Important Understanding of master.cf When a Postfix & Dovecot Mail Server Cannot Receive Emails

5 min

dovecotfreebsdpostfixvpsメールサーバー
language: ja bn en es hi pt ru zh-cn zh-tw

Hello, this is Muno.

Since setting up my own mail server on 8/20, I've been able to send emails after TLS/SSL authentication, but I haven't been able to receive them.
I was at a loss because no error logs were being generated, but I've solved it.

Regarding master.cf, I believe it's basically configured as follows.

Environment
・FreeBSD
・Postfix
・Dovecot
・SSL, DKIM, DMARC, etc. already configured


#smtpd     pass  - - n       - - smtpd
#dnsblog   unix  - - n       - 0       dnsblog
#tlsproxy  unix  - - n       - 0       tlsproxy
# Choose one: enable submission for loopback clients only, or for any client.
#127.0.0.1:submission inet n - n       - - smtpd
submission inet n       - n       - - smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       - n       - - smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
〜

What was wrong was that I had it configured as follows.

smtpd     inet  n       - n       - - smtpd
#smtp      inet  n       - n       - 1       postscreen
#smtpd     pass  - - n       - - smtpd
#dnsblog   unix  - - n       - 0       dnsblog
#tlsproxy  unix  - - n       - 0       tlsproxy
# Choose one: enable submission for loopback clients only, or for any client.
#127.0.0.1:submission inet n - n       - - smtpd
submission inet n       - n       - - smtpd
smtps     inet  n       - n       - - smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_tls_auth_only=yes

I thought that if the `-o` parameters were listed at the bottom, they would apply to everything.

Actually, I hadn't even listed `smtps inet~`...

Therefore, when using TLS/SSL authentication, to communicate on the submission ports (995, 993) for receiving, you must properly add the `-o` parameters under `smtps inet ~` as well.

Since this needs to be done for each environment, it's important to thoroughly check the parameters for each.

Aliases too...

In the default configuration, /etc/aliases is a symbolic link, and the original file is located at /etc/mail/aliases.

To enable email recognition, I added:
root : xxxxxx@eyes4you.org

After updating, always run `newaliases`.

With this, full execution is now possible.

Emails with your own domain are the best!

See you again.

Related Posts