak to each other to hand messages back and forth. Plain SMTP traditionally used TCP port 25 between servers; modern mail submission from clients uses port 587 with STARTTLS or port 465 with implicit TLS.

Choosing Postfix as your Mail Transfer Agent

Historically many systems shipped Sendmail as the default MTA, but its configuration is famously dense and difficult for beginners and experts alike. Postfix was designed as a faster, simpler, more secure drop-in replacement, and it is now the default MTA on Red Hat Enterprise Linux 7, 8, and 9 as well as many other distributions. Its readable main.cf configuration file and sane defaults make it the right starting point for almost everyone setting up a Linux email server.

Step 1: Make sure Sendmail is not running

Only one MTA can bind to SMTP port 25 at a time, so before configuring Postfix you must confirm Sendmail is stopped and disabled. The commands differ by release.

On modern RHEL 8/9 (recommended)

  1. Check whether Sendmail is active:
    systemctl status sendmail
  2. If it is running, stop it:
    sudo systemctl stop sendmail
  3. Disable it so it never starts at boot:
    sudo systemctl disable sendmail

On legacy RHEL 6

  1. Check the service status:
    /sbin/service sendmail status

You will see one of three responses: sendmail: unrecognized service (not installed), sendmail is stopped (installed but idle), or sendmail (pid 2138) is running (active). If it is running, stop it as root:

  1. /sbin/service sendmail stop
  2. Find which runlevels start it: /sbin/chkconfig --list | grep sendmail
  3. Disable it: /sbin/chkconfig sendmail off
  4. Verify every runlevel now shows off: /sbin/chkconfig --list | grep sendmail

Step 2: Install Postfix

On most Red Hat installs Postfix is already present, but verify before assuming. The query command is identical across releases:

  1. Check whether the package exists:
    rpm -q postfix

If it reports that Postfix is not installed, add it. Use dnf on RHEL 8/9 (or Fedora) and yum on RHEL 6/7:

  1. Modern: sudo dnf install postfix
  2. Legacy: su - then yum install postfix

The package manager downloads Postfix and creates a dedicated unprivileged postfix user account that the mail daemons run under, which is recorded in /etc/passwd.

Step 3: Configure /etc/postfix/main.cf

The primary configuration for your Postfix email server lives in /etc/postfix/main.cf. It supports dozens of directives, but only a handful are needed for a basic working system. Edit the file with a text editor as root (sudo vi /etc/postfix/main.cf) and set the following keys.

DirectivePurposeExample
myhostnameFully qualified hostname of this mail servermail.example.com
mydomainThe domain part onlyexample.com
myoriginDomain that locally posted mail appears to come from$myhostname
inet_interfacesWhich network interfaces Postfix listens onall or $myhostname
mydestinationDomains this server accepts mail for as final destination$myhostname, localhost.$mydomain, localhost, $mydomain

A minimal, correct block looks like this. The hostname format is always host.domain.extension:

  1. myhostname = mail.example.com
  2. mydomain = example.com
  3. myorigin = $myhostname
  4. inet_interfaces = all
  5. mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

Notice that myorigin and inet_interfaces reference the values you already defined using the $variable syntax, so they update automatically. If you only intend to relay outbound mail from the local machine, you can instead use inet_interfaces = loopback-only for a tighter, safer footprint. By default a fresh Postfix install often ships with inet_interfaces = localhost, so remember to change it if you want the server to accept connections from other machines.

Validate your edits before starting — a single typo can stop Postfix from loading. Run:

  1. sudo postfix check

If it returns nothing, the syntax is clean. You can also dump the effective non-default settings with postconf -n to confirm your values took effect.

Step 4: Start and enable Postfix

With a valid configuration, start the service. After the first start, you only need postfix reload for subsequent config changes.

On modern RHEL 8/9

  1. Start it now: sudo systemctl start postfix
  2. Enable it at boot: sudo systemctl enable postfix
  3. Confirm it is active: systemctl status postfix

On legacy RHEL 6

  1. Start the daemon: /usr/sbin/postfix start
  2. Enable auto-start for runlevels 3, 4, and 5: /sbin/chkconfig --level 345 postfix on

Step 5: Open the firewall and verify

If other machines need to reach your Postfix email server, allow SMTP through the firewall. On RHEL 7/8/9 with firewalld:

  1. sudo firewall-cmd --permanent --add-service=smtp
  2. sudo firewall-cmd --reload

(On RHEL 6 the equivalent uses iptables: iptables -A INPUT -p tcp --dport 25 -j ACCEPT followed by service iptables save.)

Now confirm everything is working. The most reliable check is the mail log, traditionally /var/log/maillog:

  1. Watch the log live: sudo tail -f /var/log/maillog

A healthy startup produces lines similar to:

postfix/postfix-script: starting the Postfix mail system
postfix/master[10334]: daemon started -- version 3.5.8, configuration /etc/postfix

Next, confirm Postfix is listening on port 25 and send a test message:

  1. Check the listening socket: ss -ltnp | grep ':25'
  2. Send a quick test with the mail command (install mailx first if needed): echo "Postfix test body" | mail -s "Test" you@example.com
  3. Inspect the queue for stuck messages: mailq

If the message lands and mailq shows an empty queue, your basic Postfix email server is operational.

Common pitfalls when setting up a Postfix email server

  • Two MTAs fighting over port 25. If Postfix fails to start with a "bind: Address already in use" error, Sendmail or another MTA is still running. Stop and disable it (Step 1) before retrying.
  • Forgetting to fix inet_interfaces. A server set to localhost will silently refuse external connections. Set it to all (or a specific interface) for remote mail.
  • Outbound mail rejected as spam. Real-world delivery requires valid DNS: an MX record pointing to your server, matching forward/reverse DNS (PTR), plus SPF, DKIM, and DMARC records. Without these, major providers will reject or junk your mail.
  • Running an open relay. Never leave Postfix accepting mail from anyone to anywhere. Postfix is closed by default; if you loosen mynetworks or smtpd_relay_restrictions, test with an external relay checker so spammers cannot abuse you.
  • Editing config but not reloading. Changes to main.cf do not take effect until you run sudo postfix reload or restart the service.
  • Using EOL RHEL 6. Beyond the missing security patches, modern TLS-requiring mail servers may refuse connections from outdated software. Migrate to RHEL 8/9 or a compatible rebuild.

Verification checklist

  • postfix check returns no errors.
  • systemctl is-active postfix reports active (or the log shows the daemon started on RHEL 6).
  • ss -ltnp | grep ':25' shows the master process listening.
  • A test message arrives and mailq is empty.
  • systemctl is-enabled postfix reports enabled so it survives a reboot.

Key Takeaways

  • A Linux email server is a chain of components — MUA, MTA, MDA, and the SMTP protocol — and Postfix is the modern, simple MTA most people should choose.
  • Always stop and disable any existing MTA (usually Sendmail) before starting Postfix, since both compete for port 25.
  • The core of a working Postfix email server is just a few directives in /etc/postfix/main.cf: myhostname, mydomain, myorigin, inet_interfaces, and mydestination.
  • Validate with postfix check, manage the service with systemctl on RHEL 8/9 (the legacy service/chkconfig commands are RHEL 6 only), and confirm health in /var/log/maillog.
  • For real internet delivery you also need correct DNS — MX, PTR, SPF, DKIM, and DMARC — and you must avoid running an open relay.

Frequently Asked Questions

Where is the Postfix configuration file on Linux?

The main configuration is /etc/postfix/main.cf, and the service definitions live in /etc/postfix/master.cf. Run postconf -n to see only the settings you have changed from the defaults.

How do I check if Postfix is running?

On RHEL 8/9 use systemctl status postfix. On any system you can confirm it is listening with ss -ltnp | grep ':25' and review activity in /var/log/maillog.

What is the difference between an MTA and an MDA?

The MTA (Postfix) transfers messages between servers over SMTP, while the MDA (such as Procmail or SpamAssassin) handles final local delivery and filtering into the user's mailbox.

Can I still use these instructions on RHEL 6?

The RHEL 6 commands shown still work on that platform, but RHEL 6 is end-of-life and unsupported. Use it only to maintain legacy systems and migrate to RHEL 8/9 or a compatible distribution for anything in production.

For more Linux and system administration walkthroughs, subscribe to YouTube @explorenystream.