Get a free consultation —
Back to Blog
clouddevopstutorials

post fix install and configure with AWS SES

post fix install and configure with AWS SES

sufiyansufiyan
May 28, 2025
1 min read

What we are going to do?:

  • Uninstall Sendmail, if it’s already installed on your system. The procedure for completing this step varies depending on the operating system you use.
  • Install Postfix. The procedure for completing this step varies depending on the operating system you use.
  • Install libsasl2-modules packages
  • Create a config file for MTA
  • Configure Postfix with Amazon SES through postfix command
  • Setup SES username and password for MTA in sasl_passwd file
  • Start and reload postfix
  • Send a test mail

Step 1: Uninstall Sendmail (if installed)

bash
sudo apt --purge remove sendmail

Step 2: Install Postfix

bash
sudo apt update
sudo apt install postfix

Step 3: Install libsasl2-modules packages

bash
sudo apt install libsasl2-modules

Step 4: Create a config file for MTA

Debian/Ubuntu Linux user type the following to create a new default config file for your MTA:

$ sudo cp -v -i /etc/postfix/main.cf{.proto,} '/etc/postfix/main.cf.proto' -> '/etc/postfix/main.cf'

Step 5: Configure Postfix with Amazon SES through postfix command

bash
sudo postconf -e "relayhost = [email-smtp.us-west-2.amazonaws.com]:587" \ "smtp_sasl_auth_enable = yes" \ "smtp_sasl_security_options = noanonymous" \ "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" \ "smtp_use_tls = yes" \ "smtp_tls_security_level = encrypt" \ "smtp_tls_note_starttls_offer = yes"

Note: If you use Amazon SES in an AWS Region other than US West (Oregon), replace email-smtp.us-west-2.amazonaws.com in the preceding command with the SMTP endpoint of the appropriate region. For more information, see .

Step 6: Setup SES username and password for MTA in sasl_passwd file with an editor

plaintext
# Edit the main.cf file and comment out the following parameters
# File: /etc/postfix/main.cf
# Comment out these lines if they exist
# setgid_group =
# sendmail_path =
# mailq_path =
# newaliases_path =
# manpage_directory =
# sample_directory =
# readme_directory =
# html_directory =

You can use the following command to comment them automatically:

bash
sudo sed -i.bak -E '/^(setgid_group|sendmail_path|mailq_path|newaliases_path|manpage_directory|sample_directory|readme_directory|html_directory)[[:space:]]*=.*/s/^/#/' /etc/postfix/main.cf

Update the ownership and permissions of the following files:

plaintext
$ sudo chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db$ sudo chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

Tell Postfix where to find the CA certificate (needed to verify the Amazon SES server certificate). The command you use in this step varies based on your operating system.

If you use Ubuntu or a related distribution, type the following command:

bash
sudo postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt'

Step 7: Restart and reload postfix

bash
sudo postfix start; sudo postfix reload

Step 8: Send a test mail to check postfix works properly as expected

bash
echo "This is a test email." \
| mail -r [email protected] 'AWS SES test' [email protected]

If all worked properly you can verify the mail logs in :

plaintext
tail -f /var/log/mail.log

Thanks ……

Tags

#aws#ses
sufiyan

sufiyan

sufiyan bio