If you have scripts or other services that run as root that need to send to outside email addresses, via postfix, without being root@hostname, this is what you need to do:
- sudo vi /etc/postfix/generic
- sudo vi /etc/postfix/main.cf
smtp_generic_maps = hash:/etc/postfix/generic
- sudo postmap /etc/postfix/generic
- sudo systemctl restart postfix
Done! Now root will send as email@example.com instead. Substitute whatever you want for firstname.lastname@example.org
I’ve been having an odd problem with being unable to delete emails from the Inbox of my self-hosted email account from my Android phone, using the Gmail app, using IMAP. When I would delete a message, a copy would be created in the Trash folder, but the original would remain in the inbox – when viewed from webmail. When I refreshed the inbox, the original would reappear on my phone.
At first, I thought the problem was permissions on /var/mail – so I did various changes such as
chmod 1775, but to no avail.
I then remembered that I had recently re-setup my mail account on my phone, and realized that maybe it wasn’t using IMAP previously. So, I deleted the account, set it up again as POP3, and enabled server-side deletion. It worked!
It turns out that most mobile IMAP clients do not support the ability to achieve true server-side deletion. Using POP3 is an easy alternative and there is no harm. Yes, POP3 is an outdated and cruddy protocol, but in the end, it works.
Recently, emails sent from my Postfix mail server to my Gmail account were getting tagged as ‘insecure’. Come to find out, they were no longer sending with TLS. They were defaulting back to open SMTP over port 25. Why? Because Debian’s ca-certificates.crt had updated and that removed the CA needed to make my site’s certificate valid – and I use that same certificate to encrypt my TLS SMTP traffic.
First, to diagnose the problem, I forced TLS in my main.cf and turned on TLS logging with the following settings:
I then restarted Postfix with:
sudo service postfix restart
After restarting, Postfix provides the following error in its logs when attempting to send email:
TLS is required, but our TLS engine is unavailable
Earlier in the log file, it indicates a failure to load the CA file that validates the cert and key files. So, here’s the solution:
- Make sure your cert and CA files are located in /etc/ssl/certs
- Run the following command: sudo update-ca-certificates –fresh
- Then go to your Postfix main.cf and verify the following lines are there (and comment out any conflicting lines):
- Restart the Postfix service again.
- Send an email to an @gmail.com address – you should no longer see the unlocked icon under the sender information.