Support #303: Configuring Postfix For Relaying Emails Through Another Mailserver - GNU/Linux Administration - ALT Project Management

Support #303

Configuring Postfix For Relaying Emails Through Another Mailserver

Added by Daniel Curtis almost 11 years ago. Updated almost 10 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Daniel Curtis

Category:

Mail Server

Target version:

Start date:

01/15/2014

Due date:

% Done:

100%

Estimated time:

0.50 h

Spent time:

0.50 h

Description

Postfix has the ability relay emails through another mail server. This can be useful if you run a Postfix mail server in your local network and have a dynamic IP address (because most dynamic IP addresses are blacklisted today). By relaying your emails through another mail server that is hosted on a static IP address in a data center (e.g. your ISP's mailserver) you can prevent your emails from being categorized as spam.

To configure relaying on your Postfix mail server, you need a valid email account on another mail server.

In this example, I use smtp.gmail.com as the remote mail server on which I have a valid email account with:

Username: someuser@gmail.com
Password: SuperSecretPassword

I assume you have already installed Postfix as I won't go into the details of installing Postfix here.

Configure Postfix For Relaying¶

To configure our Postfix server for relaying emails through smtp.gmail.com, run:

postconf -e 'relayhost = smtp.gmail.com:587'
postconf -e 'smtp_use_tls=yes'
postconf -e 'smtp_sasl_auth_enable = yes'
postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd'
postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt'
postconf -e 'smtp_sasl_security_options = noanonymous, noplaintext'
postconf -e 'smtp_sasl_tls_security_options = noanonymous'

Our username (someuser@gmail.com) and password (SuperSecretPassword) for smtp.gmail.com must be stored in /etc/postfix/sasl_passwd, therefore we do this:
```
echo "smtp.gmail.com:587   someuser@gmail.com:SuperSecretPassword" > /etc/postfix/sasl_passwd
```

Lock Down SMTP credentials¶

/etc/postfix/sasl_passwd must be owned by root, and no one else should have read access to that file, so we do this:
```
chown root:root /etc/postfix/sasl_passwd
chmod 600 /etc/postfix/sasl_passwd
```

Now we must convert /etc/postfix/sasl_passwd into a format that Postfix can read:
```
postmap /etc/postfix/sasl_passwd
```

This will create the file /etc/postfix/sasl_passwd.db.

All that is left to do is restart Postfix:
```
/etc/init.d/postfix restart
```

That's it. You can now test by sending emails over your mail server and having a look at your mail log. You should see that all your emails are now passed on to smtp.gmail.com (except the ones that have a local recipient, very useful for internal-only mail servers that still need to send mail to the internet).

Resources¶

Updated by Daniel Curtis almost 11 years ago

Status changed from Resolved to Closed

Updated by Daniel Curtis almost 10 years ago

Project changed from 31 to GNU/Linux Administration
Description updated (diff)
Category set to Mail Server

Also available in: Atom PDF

Project

General

Profile

GNet Solutions » GNU/Linux Administration