Project

General

Profile

Support #303

Updated by Daniel Curtis almost 10 years ago

Postfix has the ability relay emails through another mail server. This can be useful if you run a Postfix mail server in your local network and have a dynamic IP address (because most dynamic IP addresses are blacklisted today). By relaying your emails through another mail server that is hosted on a static IP address in a data center (e.g. your ISP's mailserver) you can prevent your emails from being categorized as spam. 

 To configure relaying on your Postfix mail server, you need a valid email account on another mail server. 

 In this example, I use smtp.gmail.com as the remote mail server on which I have a valid email account with: 
 * Username: *someuser@gmail.com* 
 * Password: *SuperSecretPassword* 

 I assume you have already installed Postfix as I won't go into the details of installing Postfix here. 

 h2. Configure Postfix For Relaying 

 * To configure our Postfix server for relaying emails through smtp.gmail.com, run: 
 <pre> 
 postconf -e 'relayhost = smtp.gmail.com:587' 
 postconf -e 'smtp_use_tls=yes' 
 postconf -e 'smtp_sasl_auth_enable = yes' 
 postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd' 
 postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt' 
 postconf -e 'smtp_sasl_security_options = noanonymous, noplaintext' 
 postconf -e 'smtp_sasl_tls_security_options = noanonymous' 
 </pre> 

 * Our username (*someuser@gmail.com*) and password (*SuperSecretPassword*) for smtp.gmail.com must be stored in +@/etc/postfix/sasl_passwd@+, therefore we do this: 
 <pre> 
 echo "smtp.gmail.com:587     someuser@gmail.com:SuperSecretPassword" > /etc/postfix/sasl_passwd 
 </pre> 

 h3. Lock Down SMTP credentials 

 * +@/etc/postfix/sasl_passwd@+ must be owned by *root*, and no one else should have read access to that file, so we do this: 
 <pre> 
 chown root:root /etc/postfix/sasl_passwd 
 chmod 600 /etc/postfix/sasl_passwd 
 </pre> 

 * Now we must convert +@/etc/postfix/sasl_passwd@+ into a format that Postfix can read: 
 <pre> 
 postmap /etc/postfix/sasl_passwd 
 </pre> 

 This will create the file +/etc/postfix/sasl_passwd.db+. 

 * All that is left to do is restart Postfix: 
 <pre> 
 /etc/init.d/postfix restart 
 </pre> 

 That's it. You can now test by sending emails over your mail server and having a look at your mail log. You should see that all your emails are now passed on to smtp.gmail.com (except the ones that have a local recipient, very useful for internal-only mail servers that still need to send mail to the internet). 

 h2. Resources 

 * http://www.howtoforge.com/postfix_relaying_through_another_mailserver 
 * http://www.postfix.org/SASL_README.html 
 * http://mhawthorne.net/posts/postfix-configuring-gmail-as-relay.html

Back