Linux best practices: Postfix null client on all hosts

This is the first article in a series on best practices in GNU/Linux systems administration.

Every GNU/Linux system comes with an integrated alert system which is based on mail messages. Cron collects the output of the scripts it runs and sends it via mail to local root. sudo sends out a mail after unauthorized attempts to execute commands. Many other tools rely on the availability of a local mail delivery system.

The key to transform this minimal service into a centralized alert service is to let all the local messages reach a single mail account. This can be accomplished by installing Postfix on every host with the following /etc/postfix/main.cf:

myhostname = host.example.com
mydestination =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
local_recipient_maps =
local_transport = error:local delivery is disabled
canonical_maps = hash:/etc/postfix/canonical
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only

As you can see, local delivery is disabled, so all messages are delivered to external servers. Messages generated by or directed to local users will have an address in the user@host.example.com form. This is where the canonical_maps enter in action:

# /etc/postfix/canonical
@host.example.com	alert@example.com

Note: remember to issue postmap /etc/postfix/canonical after each change to the file.
All local address will be rewritten into alert@example.com, which will be a single, constantly monitored e-mail account.

If the availability for every local user of a ready-to-use mail delivery service is a concern, you can use the following Postfix Author's suggestion to limit the delivery to a single domain:

/etc/postfix/main.cf
    transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport:
    example.com :
    * error:we do not deliver this domain

Comments are welcome at mailbox@s19n.net.
If this article was valuable to you, you may consider donating.