Configure postfix to accept mail from external connections

Posted in Email Servers -

Postfix by default on CentOS 5 and Red Hat Enterprise Linux is configured to only receive mail on the local network interface. This is good if you are not intending your server to run as a mail server but is one additional step to getting your mail server running when setting up Postfix.

I typically telnet into a server on the particular port to see if the service is running and accepting connections. The port number for SMTP is 25 so it would just be a matter of doing this:

telnet 10.1.1.123 25

If the firewall is not configured to allow connections on port 25, or Postfix's default configuration will not let you connect, then you will get a message similar to the one following:

$ telnet 10.1.1.123 25
Trying 10.1.1.123...
telnet: connect to address 10.1.1.123: Connection refused

First check your firewall settings, and ensure that both inbound and outbound traffic is allowed on port 25. If you are still getting the error message, then open up /etc/postfix/main.cf and look for the following section:

#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = localhost

As you can see, the default setting for postfix on CentOS 5 and Red Hat Enterprise Linux (and probably other Linux distributions) is to only allow postfix to run on the localhost. You can either enable the "all" option like so:

inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#inet_interfaces = localhost

or allow localhost and specific IP addresses like so:

#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = localhost 10.1.1.123

Doing it this last way is useful if you have multiple IP addresses on your server and only want postfix to be accessible on particular IP addresses and not all of them, although you should also be able to restrict access in your firewall.

Now that you have it all working, telnetting in should look something like this:

$ telnet 10.1.1.123 25
Trying 10.1.1.123...
Connected to 10.1.1.123.
Escape character is '^]'.
220 example.com ESMTP Postfix
quit
221 2.0.0 Bye
Connection closed by foreign host.



Comments