How to do it...

In this section, we will see how to install and configure Postfix on an Ubuntu sever and use as per our requirements:

  1. As Postfix is included in Ubuntu's default repositories, installing it becomes easy. To begin the installation, we will run the following command, along with the DEBIAN_PRIORITY=low environmental variable to answer some additional prompts during the installation:

  1. Once the installation starts, the first window will ask for the type of mail configuration. We will select Internet Site for our needs, as shown as follows:

  1. In the next window, enter the hostname to be used for System mail name, as shown here:

  1. Next, enter the Linux user account that will be used to forward the mails addressed to root and postmaster, shown as follows:

  1. The next window defines the mail destinations that will be accepted by Postfix. Confirm the existing entries and add any other domains if needed:

  1. In the next window, select No and proceed.
  2. The next window specifies the list of networks for which the mail server is configured to relay messages:

  1. In the next window, we can limit the size of messages. We will set 0 to disable any size restrictions:

  1. In the next step, choose which IP version Postfix should support. In our case, we will choose all:

  1. Once we are done with the previous steps, the setup will complete the installation, as shown here:

  1. Now, we will begin to set the mailbox. For this, we will set the home_mailbox variable to Maildir/, as shown here:

This step will create a directory structure within the user's home directory.

  1. Next, set the location of the virtual_alias_maps table. This table is used to map the Linux system accounts with the email accounts. We will run the following command to do this:

  1. Now, let's edit etc/postfix/virtual to map the mail addresses to the Linux account, as shown here:

  1. Once done, apply the mapping by running the following command:

  1. Now, we will restart the postfix service:

  1. Our next step will be to allow Postfix through the UFW firewall:

  1. Postfix should configured now to send mails. We can test this by sending a test mail from any user account to the root email account, as shown here:

  1. Next, we check the mails for the root account by typing mail. We will see a new mail waiting. When we press Enter, we can see the content of the mail, as shown here:

  1. Before finishing, we will perform Postfix hardening.
  2. We saw in the previous recipe, Remote service login - Telnet, how an attacker can use the vrfy command to guess email accounts, as seen here:

  1. To secure Postfix against this, we need to disable the vrfy command. To do this, we run the following command:
postconf -e disable_vrfy_command=yes

After this, we restart the Postfix service to make the changes effective.

  1. Now, if the attacker tries the same steps, they will get the output shown here: