Support #303
Updated by Daniel Curtis almost 10 years ago
Postfix has the ability relay emails through another mail server. This can be useful if you run a Postfix mail server in your local network and have a dynamic IP address (because most dynamic IP addresses are blacklisted today). By relaying your emails through another mail server that is hosted on a static IP address in a data center (e.g. your ISP's mailserver) you can prevent your emails from being categorized as spam. To configure relaying on your Postfix mail server, you need a valid email account on another mail server. In this example, I use smtp.gmail.com as the remote mail server on which I have a valid email account with: * Username: *someuser@gmail.com* * Password: *SuperSecretPassword* I assume you have already installed Postfix as I won't go into the details of installing Postfix here. h2. Configure Postfix For Relaying * To configure our Postfix server for relaying emails through smtp.gmail.com, run: <pre> postconf -e 'relayhost = smtp.gmail.com:587' postconf -e 'smtp_use_tls=yes' postconf -e 'smtp_sasl_auth_enable = yes' postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd' postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt' postconf -e 'smtp_sasl_security_options = noanonymous, noplaintext' postconf -e 'smtp_sasl_tls_security_options = noanonymous' </pre> * Our username (*someuser@gmail.com*) and password (*SuperSecretPassword*) for smtp.gmail.com must be stored in +@/etc/postfix/sasl_passwd@+, therefore we do this: <pre> echo "smtp.gmail.com:587 someuser@gmail.com:SuperSecretPassword" > /etc/postfix/sasl_passwd </pre> h3. Lock Down SMTP credentials * +@/etc/postfix/sasl_passwd@+ must be owned by *root*, and no one else should have read access to that file, so we do this: <pre> chown root:root /etc/postfix/sasl_passwd chmod 600 /etc/postfix/sasl_passwd </pre> * Now we must convert +@/etc/postfix/sasl_passwd@+ into a format that Postfix can read: <pre> postmap /etc/postfix/sasl_passwd </pre> This will create the file +/etc/postfix/sasl_passwd.db+. * All that is left to do is restart Postfix: <pre> /etc/init.d/postfix restart </pre> That's it. You can now test by sending emails over your mail server and having a look at your mail log. You should see that all your emails are now passed on to smtp.gmail.com (except the ones that have a local recipient, very useful for internal-only mail servers that still need to send mail to the internet). h2. Resources * http://www.howtoforge.com/postfix_relaying_through_another_mailserver * http://www.postfix.org/SASL_README.html * http://mhawthorne.net/posts/postfix-configuring-gmail-as-relay.html