Project

General

Profile

Support #303

Configuring Postfix For Relaying Emails Through Another Mailserver

Added by Daniel Curtis almost 11 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Mail Server
Target version:
-
Start date:
01/15/2014
Due date:
% Done:

100%

Estimated time:
0.50 h
Spent time:

Description

Postfix has the ability relay emails through another mail server. This can be useful if you run a Postfix mail server in your local network and have a dynamic IP address (because most dynamic IP addresses are blacklisted today). By relaying your emails through another mail server that is hosted on a static IP address in a data center (e.g. your ISP's mailserver) you can prevent your emails from being categorized as spam.

To configure relaying on your Postfix mail server, you need a valid email account on another mail server.

In this example, I use smtp.gmail.com as the remote mail server on which I have a valid email account with:

I assume you have already installed Postfix as I won't go into the details of installing Postfix here.

Configure Postfix For Relaying

  • To configure our Postfix server for relaying emails through smtp.gmail.com, run:
    postconf -e 'relayhost = smtp.gmail.com:587'
    postconf -e 'smtp_use_tls=yes'
    postconf -e 'smtp_sasl_auth_enable = yes'
    postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd'
    postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt'
    postconf -e 'smtp_sasl_security_options = noanonymous, noplaintext'
    postconf -e 'smtp_sasl_tls_security_options = noanonymous'
    
  • Our username () and password (SuperSecretPassword) for smtp.gmail.com must be stored in /etc/postfix/sasl_passwd, therefore we do this:
    echo "smtp.gmail.com:587   someuser@gmail.com:SuperSecretPassword" > /etc/postfix/sasl_passwd
    

Lock Down SMTP credentials

  • /etc/postfix/sasl_passwd must be owned by root, and no one else should have read access to that file, so we do this:
    chown root:root /etc/postfix/sasl_passwd
    chmod 600 /etc/postfix/sasl_passwd
    
  • Now we must convert /etc/postfix/sasl_passwd into a format that Postfix can read:
    postmap /etc/postfix/sasl_passwd
    

This will create the file /etc/postfix/sasl_passwd.db.

  • All that is left to do is restart Postfix:
    /etc/init.d/postfix restart
    

That's it. You can now test by sending emails over your mail server and having a look at your mail log. You should see that all your emails are now passed on to smtp.gmail.com (except the ones that have a local recipient, very useful for internal-only mail servers that still need to send mail to the internet).

Resources

#1

Updated by Daniel Curtis almost 11 years ago

  • Status changed from Resolved to Closed
#2

Updated by Daniel Curtis almost 10 years ago

  • Project changed from 31 to GNU/Linux Administration
  • Description updated (diff)
  • Category set to Mail Server

Also available in: Atom PDF