Configure postfix mail server and client with examples (CentOS/RHEL 7/8)

Mail Server, How To, Linux

Postfix is a Mail Transport Agent (MTA) responsible for the transfer of e-mails between mail servers using the SMTP protocol. In this article I will share the steps to configure postfix mail server and client using postfix SMTP relay along with some examples to check SMTP server check configuration and connection in CentOS/RHEl 7/8 Linux.


Lab Environment

I have two Virtual Machines on Oracle VirtualBox installed on my Linux Server. We will use one of these VMs ( to configure Postfix Mail Server and DNS Server while the other VM ( to act as client. I have verified these steps on CentOS/RHEL 8, but I assume the same steps would work on CentOS/RHEL 7. Please do let me know if you face any trouble while following these steps using the comment section below this article.

Below is my Postfix Mail Server (also my DNS Server)

Node Details
IP Address
OS CentOS 8


Below is my Client Server

Node Details
IP Address


Why DNS Server is needed for SMTP Mail Server

  • If you wish to configure postfix mail server for a single node where user's can send mail locally to each other and you can receive email alerts for system activities on localhost then you do not need DNS Server for your SMTP Mail Server.
  • A user deepak on a workstation will not be aware of user amit available on which is where DNS server comes in.
  • We use MX records in DNS servers as they provide mail-routing information. They specify mail exchangers for domains that is, the names of the mail hubs that handle all the mail for a domain name.
  • So we configure postfix mail server which acts as MTA, this will act as SMTP relay host and can receive message from user deepak from and transfer it to user amit on and vice versa.
  • MTAs such as Postfix need a way to determine which host or hosts are the mail hubs for a domain. DNS MX records provide this information.

I have already written another article with detailed explanation and steps to configure BIND DNS Server in chroot environment in CentOS/RHEL 7 and 8 Linux. Additionally here we need to add some MX and CNAME records to our existing DNS forward and reverse zone files to configure postfix mail server.


Sample DNS Forward and Reverse Zone File on DNS Server

Below is my sample forward zone file. Here I am using a single mail server which is my localhost i.e. I have also defined a CNAME record so I can use a more familiar FQDN to mail server instead of

[root@centos-8 ~]# cat /var/named/
@       IN SOA       root (
                                        4       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum

@               IN NS   localhost
localhost       IN A

; Host Address    IN A
centos-8        IN A
rhel-8          IN A

; Mail Server    IN MX 10

mail         IN CNAME

And my sample reverse zone file. Similar to my forward zone file I have defined my CNAME and MX record address.

[root@centos-8 ~]# cat /var/named/
@       IN SOA (
                                        20191116 ; serial
                                        1D       ; refresh
                                        1H       ; retry
                                        1W       ; expire
                                        3H )     ; minimum
         IN NS   localhost.
10       IN PTR
10       IN PTR
11       IN PTR

Make sure you verify your zone configuration files before you restart the named-chroot service

[root@centos-8 ~]# systemctl restart named-chroot.service


Verify DNS Server configuration

Make sure your DNS server is working properly to configure postfix mail server, which you can do by performing host lookup. You need bind-utils rpm to be able to use nslookup which you can install using yum.

[root@centos-8 ~]# nslookup
Address:        canonical name =

Using host command we can query the mail server (MX record)

[root@centos-8 ~]# host -t mx mail is handled by 10


Configure Postfix Mail Server (CentOS/RHEL 7/8)

Now we are done with all the pre-requisites. It is time we configure postfix mail server. Several steps are necessary to configure the Postfix server.The basic steps involved in this process are

  • Edit the file
  • Determine local mail delivery method.
  • Edit the file.
  • Create an aliases table.
  • Start and test Postfix.
  • Create a boot script to start Postfix.
  • Create any user-defined files.

We will distribute these tasks in different articles or else this will become a long boring article. let us try to have and configure postfix mail server (basic).


Install Postfix rpm

First thing first, to configure postfix mail server we need the main ingredient which is postfix rpm. By default postfix is installed with most of the CentOS/RHEL 7/8 software group but if not you can install it using yum

On RHEL system you must have an active subscription to RHN or you can configure a local offline repository using which "yum" package manager can install the provided rpm and it's dependencies.
[root@centos-8 ~]# yum -y install postfix


Postfix RPM installation automatically perform the following actions:

  • Create a new system user named postfix
  • Create a new system group named postfix
  • Create the /etc/postfix and /var/spool/postfix directories
  • Create all Postfix message queue directories
  • Create a default Postfix configuration file
  • Create a default Postfix aliases database


Configure file

The Postfix master daemon launches all of the other Postfix services as they are needed. The various services, and how they are run, are specified in the file.

To configure postfix mail server (a basic SMTP Server) we do not need to do any modification in this file at this moment.

For more details on individual parameters and sections inside file you can refer Postfix: The Definitve Guide and Postfix Mail Server



Similar to sendmail, Postfix uses a configuration file to define its operational behaviour. What's different about the Postfix configuration file is that instead of using cryptic codes, or needing to be compiled, it uses plain text and common-sense descriptions for parameter names and values.

The global Postfix configuration file is called It is located in the Postfix configuration directory, which by default is /etc/postfix.

It is important that you take a backup of your existing file

[root@centos-8 ~]# cp /etc/postfix/ /etc/postfix/

Now this file contains multiple parameters but we need to work only on limited directives to configure postfix mail server in this article, so I will only concentrate on these directives:


Modify inet_interfaces

The inet_interfaces is used to dictate on which network card the SMTP mail server will listen. It is by default set to "localhost" so it means by default postfix mail server will only listen to all traffic coming on loopback address. Now this does not makes any sense if you are going to use this mail server on the domain environment. Now if you are going to use this SMTP mail server only on local machine to deliver mail from crontab jobs to root or specific users then that is fine but if you wish to use SMTP mail server in domain environment then we need to change this.

We will use all, to use all the addresses that are available on our SMTP mail server machine

inet_interfaces = all
Now in my case I only have one interface so this is fine but if you have multiple interface on you SMTP mail server node then you can use $myhostname. Make sure you also define this variable in the file when you configure postfix mail server.
myhostname =


Modify mydomain

Next we need to set the local domain-name of the mail server. For example, if our mailserver's FQDN is and this mailserver is responsible for delivering mail for the whole private domain, the domain name will be

mydomain =
This address will get appended to any mail message that you are sending out of the server. If you have not defined this then the system will use myhostname instead of domain name.


Modify myorigin

The myorigin parameter defines the format of the origin address for all messages sent by the Postfix system. By default, the myorigin parameter will assume the value of the myhostname parameter.

If myorigin is set to myhostname then any message delivered will contain FQDN of the localhost. So if a user deepak sends mail from then his address in "From:" section would look like "" but if you set myorigin to mydomain which is in our case, the "From:" section would be ""

So we will use myorigin as domain name

myorigin = $mydomain


Define myhostname

The myhostname parameter specifies the fully qualified domain name (FQDN) of the mail server. This address will be used as the default address for all local users, unless specified otherwise by the mail administrator.

myhostname =


Modify mydestination

The mydestination parameter defines what hostnames the Postfix server accepts messages for as the final destination. This parameter applies only to the main hostname and aliases for the local system and should not include virtual domains for other hosts.

The mydestination parameter often supports hosts that may have DNS names other than the normal hostname assigned to it. For example, we have added a CNAME record for The mydestination parameter can be configured as:

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain


This allows the Postfix server to accept messages for addresses in the following formats:


Messages sent to any of the four addresses are accepted and delivered to the Webmaster user on the local Postfix server.


Modify mynetworks

The mynetworks parameter is used to control which SMTP clients Postfix will relay mail for. By default, Postfix will relay mail from any client whose IP address matches the settings in the mynetworks parameter.

The mynetworks parameter contains a list of IP network addresses, along with subnet values, to specify alternative network restrictions on SMTP clients. The format of the mynetworks parameter is

mynetworks = ipaddress1, ipaddress2, ...

where ipaddress1 and ipaddress2 represent IP address network values

Here, I have provided the value of my subnet

mynetworks =,

This restricts clients that can use the Postfix server as an SMTP relay host.


Modify relayhost

The relayhost parameter defines Postfix SMTP relay host. There are two formats of the relayhost parameter:

relay_host =
relay_host = [an.ip.add.ress]

The first format identifies a SMTP relay host mail server by its DNS name. Postfix forwards all outbound mail messages to this host. The second format identifies the relay host by its numeric IP address. You should use the second format for Postfix servers that use dial-up connections to the relay host. Since the Postfix server is not connected to the Internet full time to resolve the relay host DNS name, it is best to refer to it using the IP address. This prevents problems in mail delivery due to DNS errors. In our case we use Postfix MTA as SMTP relay host.

relayhost = []


Modify home_mailbox and mail_spool_directory

The home_mailbox parameter can define where Postfix delivers messages to local mail users. Postfix can use three different delivery styles:

  • sendmail-style: /var/spool/mail mailboxes
  • Individual: $HOME/Mailbox files
  • qmail-style: $HOME/Maildir directories

By default, Postfix delivers messages to the standard system mailbox directory. On most Linux systems this is the /var/spool/mail directory.

home_mailbox = Maildir/
mail_spool_directory = /var/spool/mail

Now these configuration modifications are enough to configure postfix mail server (basic). Here I have not implemented any security related directives, I will cover them in upcoming articles.


Configure Postfix SMTP Relay (Client)

I will configure as my client which will use our Postfix SMTP relay server to send emails.


Install postfix and sendmail

We will use postfix as the main configuration file although we plan to use come client tools to send the mail which requires sendmail rpm to be installed.

[root@rhel-8 ~]# yum -y install postfix

Install some more tools which we will need in this article

[root@rhel-8 ~]# yum -y install bind-utils telnet mailx sendmail

We need nslookup tool to verify our client DNS configuration which is provided by bind-utils
telnet will be used to make sure our SMTP port 25 is reachable
mailx and sendmail will be used as client software to send mails to remote server


Configure client DNS (update /etc/resolv.conf)

Now on our primary DNS server we had already defined an A and PTR record for so on the client node we just need to update /etc/resolv.conf

[root@rhel-8 ~]# cat /etc/resolv.conf
# Generated by NetworkManager

Here is the IP Address of our DNS Server


Verify the DNS server configuration

We will perform few DNS lookup to make sure the DNS server is reachable

[root@rhel-8 ~]# nslookup rhel-8

[root@rhel-8 ~]# host -t mx is an alias for

So our A and MX record are working properly.


Configure /etc/postfix/

Now we must configure and modify certain values in our postfix to be able to send mails using SMTP relay server


Modify inet_interfaces

Similar to our SMTP Mail Server we will modify inet_interfaces value to all

inet_interfaces = all


Modify relayhost

We will use our Postfix mail server as SMTP relay host, so we will give our postfix mail server FQDN in the relayhost

relayhost = []


Modify mynetworks

On the client node we can add the loopback address for mynetworks directive

mynetworks =


Modify mydestination

Again this directive can be null for the client side postfix

mydestination =

These are the directives we will modify for our client side postfix configuration to configure postfix mail server.

For this article I have disabled firewalld and selinux config. You can add SMTP rule to your firewalld once your configuration is working properly
# firewall-cmd --permanent --add-service=smtp && firewall-cmd --reload

Next start your postfix service on client node

[root@rhel-8 ~]# systemctl start postfix

You can use telnet to make sure port 25 is reachable

[root@rhel-8 ~]# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 ESMTP Postfix
221 2.0.0 Bye
Connection closed by foreign host.


How to check SMTP server configuration in Linux

There are different mail clients available such as mutt, mail etc. You can use SWAKS (Swiss Army Knife SMTP) to check SMTP server configuration in Linux. Once we configure postfix mail server, the next step would be to check SMTP server configuration and make sure the mails are sent and delivered successfully.

We install SWAKS on our RHEL 8 host which was our client. Now SWAKS is not available on the RHEL repo so you must install EPEL repo. Next install SWAKS using yum

[root@rhel-8 ~]# yum install swaks

So on our node we have below version of swaks installed to check SMTP server configuration

[root@rhel-8 ~]# rpm -q swaks

Now, to check SMTP server configuration using the standard SMTP mail port 25, with our Postfix server running on the IP address, we are sending a mail remotely to a Linux system user deepak which has a system user account on our Postfix server:

[root@rhel-8 ~]# swaks --server --to
=== Trying
=== Connected to
<- 220 ESMTP Postfix -> EHLO
<-  250-SIZE 10240000
<-  250-VRFY
<-  250-ETRN
<-  250-STARTTLS
<-  250-8BITMIME
<-  250-DSN
<- 250 SMTPUTF8 -> MAIL FROM:<>
<- 250 2.1.0 Ok -> RCPT TO:<>
<- 250 2.1.5 Ok -> DATA
<-  354 End data with .
 -> Date: Mon, 18 Nov 2019 12:34:01 +0530
 -> To:
 -> From:
 -> Subject: test Mon, 18 Nov 2019 12:34:01 +0530
 -> Message-Id: <>
 -> X-Mailer: swaks v20181104.0
 -> This is a test mailing
 -> .
<- 250 2.0.0 Ok: queued as 9DF4E6027A -> QUIT
<-  221 2.0.0 Bye
=== Connection closed with remote host.

Swaks creates output which should give us a hint if the mail transport has been successful.

You can also test that the last command has been executed successful by logging in as user deepak on the Postfix server, then checking and reading your local mailbox's inbox, which should contain a file with the test mail sent from the swaks tool (the filename will be different on your computer), as follows:

[deepak@centos-8 ~]$ cat Maildir/new/
Return-Path: <>
Received: from ( [])
        by (Postfix) with ESMTP id 524DD602C2
        for <>; Mon, 18 Nov 2019 12:41:38 +0530 (IST)
Date: Mon, 18 Nov 2019 12:41:38 +0530
Subject: test Mon, 18 Nov 2019 12:41:38 +0530
Message-Id: <>
X-Mailer: swaks v20181104.0
This is a test mailing
Now I have not configured Active Directory domain here which is why I use FQDN instead of Domain Name in the recipient address. If you have a connected your RHEL/CentOS 7/8 node to Active Directory or have configured a Linux Based Active Directory then you can only use domain name in the recipient address.


Log Files for troubleshooting Postfix Mail Server related issues

For every mail you send using sendmail, you should be able to see some new lines appearing in the /var/log/maillog file, which contains status information and other important logging text for the mail.

If you sent a message from root to the user deepak and the FQDN of your server is, new output lines appended to the log file should contain amongst other things a from=<>, a to=<> and if delivered successfully, a status=sent information. If no such logging information shows up, check the status of the Postfix service.

For example, we will send a dummy mail from root to

[root@rhel-8 ~]# mail -s test message <.
Null message body; hope that's ok

For this we had below log entry in /var/log/maillog on

Nov 18 12:53:13 rhel-8 sendmail[8849]: xAI7NDhe008849: from=root, size=240, class=0, nrcpts=2, msgid=<>, relay=root@localhost
Nov 18 12:53:13 rhel-8 postfix/smtpd[8831]: connect from localhost[]
Nov 18 12:53:13 rhel-8 sendmail[8849]: STARTTLS=client, relay=[], version=TLSv1.3, verify=FAIL, cipher=TLS_AES_256_GCM_SHA384, bits=256/256
Nov 18 12:53:13 rhel-8 postfix/smtpd[8831]: 684EE20B88: client=localhost[]
Nov 18 12:53:13 rhel-8 postfix/cleanup[8834]: 684EE20B88: message-id=<>
Nov 18 12:53:13 rhel-8 postfix/qmgr[6230]: 684EE20B88: from=<>, size=661, nrcpt=2 (queue active)
Nov 18 12:53:13 rhel-8 sendmail[8849]: xAI7NDhe008849: to=message,, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=60240, relay=[] [], dsn=2.0.0, stat=Sent (Ok: queued as 684EE20B88)
Nov 18 12:53:13 rhel-8 postfix/smtpd[8831]: disconnect from localhost[] ehlo=2 starttls=1 mail=1 rcpt=2 data=1 quit=1 commands=8
Nov 18 12:53:13 rhel-8 postfix/smtp[8835]: 684EE20B88: to=<>,[]:25, delay=0.21, delays=0.06/0/0.11/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 94D62602FF)
Nov 18 12:53:13 rhel-8 postfix/smtp[8835]: 684EE20B88: to=<>,[]:25, delay=0.21, delays=0.06/0/0.11/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 94D62602FF)
Nov 18 12:53:13 rhel-8 postfix/smtpd[8831]: connect from[]
Nov 18 12:53:13 rhel-8 postfix/qmgr[6230]: 684EE20B88: removed

You can check the same log file (/var/log/maillog) on server side i.e.

Nov 18 12:53:13 centos-8 postfix/smtpd[17583]: connect from[]
Nov 18 12:53:13 centos-8 postfix/smtpd[17583]: 94D62602FF:[]
Nov 18 12:53:13 centos-8 postfix/cleanup[17586]: 94D62602FF: message-id=<>
Nov 18 12:53:13 centos-8 postfix/qmgr[17460]: 94D62602FF: from=<>, size=835, nrcpt=2 (queue active)
Nov 18 12:53:13 centos-8 postfix/local[17587]: 94D62602FF: to=<>, relay=local, delay=0.03, delays=0.02/0/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)


How Postfix (MTA) Mail Server Works?

  • The Postfix MTA service can receive incoming e-mails from mail clients or other remote MTA servers using the SMTP protocol.
  • If an incoming e-mail is destinated for the MTA server's configured final destination domain (for example, a mail sent with the recipient address is incoming to the configured Postfix MTA server), it will deliver the mail to a local mailbox installed on the server (either in the filesystem or in a database system such as MariaDB).
  • If the incoming mail is not destinated for this server, it will be relayed (forwarded) to another MTA.
  • Remember that this is all a Postfix server is capable of doing and nothing more: receiving incoming SMTP connections from mail clients or other MTAs, delivering mail to local mailboxes on the server, and forwarding mail to other MTAs using SMTP
  • Contrary to common belief, Postfix cannot transfer the mails from its local mailboxes to the end users.
  • Here we need another type of MTA called delivery agent, which uses different mail protocols, such as IMAP or POP3.
  • If an incoming e-mail, sent from another computer in our network, has the same domain name in the recipient's e-mail address as our Postfix server has its FQDN in, then it gets delivered to the appropriate local mailbox defined by the recipient's part of the e-mail; all external e-mail addresses get relayed to an external MTA.


Lastly I hope the steps from the article to configure postfix mail server with SMTP relay server on RHEL/CentOS 7/8 was helpful. So, let me know your suggestions and feedback using the comment section.


Views: 800
Deepak Prasad

Deepak Prasad

He is the founder of GoLinuxCloud and brings over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels in various domains, from development to DevOps, Networking, and Security, ensuring robust and efficient solutions for diverse projects. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to

Thank You for your support!!

12 thoughts on “Configure postfix mail server and client with examples (CentOS/RHEL 7/8)”

  1. Hello,
    I got solution for restriction, below line added in file. Only those are able to send mail whose id added in access file and server IP in network table.

    smtpd_relay_restrictions = permit_mynetworks, reject, reject_unauth_destination
    smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject
    mynetworks = cidr:/etc/postfix/network_table
  2. Hello,
    I gone through above configuration, it is very helpful. I need some addition configuration need to do that is as per below.

    I am configuring relay server, all application mail come to my relay and then it will forward to exchange.
    1. Initially I want to block all IP, Only those IP able to send mail whom I allowed in configuration.
    2. Only those mail or domain ID whom i allow.
    3. Also want to restrict to no of mail sending (I want to define how many mails can send one server)

    Help & Guide for above requirement.

    • I don’t have this postfix server anymore so I can’t help you now. I will try to setup a postfix relay server again and will try to see if I can test the requested config before I share a solution

  3. Hi,
    Thanks for that great lab.
    i follows the instruction you gave and everything ok.
    the client send mails to the server but it stuck at the queue and the logs shows nothing.
    Can you please help?

    • There may be some configuration mistake or either the request is blocked in firewall. I am afraid without logs I can only assume the problem

      • Hi,
        Server file
        myhostname =
        mydomain =
        myorigin = $myhostname
        inet_interfaces = all
        inet_protocols = ipv4
        mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain
        mynetworks =,,
        relayhost = []
        home_mailbox = Maildir/
        mail_spool_directory = /var/spool/mail
        inet_interfaces = all
        inet_protocols = ipv4
        mydestination =
        mynetworks =
        relayhost = []
        the firewall and selinux in off on all machines

        • The configuration looks correct. Is your DNS resolution working on client node i.e. nslookup
          Use “journalctl -f” on the server side for any logs (if no logs are generated then yes nothing is going to server)
          Use the same command on client to look out for logs (this should have some more information)
          Are you able to send mails to localhost, I mean from one user on the to another user on the same host?

          • Yes, The dns resolution is good on all machines.
            No, iam not able to send mail locally between users in the same server.

            • Without logs it would hard to say what is the cause of the failure. You should first start first by checking the logs on the localhost on your

    • Thank you for your feedback. I intentionally dropped postconf here as somehow with postconf you must be very familiar with the directives or else the config file may have wrong directives. I plan to use this in coming articles with its pros and cons. Thanks for the suggestion.


Leave a Comment