/etc/postfix/main.cf file, remove all comment using search replace but keep the last line in each block of comment for setting examples to un comment. And then uncomment those lines to get this
compatibility_level = 3.6 soft_bounce = no queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix mail_owner = postfix default_privs = habib myhostname = mail.sanjir.com mydomain = sanjir.com myorigin = $mydomain inet_interfaces = all inet_protocols = all mydestination = $myhostname, localhost.$mydomain, localhost local_recipient_maps = unknown_local_recipient_reject_code = 550 mynetworks_style = host relay_domains = * mailbox_transport = dovecot smtpd_banner = $myhostname debug_peer_level = 5 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = no manpage_directory = /usr/share/man sample_directory = /usr/share/doc/postfix/samples readme_directory = /usr/share/doc/postfix/README_FILES smtpd_tls_security_level = may smtp_tls_CApath = /etc/pki/tls/certs smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_security_level = may meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix
/etc/postfix/main.cf# habib --- extra outside of default virtual_minimum_uid = 8 virtual_uid_maps = postfix virtual_gid_maps = postfix virtual_transport = lmtp:unix:private/dovecot virtual_mailbox_domains = sanjir.com habibur.com ussbbd.com smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_sasl_authenticated permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, # reject_sender_login_mismatch, reject_unauth_pipelining, permit smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_unknown_client, reject_unknown_hostname, reject_unknown_recipient_domain, reject_unknown_sender_domain, reject_unauth_destination, reject_unknown_reverse_client_hostname, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_invalid_hostname, #check_reverse_client_hostname_access pcre:/etc/postfix/tld.pcre, #check_helo_access pcre:/etc/postfix/tld.pcre, #check_sender_access hash:/etc/postfix/spam_domain, #reject_rbl_client zen.spamhaus.org, #reject_rbl_client bl.spamcop.net, #reject_rbl_client b.barracudacentral.org, #reject_rbl_client dnsbl.sorbs.net, check_policy_service unix:private/policy-spf smtp_tls_security_level = may smtpd_tls_security_level = may smtp_tls_note_starttls_offer = yes smtpd_tls_received_header = yes smtpd_tls_key_file = /etc/letsencrypt/live/habibur.com/privkey.pem smtpd_tls_cert_file = /etc/letsencrypt/live/habibur.com/fullchain.pem # smtpd_tls_CAfile = /etc/pki/tls/root.crt smtpd_tls_loglevel = 1 smtpd_tls_session_cache_timeout = 3600s smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache tls_random_source = dev:/dev/urandom smtpd_tls_auth_only = yes #smtpd_milters = inet:localhost:8891 #non_smtpd_milters = $smtpd_milters #milter_default_action = reject #milter_protocol = 2 postscreen_greet_action = enforce postscreen_dnsbl_action = enforce postscreen_access_list = permit_mynetworks #postscreen_dnsbl_sites = zen.spamhaus.org, b.barracudacentral.org, bl.spamcop.net #debug_peer_list = 103.58.74.146 mailbox_command = /usr/libexec/dovecot/deliver -f "$SENDER" -a "$RECIPIENT" #for bot@habibur.com #recipient_bcc_maps = hash:/etc/postfix/recipient_bcc #transport_maps = hash:/etc/postfix/transport alias_maps = hash:/etc/aliases meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix policy-spf_time_limit = 3600
virtual_transport = lmtp:unix:private/dovecot
This is how postfix delivers mail to mail box. It doesn't save it directly but hands over to dovecot which knows who are authenticated and not and where to put the mail.
This private/dovecot pipe resides in /var/spool/postfix/private/dovecot and you set it in dovecot at /etc/dovecot/conf.d/10-master.conf
In this line
service lmtp {
unix_listener /var/spool/postfix/private/dovecot {
mode = 0666
user = postfix
group = postfix
}
}
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
As usual private/auth is in /var/spool/postfix/private/auth and the unix pipe file should pre exist during packages installation.
submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject #TODO # -o smtpd_sender_restrictions=reject_sender_login_mismatch -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
Key entry is -o smtpd_sasl_path=private/auth telling it to use the pipe and it's location.
That's all.