Ubuntu: how to install and configure SMTP server

Step 1: install postfix

sudo apt update
sudo apt install postfix

root@tutorialspots ~ # sudo apt update
Hit:1 http://mirror.hetzner.com/ubuntu/packages jammy InRelease
Get:2 http://mirror.hetzner.com/ubuntu/packages jammy-updates InRelease [119 kB]
Hit:3 http://mirror.hetzner.com/ubuntu/packages jammy-backports InRelease
Get:4 http://mirror.hetzner.com/ubuntu/packages jammy-security InRelease [110 kB]
Hit:5 http://nginx.org/packages/ubuntu jammy InRelease
Hit:6 http://de.archive.ubuntu.com/ubuntu jammy InRelease
Get:7 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:8 http://de.archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:9 http://mirror.hetzner.com/ubuntu/packages jammy-updates/main amd64 Packages [1,610 kB]
Hit:10 http://de.archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:11 http://mirror.hetzner.com/ubuntu/packages jammy-updates/universe amd64 Packages [1,071 kB]
Get:12 http://de.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [1,610 kB]
Get:13 http://de.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1,071 kB]
Fetched 5,820 kB in 1s (9,681 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
48 packages can be upgraded. Run 'apt list --upgradable' to see them.

install postfix 1

install postfix 2

install postfix 3

You can re-configure postfix:

sudo dpkg-reconfigure postfix

Step 2:
sudo systemctl enable postfix
sudo systemctl start postfix

Step 3: SPF configuration:
Add SPF Record to DNS :
Log in to your domain’s DNS admin account. Usually through the administration interface of the domain name provider or DNS service you are using.
Add a new TXT record with the following content:

v=spf1 a:mail.yourdomain.com ip4:<server_ip> include:_spf.google.com ~all

v=spf1 a:mail.yourdomain.com ip4: include:_spf.google.com ~all

Save changes.

read more about SPF: https://support.google.com/a/answer/10685031?sjid=14440567733282704103-AP

Step 4: Install OpenDKIM using the following command:
sudo apt install opendkim opendkim-tools

Unpacking libopendkim11:amd64 (2.11.0~beta2-6) ...
Selecting previously unselected package libmemcached11:amd64.
Preparing to unpack .../01-libmemcached11_1.0.18-4.2ubuntu4_amd64.deb ...
Unpacking libmemcached11:amd64 (1.0.18-4.2ubuntu4) ...
Selecting previously unselected package libmilter1.0.1:amd64.
Preparing to unpack .../02-libmilter1.0.1_8.15.2-22ubuntu3_amd64.deb ...
Unpacking libmilter1.0.1:amd64 (8.15.2-22ubuntu3) ...
Selecting previously unselected package libopendbx1.
Preparing to unpack .../03-libopendbx1_1.4.6-16_amd64.deb ...
Unpacking libopendbx1 (1.4.6-16) ...
Selecting previously unselected package librbl1:amd64.
Preparing to unpack .../04-librbl1_2.11.0~beta2-6_amd64.deb ...
Unpacking librbl1:amd64 (2.11.0~beta2-6) ...
Selecting previously unselected package libunbound8:amd64.
Preparing to unpack .../05-libunbound8_1.13.1-1ubuntu5.4_amd64.deb ...
Unpacking libunbound8:amd64 (1.13.1-1ubuntu5.4) ...
Selecting previously unselected package libvbr2:amd64.
Preparing to unpack .../06-libvbr2_2.11.0~beta2-6_amd64.deb ...
Unpacking libvbr2:amd64 (2.11.0~beta2-6) ...
Selecting previously unselected package dns-root-data.
Preparing to unpack .../07-dns-root-data_2023112702~ubuntu0.22.04.1_all.deb ...
Unpacking dns-root-data (2023112702~ubuntu0.22.04.1) ...
Selecting previously unselected package opendkim.
Preparing to unpack .../08-opendkim_2.11.0~beta2-6_amd64.deb ...
Unpacking opendkim (2.11.0~beta2-6) ...
Selecting previously unselected package libopendbx1-sqlite3.
Preparing to unpack .../09-libopendbx1-sqlite3_1.4.6-16_amd64.deb ...
Unpacking libopendbx1-sqlite3 (1.4.6-16) ...
Selecting previously unselected package opendkim-tools.
Preparing to unpack .../10-opendkim-tools_2.11.0~beta2-6_amd64.deb ...
Unpacking opendkim-tools (2.11.0~beta2-6) ...
Setting up libopendkim11:amd64 (2.11.0~beta2-6) ...
Setting up libopendbx1 (1.4.6-16) ...
Setting up dns-root-data (2023112702~ubuntu0.22.04.1) ...
Setting up libunbound8:amd64 (1.13.1-1ubuntu5.4) ...
Setting up libmilter1.0.1:amd64 (8.15.2-22ubuntu3) ...
Setting up libmemcached11:amd64 (1.0.18-4.2ubuntu4) ...
Setting up librbl1:amd64 (2.11.0~beta2-6) ...
Setting up libvbr2:amd64 (2.11.0~beta2-6) ...
Setting up libopendbx1-sqlite3 (1.4.6-16) ...
Setting up opendkim-tools (2.11.0~beta2-6) ...
Setting up opendkim (2.11.0~beta2-6) ...
Created symlink /etc/systemd/system/multi-user.target.wants/opendkim.service → /lib/systemd/system/opendkim.service.
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for libc-bin (2.35-0ubuntu3.7) ...
Scanning processes...
Scanning processor microcode...
Scanning linux images...

Running kernel seems to be up-to-date.

The processor microcode seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.

Step 5: Generate a key pair for DKIM with the following command:

sudo opendkim-genkey -t -s <selector> -d <your_domain>



with a name of your choice (eg:postmaster) and your domain name.

If you want to use email admin@yourdomain.com you use


is admin

This command will create two files:




Step 6: create OpenDKIM’s key directory: /etc/opendkim/keys/

mkdir -p /etc/opendkim/keys/<your_domain>

Step 7: Move the private key into OpenDKIM’s key directory:

sudo mv <selector>.private /etc/opendkim/keys/<your_domain>/<selector>.private

Step 8: Specify ownership for the lock file

sudo chown opendkim:opendkim /etc/opendkim/keys/<your_domain>/<selector>.private

sudo chown opendkim:opendkim /etc/opendkim/keys/tutorialspots.com/postmaster.private

Step 9: Edit OpenDKIM’s configuration file /etc/opendkim.conf

uncomment then change default:

#Domain                 example.com
#Selector               2020
#KeyFile                /etc/dkimkeys/example.private


Domain                  <your_domain>
Selector                <selector>
KeyFile                 /etc/opendkim/keys/<your_domain>/<selector>.private

Step 10: edit file /etc/default/opendkim

you will see

# default:
# listen on all interfaces on port 54321:
# listen on loopback on port 12345:
# listen on on port 12345:

change to

# default:
# listen on all interfaces on port 54321:
# listen on loopback on port 12345:
# listen on on port 12345:

Step 11: Restart the OpenDKIM service
sudo systemctl restart opendkim

Step 12: Add DKIM Records to DNS :
open file


cat postmaster.txt

You will see content like:

postmaster._domainkey   IN      TXT     ( "v=DKIM1; h=sha256; k=rsa; t=y; "
          "kCcy8NZ16mMTZ7qXqmPabXmjY4+aeIhFXf8b87ELPmG7zZwvdyfFg82c7hmNN8MFgTGBLu52QWb3umvAvmZRDrSET+it4sfPH1ikPdRBBCa0l7AUyUmIBzM0XXtVvC1iHCMXL7YQIDAQAB" )  ; ----- DKIM key postmaster for yourdomain.com

you only need to copy parts


of the recording.


Add TXT record postmaster._domainkey

Step 13: Configure Postfix to use DKIM:
Postfix configuration :
Edit Postfix’s configuration file /etc/postfix/main.cf

add theses lines

smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
milter_default_action = accept
milter_protocol = 6

and edit line:

inet_protocols = all


inet_protocols = ipv4

Step 14: Restart Postfix and OpenDKIM :
Restart Postfix:

sudo systemctl restart postfix

Restart OpenDKIM:

sudo systemctl restart opendkim

Verify SMTP server:

root@tutorialspots ~ # telnet 25
Connected to
Escape character is '^]'.
220 Ubuntu-2204-jammy-amd64-base ESMTP Postfix (Ubuntu)


apt install mailutils

echo "Test mail from Postfix" | mail -s "Test Postfix" -a "From: postmaster@yourdomain.com" youremail@gmail.com

check log:

tail /var/log/mail.log -n 200

How to change SMTP port?

edit file /etc/postfix/master.cf

nano /etc/postfix/master.cf

3 important lines:

smtp      inet  n       -       y       -       -       smtpd
submission inet n       -       y       -       -       smtpd
smtps     inet  n       -       y       -       -       smtpd

You use only one line, smtp for port 25, submission for port 587, smtps for port 465

after edit file, restart service postfix

service postfix restart

Leave a Reply