[CentOS] migrating from sendmail to postfix, centos 6 to centos 8

Thu Jun 4 09:07:29 UTC 2020
Pete Biggs <pete at biggs.org.uk>

> 
> I am getting new hardware for this machine, and plan to setup centos 8, 
> which uses postfix, not sendmail.

sendmail is also available - postfix is just the default. 

>  I've been trying to provision a vm 
> with the proper configuration, but cannot get any emails delivered to root.
> 
> Is there a pointer to a configuration guide that will help me do what I 
> want? I have googled about 100 setups, none of which are what I'm trying 
> to achieve. They all suggest using an alias for root to a normal user, 
> but them that user gets all of the cron, fail2ban, etc emails, instead 
> of delivering them to root on the local machine.
> 
The fact that they are all saying to use an alias must surely be
telling you something!

The issue is that if root is receiving mail, then you must be reading
it as root and that is a really bad thing to be doing. If you don't
want the mail to go to a user, then setup another account purely to
receive the root mail that doesn't have elevated privs. 

BTW, other than the fact you shouldn't login as root, the reason for
this is that the mailbox that receives the mail is owned by the user
and the delivery process is run as that user - except for root, which
is run as a non-privileged user: the last thing you want is for some
random email to possibly be processed as root, especially as you say
you are using procmail.  There is a note in the main.cf file:

   # IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN
   # ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.

P.