Status: Deprecated
This article covers a version of CentOS that is no longer supported. If you are currently operating a server running CentOS 6, we highly recommend upgrading or migrating to a supported version of CentOS.
Reason: CentOS 6 reached end of life (EOL) on November 30th, 2020 and no longer receives security patches or updates. For this reason, this guide is no longer maintained.
See Instead:
This guide might still be useful as a reference, but may not work on other CentOS releases. If available, we strongly recommend using a guide written for the version of CentOS you are using.
About Postfix
Postfix is free open source Mail Transfer Agent which works to route and deliver email. Cyrus is a server that helps organize the mail itself.
Step One — Install Postfix and Cyrus
The first thing to do is install postfix and Cyrus on your virtual private server and the easiest way to do this is through the yum installer.
sudo yum install postfix
sudo yum install cyrus-sasl sudo yum install cyrus-imapd
Say Yes to the prompt each time it asks. Once all components have downloaded, you will have postfix and cyrus installed.
Step Two — Configure Postfix
We are going to configure both programs separately.
First, open up the Postfix’s main configuration file.
sudo vi /etc/postfix/main.cf
The postfix configuration file is very handy and detailed, providing almost all of the information needed to get the program up and running on your VPS. Unfortunately this also makes for a very long file.
The suggested code below is, in most regards, simply a shortened, and correctly uncommented version of what is in the file already. For a quick set up that will provide you with all of the needed configs to set up postfix, copy and paste the information below over Postfix's current configuration. Be careful to correct the domain names under myhostname and my domain.
Replace the example.com in the myhostname line with a DNS approved domain name. Be sure that the phrase is still mail.yourdomainnamehere
Replace the example.com in the mydomain line with the correct domain name.
soft_bounce = no
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#
#default_privs = nobody
myhostname = mail.example.com
mydomain = example.com
mydestination = $myhostname, localhost
unknown_local_recipient_reject_code = 550
mynetworks_style = host
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
local_destination_recipient_limit = 300
local_destination_concurrency_limit = 5
recipient_delimiter=+
virtual_alias_maps = hash:/etc/postfix/virtual
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = pcre:/etc/postfix/body_checks
smtpd_banner = $myhostname
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client dnsbl.sorbs.net,
permit
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_helo_required = yes
Step Three — Finalize Postfix
After pasting in the proper configs, we are almost finished setting up postfix on our virtual server.
To forestall any errors, we need to execute two more steps
In the config we included virtual aliases with the line, virtual_alias_maps = hash:/etc/postfix/virtual; now we have to set up that database.
Open that file:
sudo vi /etc/postfix/virtual
Delete all the text within the file and then add the following single line, substituting an actual username for user, and the correct domain for example.com:
user@example.com user\@example.com
Save and exit.
Follow up by typing in this into terminal
postmap /etc/postfix/virtual
This will turn the virtual file into a lookup table, creating the database required for postfix to work.
Finally conclude by using this command, which will create the new file that postfix expects before sending anything out.
touch /etc/postfix/body_checks
Once all that is completed we can finish up by configuring Cyrus.
Step Four — Configure Cyrus
The first step is to add the smtpd.conf file, which defines the authentication for Postfix/SASL, to the SASL directory:
sudo vi /etc/sasl2/smtpd.conf
Go ahead and copy and paste the following text in:
pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
Save and Exit.
Next, we need to configure the Cyrus file:
sudo vi /etc/imapd.conf
Delete what is in the file currently, and paste the configurations below into the file, changing the default domain and server name to match your personal domain name.
virtdomains: userid defaultdomain: example.com servername: example.com configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail.postfix hashimapspool: true allowanonymouslogin: no allowplaintext: yes sasl_pwcheck_method: auxprop sasl_mech_list: CRAM-MD5 DIGEST-MD5 PLAIN tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt autocreatequota: -1 createonpost: yes autocreateinboxfolders: spam autosubscribeinboxfolders: spam
Save and Exit.
Step Five — Install a Mail Client
Success! You have installed Postfix and Cyrus on your VPS. However, both of these programs relate to handling email rather than sending it. We can quickly install a method of sending messages from the command line.
There are a variety of clients we can use—here we will connect with MailX
yum install mailx
After you agree to the prompt, mailx will finish up installing.
Then, to send emails, type this command into terminal, substituting in the email that you are looking to send your message to.
mail user@example.org
Terminal will ask for a subject line. Type one in, then press enter. On the subsequent lines you can type your message. It will only be sent when you press enter, and type in a period.
Your letter will look something like this:
[root@demoserver ~]# mail user@example.org Subject: Hello This is a test message. Regards, . EOT
Congratulations—now you have postfix installed and email running. You are all set to use your virtual private server to send email.
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.
About the author(s)
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.
If you are using Google Public DNS in /etc/resolv.conf which is the default, you will need to change it as Spamhaus does not work with Google Public DNS servers.
Greate article. Really easy to follow these steps. But, how about multiple domains in the same server?
This comment has been deleted
did not work for me
@Fernando Vieira Postfix’s Virtual Domains feature should help: http://www.akadia.com/services/postfix_separate_mailboxes.html
@s4ad-dev What exact problem are you experiencing?
Good tutorial. But I has a problem.
sudo cat /var/log/maillog and get:
May 23 14:27:01 Deambula postfix/smtpd[22748]: fatal: no SASL authentication mechanisms
I solve this intalling:
sudo yum install cyrus-sasl-plain
I have installed and configure everthing accordingly. but when going to send email and type # mail username@mydomain.com
It doesn’t prompt for Subject.
where can i check this and resolve this.
Regards: imran
@imran: you can pass “-s subject” to the mail command.
so this solves sending. how do I read the mail accounts for multiple users / how to set them up in the first place should probably be in this article. back to the docs :)
servername: mydomain.com
that broke my whole thing so i removed it and it worked
had me pulling my hair out for like 900 hours
if you got below error: PLAIN [SASL(-13): user not found: Password verification failed]
Please try to use saslauthd
sudo yum install cyrus-sasl-plain
sudo vi /etc/sasl2/smtpd.conf
pwcheck_method: saslauthd mech_list: plain login #pwcheck_method: auxprop #auxprop_plugin: sasldb #mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
sudo vi /etc/imapd.conf
#sasl_pwcheck_method: auxprop #sasl_mech_list: CRAM-MD5 DIGEST-MD5 PLAIN sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
sudo /etc/rc.d/init.d/postfix start sudo chkconfig postfix on sudo chkconfig --level 345 cyrus-imapd on sudo /sbin/service cyrus-imapd start sudo /etc/init.d/saslauthd start sudo chkconfig saslauthd on
check sasl module
/usr/sbin/pluginviewer
Testing: testsaslauthd -u mailusername -p mailpassword /usr/bin/imtest -u mailusername -a mailusername -w mailpassword domain.com
Would that conf. also work for Ubuntu?
@meelis: No, this article is specific to CentOS only. You can follow this article on Ubuntu: https://www.digitalocean.com/community/articles/how-to-install-and-setup-postfix-on-ubuntu-12-04
Theproblem is, it does not feature the installation of GUI. Postfix itself works, yes:)
Sending mail works, except receiving mail isnt. Do you also need to set up mx records for the receive part to work? If so how?
Thanks!
@bluethrustweb: You have to add an MX record if you want to receive mail.
Create an A record called ‘mail’ that points to your droplet’s IP address. Then, create an MX record with ‘mail’ as the hostname, and 5 as the priority.
Useful to know. Perhaps a continuing article on how to set-up incoming mails and installing webmail clients like roundcube, etc… will be very useful. Not sure how to do that in centos since this article only covers half way. :)
Hello! You have the word “postfix” spelt with a capital “P” in the command in Step One - which of course will return an error, “No package Postfix available.”
@jasebase: Good catch! Updated the article. :]
Note : 64bit CentOS Cyrus SASL searches /usr/lib/sasl2/ first. If it finds the specified configuration file there, it will not examine other locations.
but 64bit CentOS doesn’t have this directory. after ln -s /usr/lib64/sasl2/ /usr/lib/sasl2
all steps work fine. ignore my previous post.
This does not work for me. The help file seems out of date as everything in the postfix config file doesn’t seem to exist from smtpd_sasl_auth_enable on down.
@Thomas: Some of the config directives are not included in the default config file. Try replacing it with the contents in the article – it should work fine.
I can send mail from the console, but I just can’t use the SMTP from my mail client externally, it’s driving me mad, I can’t work out what is causing it!
@callumpy: Do you get any errors when trying to connect to your droplet’s SMTP service?
Hi, I am experiencing issues while trying to send mail. Here is the log file, any help would be appreciated! http://pastebin.com/vLzz8Mc7
@wicked: Take a look at this page:
https://support.google.com/mail/answer/6592?hl=en
how can i get available by mail.domain.com ?? where i can configure more user/password acc and make t available from external scripts SMTP copnn
@maximoishi: This article walks you through setting up postfix and not a webmail client. I suggest you try iRedMail instead <strong>on a fresh droplet</strong>:
<a href=“https://www.digitalocean.com/community/articles/how-to-install-iredmail-on-centos-6-3-x64”>https://www.digitalocean.com/community/articles/how-to-install-iredmail-on-centos-6-3-x64</a>
Delete previus post.
@KamalNasser
I tried to creat the records necessary for my host. They are correct?
A Record: Hostname=mail IP=(my IP)
MX Record: Hostname=mail.(mydomain.com). Priority=5
Is correcto hostname of MX record?
@oSiNaReF: The Hostname of the MX record should be “mail”.
@kamal Nasser im trying to connect from my localhost PC to my remote smtp server but i dont know what i need to setup in my vps
im trying:
mail.iadrian.pe user pass
but i just get:
Send Error
There was an error while trying to send the test email. Please check the connection details.
@maximoishi: You have sendmail running. Try removing it and rebooting your droplet:
<pre>yum remove sendmail && shutdown -r 0</pre>
@Kamal Nasser after this can i follow up this tutorial?
@kamal wiiiuu i did now im sending emails from local :D just testing purpose not spam, well i had an extra work steps from @sunlynx
Thank you both are amazing!
Awesome! :]
This worked great for me except Cyrus wasn’t running so I had to start it before I was able to send an email:
/etc/init.d/cyrus-imapd start
And if you want it to start at boot:
chkconfig --level 3 cyrus-imapd on
Kamal, I have troubles to connect to correct mailboxes using GMAIL POP3 feature.
Before this setup, I have been receiving mails to /var/spool/mail, then after IMAP setup I started receiving mails directed to account@example.com to /var/spool/imap/domain/m/mail.example.com/m/user/mike/ but now somehow I cant find mails anywhere. Using GMAIL POP3 option I can connect but I retrieve nothing.
main.cf home_mailbox = Maildir/ mail_spool_directory = /var/spool/mail mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
imapd.conf virtdomains: userid partition-default: /var/spool/imap
Don’t you know what could be the problem?
Hmm, you can ignore my previous post - seems like the issue was with my patience… I have updated DNS record before configuring and it took some time while it all started working.
Worked perfectly! Great job thanks so much.
If we want to deploy Postfix to be a send-only mail server (e.g., for on-board apps), do we still need to install <code>cyrus-sasl</code>, <code>cyrus-imapd</code>, and/or <code>mailx</code>?
<b>EDIT:</b> Nevermind. I asked b/c I was in the process of writing a tutorial on deploying the FreePBX (and Asterisk) Distro on a DigitalOcean cloud server; but subsequently noticed that the FreePBX distro not only installs <code>Postfix</code>, but also installs <code>cyrus-sasl</code> and <code>mailx</code>.
Thus, my <i>new</i> question is: If <code>cyrus-imapd</code> is <b>not</b> installed, does that change anything in this tutorial other than skipping over the section related to editing the <code>/etc/imapd.conf</code> file?
@Pablo: Cyrus is an IMAP server. If you do not want to receive mail you usually do not need to access your droplet via the IMAP protocol so it’s not needed.
You can install postfix/exim4/any other MTA and have it listen on 127.0.0.1, this way your droplet is send-only :]
So, if cyrus-imapd is not installed, you can skip all of the sections that are related to IMAP/SASL since you won’t need them.
Thanks Kamal!
Kamal, I followed this setup and can send emails and also forward emails when sent from the server directly but anything sent from outside get lost in a blackhole. What’s the best way for me to debug please?
Thanks!
i have configured postfix but i couldn’t able to send via SMTP so kindly help me out
@brice: What’s the output of <pre>sudo netstat -plutn | grep 25</pre>? Also, what’s the domain name?
@Krishna: How are you trying to send mail via SMTP? Is postfix running (<code>sudo netstat -plutn | grep 25</code>)?
This has been a great help , thanks . Seems I still have a permissions issue after following this . So need a little help . I get , [/var/lib/imap/socket/lmtp]: Permission denied . Originally the lmtp had not been created , so created it . Permissions are for the cyrus iMAP server and the group is mail , SElinux is for cyrus_var_lib_t . I am guessing Postfix is having trouble writing to the directory , Any clues pls
Cleared up the writing problem now it is Connection refused
I got problem when sending email from mobile, I check the /var/log/maillog it says
postfix/smtpd[12714]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory postfix/smtpd[12714]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory postfix/smtpd[12714]: warning: SASL authentication failure: Password verification failed postfix/smtpd[12714]: warning: unknown[114.4.23.37]: SASL PLAIN authentication failed: authentication failure
Any help would be appreciated
@leo: Try rebooting your droplet, does that fix it?