Familiarity with email architectures is essential to be able to respond to various security and performance issues about mailing systems. When mailing systems and mail architectures are examined, it’s found that one of the most important security issues is with mail transfer agents (MTA).
Postfix is one of the most secure and configurable mail transfer agents. Here’s everything you need to know about Postfix and its architecture.
What Is Postfix?
Postfix is a free mail transfer agent released in 1998 under the name VMailer. Written in the C programming language, it can run smoothly on many Unix and Linux systems. It does not use protocols such as POP and IMAP. If you want to use such services, you need to make use of some additional mail client software.
Postfix System Architecture Overview
The diagram below describes the working system of Postfix.
Since mail clients and servers target many different users, it is very important for administrators to be familiar with the architecture of these systems. A possible loss of security and performance can cause major problems.
There is a very comprehensive system running behind Postfix. It uses various daemons that interact with each other. Each of the daemons takes on different responsibilities and tasks. They work in different security contexts and have different rules according to the created transactions.
Also, the main program controls the running status of each daemon. In some cases, these daemons may not run at all as they have pre-configured shutdown times as well.
Incoming New Message Transactions
Considering the path messages follow in the Postfix system, there are three different ways this can happen. One of them is QMQP, which uses the qmqpd daemon. The other is SMTP. SMTP is more popular than QMQP and uses the smtpd daemon. The third way is the Sendmail program.
The working system of Sendmail is as follows:
- First of all, Sendmail forwards the mails to the postdrop program, which you can see in the Postfix diagram above.
- The pickup daemon forwards the incoming message to the cleanup daemon. At this stage, messages sent from Sendmail, smtpd, and qmqpd meet at a common point and follow the same route.
- The cleanup daemon handles the rewriting of used messages. Here, when the cleanup job is finished, the message is sent back to the queue. Finally, the queue manager is notified of the incoming messages.
Delivery of Scheduled Messages
The queue manager (qmgr) takes responsibility for the delivery of messages. It comes into play to determine how a message reaches the recipient.
If you think about the path that messages take, the queue manager’s area of responsibility is the entire area from where the cleanup daemon ends to the end of the queue. Mail that the Postfix system considers undeliverable bounce, and all this is done by the queue manager, along with the bounce daemon.
There are some directories that the queue manager uses for different purposes. The path followed for new messages are the incoming queue and the active queue, respectively. The active queue contains messages that are ready for delivery.
If delivery fails, it puts the message in the deferred queue. While the message is here, it is scanned periodically. At this stage, if this queue system wants to resend the message, the message is resent to the active queue.
Checking and moving messages between queues depends on two different situations. It is important how much time has passed since the message reached the queue, and what is the actual time difference between retries. In these situations, together with the decision made by the system, the messages move between the queues.
How Does the Message Process Work With Postfix Tools?
There are many programs and agents that Postfix works with. These are the systems that terminate the message’s path through an entire queue and make the final response.
For example, smtp forwards messages to the other host using smtpd. Here smtp refers to the SMTP client and smtpd refers to the SMTP protocol. The same is true between lmtp and lmtpd. Don’t confuse the SMTP and LMTP clients (smtp and lmtp) described here with smtpd and lmtpd.
The local delivery agent, on the other hand, is responsible for forwarding messages to users who have normal accounts on the system. Also, this tool supports aliases for .forward files. As a result, users can set themselves whether messages are delivered or not.
In a system where there are users with real or shell accounts for the virtual message box, messages are delivered virtually.
Sometimes the standard distribution agents that Postfix provides are not enough. In these cases, it is possible to develop your own intermediaries. By doing this, you can use the pipe daemon to provide message bodies to your delivery process via the standard input stream.
If you want to develop a delivery agent that accepts messages through some network protocol, the spawn daemon will help you.
One of the advantages of using Postfix is that you can use it with other supported programs. There are many different programs you can use to check, test, or debug your system.
Some of these programs are:
- mailq: With this program, it is possible to see information about messages in the queue
- postalias: Using postalias, you can regenerate an alias file and query the alias lookup table
- postmap: It is used quite often for Postfix debugging. It allows you to rebuild the indexed database file and query a lookup table of your choice.
- postqueue: You can clean the message queue with this program. To do that, you move all messages in the deferred queue to the active queue. You must use it carefully though. While it may seem logical to perform a cleanup on poorly performing servers, it can damage the system as it will put more load on the active queue.
- postsuper: It allows you to interfere with the messages in the message queue. You can delete or reorder messages in the queue.
Postfix Is an Easy-to-Use Post Server
Postfix can easily run on many different operating systems such as Linux, Unix, BSD, and AIX. Also, on Ubuntu-based Linux distributions, the standard mail transfer agent is Postfix. Although Postfix was developed as an alternative architecture to Sendmail, you can easily use it with Sendmail.
You can also get services such as antivirus filtering, spam filtering, sender policy framework, domain-specific usernames, IMAP, and POP3 support using other Postfix compatible software.
If you’re looking for a reliable and convenient email client for your Linux desktop, consider yourself lucky. Linux has a host of different email clients available to download for free.
The 10 Best Linux Email Clients
About The Author