Differences between revisions 36 and 37
Revision 36 as of 2013-11-24 00:27:52
Size: 410
Editor: ?CristineS
Comment:
Revision 37 as of 2013-11-24 01:27:58
Size: 13555
Editor: PaulWise
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
I'm Ethan and I live in Siemianowice Slaskie. <<BR>>
I'm interested in Modern Languages, [[http://search.Usa.gov/search?query=Audiophilia|Audiophilia]] and Danish art. I like to travel and [[http://photo.net/gallery/tag-search/search?query_string=watching|watching]] The Big Bang Theory.<<BR>>
<<BR>>
Have a look at my webpage ... [[http://thesmokersplace.com/facts-about-camel-cigarettes-types/|webpage]]
#language en
~-[[DebianWiki/EditorGuide#translation|Translation(s)]]: English - [[it/Postfix|Italiano]] -~
----
Postfix is a secure Mail Transfer Agent

## If your page gets really long, uncomment this Table of Contents
 <<TableOfContents(2)>>

= Postfix =
== Installing and Configuring Postfix on Debian ==

 *Install postfix (this will remove exim since there can't be two mail systems). (If you have a website, choose "Internet Site" if the configuration prompts ask for it.):

{{{
apt-get install postfix
}}}
 *Check the log mail.log, mail.err, mail.info, mail.warn to see if postfix runs.
{{{
cat /var/log/mail.log
}}}
 *Add your domain to the config files, so others can't abuse your mailsystem:
{{{
postconf -e "myorigin = example.com"
}}}
 *Add your hostname (computer name). (Use command "hostname" at the command-line to display your hostname if not sure.)
{{{
postconf -e "myhostname=server1.example.com"
}}}
 *Now add the domain names that your system will handle.
{{{
postconf -e "relay_domains = example.com, example2.com, example3.com"
}}}
 * Reload Postfix Server:
{{{
postfix reload
}}}
 *Test the mailserver. Type
{{{
telnet localhost 25
}}}

 *You should see:
{{{
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 server1.example.com ESMTP Postfix (Debian/GNU)
}}}
 *Send an email to yourself:
{{{
mail from:<you@youremail.com>
rcpt to:<user@example.com>
data
To: user@example.com
From: you@youremail.com
Subject: Hey my first email
This is my first email on debian postfix after installing configuring it.
It was easy.
}}}
 *To end data hit enter, type in a dot, and hit enter again:
{{{

.

}}}
  *Then
{{{
quit
}}}
 *You're done. Type "mail" in the command-line terminal and see if you have some.
  * Now let's go to the next step:
  * If you have a router with firewall, enable port 25 and forward that port to your computer.
  * Enter your MX records in your domain provider. (e.g. godaddy.com or dnspark.com)
  * Check your mx records: go to http://www.iptools.biz/ locate "DNS lookup". From pulldown menu select "MX". Type in your domain name (ex. example.com). You should see some records there. If you don't see any MX records go back to previous step. You have to have MX record otherwise other computers won't be able to see you when sending emails.
  * Useful commands:
{{{
qshape
mailq
qshape deferred
postsuper
postsuper -r ALL (requeue all emails)
}}}
 * You should be set. If your isp is blocking the traffic then you might need to login to their smtp services. See [[#PostYahoo|Postfix and sbcglobal/yahoo/att]] below.


== anti-spam: smtp restrictions ==
 *The first fight starts at your server so this should be added to any email server that you setup. This makes sure that any computer that tries to send an email to you has a valid domain name. (spammers use ex. myhomepc as a domain name. This will stop them from spamming you.)

 *Insert this in your {{{/etc/postfix/main.cf}}}:
{{{
smtpd_recipient_restrictions = reject_invalid_hostname,
        reject_unknown_recipient_domain,
        reject_unauth_destination,
        reject_rbl_client sbl.spamhaus.org,
        permit

smtpd_helo_restrictions = reject_invalid_helo_hostname,
        reject_non_fqdn_helo_hostname,
        reject_unknown_helo_hostname
}}}

== anti-spam: Using RBL Lists ==
 *RBL list is a list of domains which says whether they are spammers or not.
 
Insert this in your {{{/etc/postfix/main.cf}}}:
{{{
smtpd_client_restrictions = reject_rbl_client dnsbl.sorbs.net
}}}

''See what rbl is about: http://www.us.sorbs.net/mailsystems/postfix.shtml''

'' and [[http://paulgraham.com/spamhausblacklist.html|avoid such blacklists]]''

== Debian Anti-Spam Anti-Virus Gateway Email Server ==
 *If you are building anti spam system that will act as a gateway. Read below. If you want to add more anti-spam restrictions this is worth reading.
 [[Manual-Howto#head-8d657a43856c958db557ec5aaf4a9526e62a8600|Debian Anti-Spam Anti-Virus Gateway Email Server]]

<<Anchor(PostYahoo)>>
== Postfix and sbcglobal/yahoo/att ==
 *SBC global block port 25 on its DSL users:
 http://help.sbcglobal.net/article.php?item=4640
 *We will use sbc smtp server via authentication to send emails. Do this:
{{{
apt-get install libsasl2-modules
}}}
 *ADD to {{{main.cf}}} by using postconf. Just type (smtp.att.yahoo.com requires the port 587 otherwise you don't need it):
{{{
postconf -e "relayhost = [smtp.sbcglobal.yahoo.com]:587"
postconf -e "smtp_sasl_auth_enable = yes"
postconf -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd"
postconf -e "smtp_sasl_security_options = noanonymous"
}}}
 *Create a file called {{{sasl_passwd}}} in {{{/etc/postfix/sasl_passwd}}}. Inside type in
{{{
[smtp.sbcglobal.yahoo.com]:587 username@sbcglobal.net:mypassword
}}}
 *Now change permissions so others can't read it:
{{{
chmod 600 /etc/postfix/sasl_passwd
}}}
 *Now postmap it. (It creates a database-like file so postfix can read it.)
{{{
postmap /etc/postfix/sasl_passwd
}}}
 *Restart postfix
{{{
postfix reload
}}}
 *Done. You can use "mutt" to send emails outside. Check {{{/var/log/mail.log}}} to see if everything is working.
 *After a switch from sbcglobal to att you need to verify you email address in your yahoo email options. If you have 100s of mailing lists you will need to unblock your port 25 since it is impossible to use att yahoo smtp servers without verifying each email address.
 * To opt out of your port 25 (get it unfiltered) leave a request here:[[http://helpme.att.net/servabuse.php|Unfilter port 25 on smtp.att.yahoo.com]]

== Forward Emails ==
 *Forwarding emails can be done via alias file located in {{{/etc/aliases}}}
 *Run this command to add alias maps:
{{{
postconf -e "alias_maps = hash:/etc/aliases"
}}}
 *You can now add your user to {{{/etc/aliases}}} like this:
{{{
root: lucas
}}}
 *You can forward your emails to a different email address
{{{
lucas: myemail@example.com
}}}
 *Or you could forward your email while still getting a copy in your local mailbox
{{{
lucas: lucas myemail@example.com
}}}
 *When done adding aliases run this command which will create a database like file.
{{{
newaliases
}}}
 *Reload postfix
{{{
/etc/init.d/postfix reload
}}}

== Virtual Emails ==
 *If you want virtual emails such as '''abuse''' or '''postmaster''' you can do the following.
 *Run this command to add virtual alias maps:
{{{
postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
}}}
 *Create a {{{/etc/postfix/virtual}}} file
{{{
vi /etc/postfix/virtual
}}}
 *And add your virtual emails
{{{
postmaster info@example.com
abuse info@example.com
someemail lucas
}}}
 *Create a database like file out of it
{{{
postmap /etc/postfix/virtual
}}}
 *Reload postfix
{{{
/etc/init.d/postfix reload
}}}

== Maildir ==
 *To use maildir format in your mailbox which creates separate files for each email you can use the following commands:
 *Maildir has few advantages over mbox format. (It keeps emails in separate files, allows for multiple applications to read mail, etc.)
 *Issue these commands:
{{{
postconf -e "home_mailbox = Maildir/"
postconf -e "mailbox_command ="
}}}
 *You are done. Now your mail goes to Maildir format.
=== Mutt ===
 *If you want to read your new maildir format you have to tell mutt to use it as well. Edit this file:
{{{
vi /etc/Muttrc
}}}
 *Add these lines to the bottom of the file:
{{{
set folder="~/Maildir"
set mask="!^\\.[^.]"
set mbox="~/Maildir"
set record="+.Sent"
set postponed="+.Drafts"
set spoolfile="~/Maildir"
}}}
 *Now start '''mutt''' and send an email to yourself to see if it all works.

= Postfix and mailing lists =
== Mailman with Postfix ==

(!) The instructions below are WRONG! You should not postfix-to-mailman.py and alias at the same time. Please read /etc/mailman/postfix-to-mailman.py instead.

 *Install mailman:
{{{
apt-get install mailman
}}}
 *When done type:
{{{
newlist mailman
}}}
 *Start mailman
{{{
/etc/init.d/mailman start
}}}
 *You should be able to see mailman running now. Visit:
 http://www.yourwebsite.com/cgi-bin/mailman/admin

 or

 http://localhost/cgi-bin/mailman/admin

 *Because postfix is a secondary choice for Debian we need to add:
 *Edit {{{/etc/postfix/main.cf}}}; where you see "relay_domains" add lists.yourdomain.com. You would get something like this:
{{{
relay_domains = example.com, lists.example.com
}}}
 *In same file add ,hash:/var/lib/mailman/data/aliases after alias_maps
{{{
alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
}}}
 *Now type:
{{{
postconf -e "transport_maps = hash:/etc/postfix/transport"
postconf -e "mailman_destination_recipient_limit = 1"
}}}
 *In {{{/etc/postfix/master.cf}}} add:
{{{
mailman unix - n n - - pipe
   flags=FR user=list
   argv=/var/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
}}}
 *Edit or create {{{/etc/postfix/transport}}}. Add this line:
{{{
lists.example.com mailman:
}}}
 *Then postmap it:
{{{
postmap /etc/postfix/transport
}}}
 * Now edit {{{/etc/mailman/mm_cfg.py}}} and add:
{{{
MTA = 'Postfix'
DEB_LISTMASTER = 'postmaster@example.com'
POSTFIX_STYLE_VIRTUAL_DOMAIN = ['lists.example.com']
}}}
 *Done. Now restart postfix, mailman
{{{
/etc/init.d/postfix reload
/etc/init.d/mailman restart
}}}
 *Create a mailing list:
{{{
newlist list_name
}}}
 *If you want archives add this to {{{/etc/apache2/apache2.conf}}}
{{{
Alias /pipermail/ /var/lib/mailman/archives/public/
Alias /images/mailman/ /usr/share/images/mailman/
}}}
 *Done. Go to
{{{
http://lists.yourwebsite.com/cgi-bin/mailman/listinfo/list_name/
}}}

=== Mailman Troubleshooting ===
==== Connection refused ====
Assuming your postfix is running and listening on localhost, another possible problem is that postfix is not configured to run in IPv6 mode, but your {{{/etc/hosts}}} file specifies ::1 as localhost.
In that case mailman tries to send mails to ::1 which has no postfix listening, thus resulting in a (111, 'connection refused') error.

= Advanced options =
== SPF and multiple external ip addresses ==
=== Explanation ===
I have some systems that are networked on an internal private ip address subnet ({{{192.168.0.0/16}}}). For a few reasons I email reports and such to {{{<user>@mail.internal}}} where {{{user}}} is an address that is not valid for receiving mail via the external interfaces. These systems also share a public ip address subnet so they could email each other that way, but I'd prefer they didn't for local addresses. I have published SPF records for the public mail servers because all of our mail routes through those servers so if others care to check they can ignore email claiming to be from us but being delivered from other servers as per our SPF record.

Recently I have expanded the ip addresses these systems are using externally to support multiple instances of port-based services like https (adding :oddport doesn't impress the customers.) I could have expanded or added more liberal SPF record values, or added more forward and reverse DNS records but I wanted to stick with less ip addresses.

So to recap my system has:
 * eth1 <public ip with spf published>
 * eth1:1 <public ip for extra port-based services>
 * eth0 <private ip on>

By using the settings in {{{/etc/postfix/master.cf}}}, {{{/etc/postfix/main.cf}}} and {{{/etc/postfix/transport}}} as outlined above I was able to get my outgoing smtp traffic to use my SPF published ip address once again.

=== Make SPF and multiple external ip addresses ===
If you are trying to implement SPF records while binding to one external ip address and still working with dual-homed multiple ip aliased systems, or have any other reason to support multi-homed systems with multiple ip addresses but want to limit postfix to use only two of them try this.

 * {{{/etc/postfix/master.cf}}}
   * clone the smtp (not smtpd) service. Set the first one to use <spf published ip address> Rename the second to smtpinternal and use <internal ip address>
{{{
 smtp unix - - - - - smtp
        -o smtp_bind_address=<spf published ip address>
 smtpinternal unix - - - - - smtp
        -o smtp_bind_address=<internal ip address>
}}}


 * {{{/etc/postfix/main.cf}}}
   * Use {{{transport_maps}}} for routing
{{{
 transport_maps = hash:/etc/postfix/transport
}}}

 * {{{/etc/postfix/transport}}}
   * Map a transport for your internal domain.
{{{
 .internal smtpinternal:
}}}

Just {{{postmap /etc/postfix/transport}}}, {{{invoke-rc.d postfix stop}}} and {{{invoke-rc.d postfix start}}} and you should be in business. Email to <user>@<system>.internal will be delivered via the internal interface/ip address all other email will be delivered via default methods which means internet mail will go out the the spf published ip address.

Optional:

 * {{{/etc/postfix/main.cf}}}
   * Use the {{{inet_interfaces}}} setting to only listen on the ip addresses you want to.{{{
 inet_interfaces = 127.0.0.1, <internal ip>, <spf published external ip>
}}}

== Postfix and Sasl ==
 *This page should be merged here.
 *[[PostfixAndSASL]]

= External links =

Please see [[Postfix/Tutorials]]

----

 CategoryNetwork

Translation(s): English - Italiano


Postfix is a secure Mail Transfer Agent

Postfix

Installing and Configuring Postfix on Debian

  • Install postfix (this will remove exim since there can't be two mail systems). (If you have a website, choose "Internet Site" if the configuration prompts ask for it.):

apt-get install postfix
  • Check the log mail.log, mail.err, mail.info, mail.warn to see if postfix runs.

cat /var/log/mail.log
  • Add your domain to the config files, so others can't abuse your mailsystem:

postconf -e "myorigin = example.com"
  • Add your hostname (computer name). (Use command "hostname" at the command-line to display your hostname if not sure.)

postconf -e "myhostname=server1.example.com"
  • Now add the domain names that your system will handle.

postconf -e "relay_domains = example.com, example2.com, example3.com"
  • Reload Postfix Server:

postfix reload
  • Test the mailserver. Type

telnet localhost 25
  • You should see:

Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 server1.example.com ESMTP Postfix (Debian/GNU)
  • Send an email to yourself:

mail from:<you@youremail.com>
rcpt to:<user@example.com>
data
To: user@example.com
From: you@youremail.com
Subject: Hey my first email
This is my first email on debian postfix after installing configuring it.
It was easy.
  • To end data hit enter, type in a dot, and hit enter again:

.
  • Then

quit
  • You're done. Type "mail" in the command-line terminal and see if you have some.
    • Now let's go to the next step:
    • If you have a router with firewall, enable port 25 and forward that port to your computer.
    • Enter your MX records in your domain provider. (e.g. godaddy.com or dnspark.com)
    • Check your mx records: go to http://www.iptools.biz/ locate "DNS lookup". From pulldown menu select "MX". Type in your domain name (ex. example.com). You should see some records there. If you don't see any MX records go back to previous step. You have to have MX record otherwise other computers won't be able to see you when sending emails.

    • Useful commands:

qshape
mailq
qshape deferred
postsuper
postsuper -r ALL   (requeue all emails)

anti-spam: smtp restrictions

  • The first fight starts at your server so this should be added to any email server that you setup. This makes sure that any computer that tries to send an email to you has a valid domain name. (spammers use ex. myhomepc as a domain name. This will stop them from spamming you.)
  • Insert this in your /etc/postfix/main.cf:

smtpd_recipient_restrictions = reject_invalid_hostname,
        reject_unknown_recipient_domain,
        reject_unauth_destination,
        reject_rbl_client sbl.spamhaus.org,
        permit

smtpd_helo_restrictions = reject_invalid_helo_hostname,
        reject_non_fqdn_helo_hostname,
        reject_unknown_helo_hostname

anti-spam: Using RBL Lists

  • RBL list is a list of domains which says whether they are spammers or not.

Insert this in your /etc/postfix/main.cf:

smtpd_client_restrictions = reject_rbl_client dnsbl.sorbs.net

See what rbl is about: http://www.us.sorbs.net/mailsystems/postfix.shtml

and avoid such blacklists

Debian Anti-Spam Anti-Virus Gateway Email Server

Postfix and sbcglobal/yahoo/att

apt-get install libsasl2-modules
  • ADD to main.cf by using postconf. Just type (smtp.att.yahoo.com requires the port 587 otherwise you don't need it):

postconf -e "relayhost = [smtp.sbcglobal.yahoo.com]:587"
postconf -e "smtp_sasl_auth_enable = yes"
postconf -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd"
postconf -e "smtp_sasl_security_options = noanonymous"
  • Create a file called sasl_passwd in /etc/postfix/sasl_passwd. Inside type in

[smtp.sbcglobal.yahoo.com]:587 username@sbcglobal.net:mypassword
  • Now change permissions so others can't read it:

chmod 600 /etc/postfix/sasl_passwd
  • Now postmap it. (It creates a database-like file so postfix can read it.)

postmap /etc/postfix/sasl_passwd
  • Restart postfix

postfix reload
  • Done. You can use "mutt" to send emails outside. Check /var/log/mail.log to see if everything is working.

  • After a switch from sbcglobal to att you need to verify you email address in your yahoo email options. If you have 100s of mailing lists you will need to unblock your port 25 since it is impossible to use att yahoo smtp servers without verifying each email address.
  • To opt out of your port 25 (get it unfiltered) leave a request here:Unfilter port 25 on smtp.att.yahoo.com

Forward Emails

  • Forwarding emails can be done via alias file located in /etc/aliases

  • Run this command to add alias maps:

postconf -e "alias_maps = hash:/etc/aliases"
  • You can now add your user to /etc/aliases like this:

root: lucas
  • You can forward your emails to a different email address

lucas: myemail@example.com
  • Or you could forward your email while still getting a copy in your local mailbox

lucas: lucas myemail@example.com
  • When done adding aliases run this command which will create a database like file.

newaliases
  • Reload postfix

/etc/init.d/postfix reload

Virtual Emails

  • If you want virtual emails such as abuse or postmaster you can do the following.

  • Run this command to add virtual alias maps:

postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
  • Create a /etc/postfix/virtual file

vi /etc/postfix/virtual
  • And add your virtual emails

postmaster info@example.com
abuse info@example.com
someemail lucas
  • Create a database like file out of it

postmap /etc/postfix/virtual
  • Reload postfix

/etc/init.d/postfix reload

Maildir

  • To use maildir format in your mailbox which creates separate files for each email you can use the following commands:
  • Maildir has few advantages over mbox format. (It keeps emails in separate files, allows for multiple applications to read mail, etc.)
  • Issue these commands:

postconf -e "home_mailbox = Maildir/"
postconf -e "mailbox_command ="
  • You are done. Now your mail goes to Maildir format.

Mutt

  • If you want to read your new maildir format you have to tell mutt to use it as well. Edit this file:

vi /etc/Muttrc
  • Add these lines to the bottom of the file:

set folder="~/Maildir"
set mask="!^\\.[^.]"
set mbox="~/Maildir"
set record="+.Sent"
set postponed="+.Drafts"
set spoolfile="~/Maildir"
  • Now start mutt and send an email to yourself to see if it all works.

Postfix and mailing lists

Mailman with Postfix

(!) The instructions below are WRONG! You should not postfix-to-mailman.py and alias at the same time. Please read /etc/mailman/postfix-to-mailman.py instead.

  • Install mailman:

apt-get install mailman
  • When done type:

newlist mailman
  • Start mailman

/etc/init.d/mailman start

relay_domains = example.com, lists.example.com
  • In same file add ,hash:/var/lib/mailman/data/aliases after alias_maps

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
  • Now type:

postconf -e "transport_maps = hash:/etc/postfix/transport"
postconf -e "mailman_destination_recipient_limit = 1"
  • In /etc/postfix/master.cf add:

mailman unix  -       n       n       -       -       pipe
   flags=FR user=list
   argv=/var/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
  • Edit or create /etc/postfix/transport. Add this line:

lists.example.com    mailman:
  • Then postmap it:

postmap /etc/postfix/transport
  • Now edit /etc/mailman/mm_cfg.py and add:

MTA = 'Postfix'
DEB_LISTMASTER = 'postmaster@example.com'
POSTFIX_STYLE_VIRTUAL_DOMAIN = ['lists.example.com']
  • Done. Now restart postfix, mailman

/etc/init.d/postfix reload
/etc/init.d/mailman restart
  • Create a mailing list:

newlist list_name
  • If you want archives add this to /etc/apache2/apache2.conf

Alias /pipermail/ /var/lib/mailman/archives/public/
Alias /images/mailman/ /usr/share/images/mailman/
  • Done. Go to

http://lists.yourwebsite.com/cgi-bin/mailman/listinfo/list_name/

Mailman Troubleshooting

Connection refused

Assuming your postfix is running and listening on localhost, another possible problem is that postfix is not configured to run in IPv6 mode, but your /etc/hosts file specifies ::1 as localhost. In that case mailman tries to send mails to ::1 which has no postfix listening, thus resulting in a (111, 'connection refused') error.

Advanced options

SPF and multiple external ip addresses

Explanation

I have some systems that are networked on an internal private ip address subnet (192.168.0.0/16). For a few reasons I email reports and such to <user>@mail.internal where user is an address that is not valid for receiving mail via the external interfaces. These systems also share a public ip address subnet so they could email each other that way, but I'd prefer they didn't for local addresses. I have published SPF records for the public mail servers because all of our mail routes through those servers so if others care to check they can ignore email claiming to be from us but being delivered from other servers as per our SPF record.

Recently I have expanded the ip addresses these systems are using externally to support multiple instances of port-based services like https (adding :oddport doesn't impress the customers.) I could have expanded or added more liberal SPF record values, or added more forward and reverse DNS records but I wanted to stick with less ip addresses.

So to recap my system has:

  • eth1 <public ip with spf published>

  • eth1:1 <public ip for extra port-based services>

  • eth0 <private ip on>

By using the settings in /etc/postfix/master.cf, /etc/postfix/main.cf and /etc/postfix/transport as outlined above I was able to get my outgoing smtp traffic to use my SPF published ip address once again.

Make SPF and multiple external ip addresses

If you are trying to implement SPF records while binding to one external ip address and still working with dual-homed multiple ip aliased systems, or have any other reason to support multi-homed systems with multiple ip addresses but want to limit postfix to use only two of them try this.

  • /etc/postfix/master.cf

    • clone the smtp (not smtpd) service. Set the first one to use <spf published ip address> Rename the second to smtpinternal and use <internal ip address>

 smtp      unix  -       -       -       -       -       smtp
        -o smtp_bind_address=<spf published ip address>
 smtpinternal      unix  -       -       -       -       -       smtp
        -o smtp_bind_address=<internal ip address>
  • /etc/postfix/main.cf

    • Use transport_maps for routing

 transport_maps = hash:/etc/postfix/transport
  • /etc/postfix/transport

    • Map a transport for your internal domain.

 .internal smtpinternal:

Just postmap /etc/postfix/transport, invoke-rc.d postfix stop and invoke-rc.d postfix start and you should be in business. Email to <user>@<system>.internal will be delivered via the internal interface/ip address all other email will be delivered via default methods which means internet mail will go out the the spf published ip address.

Optional:

  • /etc/postfix/main.cf

    • Use the inet_interfaces setting to only listen on the ip addresses you want to.

       inet_interfaces = 127.0.0.1, <internal ip>, <spf published external ip>

Postfix and Sasl

External links

Please see Postfix/Tutorials