When setting up Postfix to accept mail from other machines in your network, the primary configuration file you'll work with is /etc/postfix/main.cf. The key parameter here is mynetworks, which defines which IP addresses are allowed to relay mail through your server.
First, edit your main.cf file:
# nano /etc/postfix/main.cf
Add or modify these parameters:
inet_interfaces = all mynetworks = 127.0.0.0/8, 192.168.1.0/24 relayhost = smtpd_relay_restrictions = permit_mynetworks, reject_unauth_destination
Replace 192.168.1.0/24 with your actual network subnet.
Before making changes, verify your basic connectivity from the Windows server:
telnet your.postfix.server 25
If this fails, check these CentOS firewall settings:
# firewall-cmd --permanent --add-service=smtp # firewall-cmd --reload
For more granular control, consider using SASL authentication:
smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
Check your mail logs when troubleshooting:
# tail -f /var/log/maillog
Common errors include:
- Relay access denied - indicates
mynetworksmisconfiguration - Connection refused - firewall or Postfix not listening on the interface
For production environments, consider these optimizations:
smtpd_client_connection_limit = 100 smtpd_client_message_rate_limit = 100 smtpd_client_recipient_rate_limit = 100
First, verify basic network connectivity between your Windows server and CentOS Postfix host. Run these commands from the Windows command prompt:
telnet postfix_server_IP 25 ping postfix_server_IP
If these fail, resolve basic networking issues before proceeding with Postfix configuration.
Edit the main Postfix configuration file:
sudo vi /etc/postfix/main.cf
Key parameters to modify:
# Allow connections from your local network (adjust IP range) mynetworks = 127.0.0.0/8, 192.168.1.0/24 # Set your mail domain myorigin = $mydomain mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain # Enable SMTP authentication (optional but recommended) smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_local_domain = $myhostname
Ensure your firewall allows SMTP traffic:
sudo firewall-cmd --permanent --add-service=smtp sudo firewall-cmd --reload
For CentOS systems with SELinux enabled:
sudo setsebool -P allow_postfix_local_write_mail_spool on sudo semanage port -a -t smtp_port_t -p tcp 25
After applying changes, test with:
sudo postfix reload sudo systemctl restart postfix
Now try sending test email from your Windows server using this PowerShell script:
$EmailFrom = "user@yourdomain.com" $EmailTo = "recipient@example.com" $Subject = "Postfix Relay Test" $Body = "This is a test email sent via Postfix relay" $SMTPServer = "your_postfix_server_IP" $SMTPClient = New-Object Net.Mail.SmtpClient($SMTPServer, 25) $SMTPClient.EnableSsl = $false $SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)
Check Postfix logs for troubleshooting:
sudo tail -f /var/log/maillog
Look for successful relay attempts with status=sent or authentication failures.
For more secure setup, configure SASL authentication:
sudo yum install cyrus-sasl-plain sudo vi /etc/sasl2/smtpd.conf
Add these contents:
pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: PLAIN LOGIN
Create SASL users:
sudo saslpasswd2 -c -u postconf -h myhostname username sudo chown postfix:postfix /etc/sasldb2