Difference between revisions of "Linux: Postfix with a remote SMTP relay host"
Lukas Dzunko (talk | contribs) |
Lukas Dzunko (talk | contribs) |
||
Line 3: | Line 3: | ||
You should have running postfix. It should be installed with options <code>sasl</code> and <code>ssl</code> enabled. I don't cover installation itself here. | You should have running postfix. It should be installed with options <code>sasl</code> and <code>ssl</code> enabled. I don't cover installation itself here. | ||
− | + | In order to configure postfix set following options in <code>/etc/postfix/main.cf</code> by editing file or by <code>postconf</code>: | |
* by editing: | * by editing: |
Revision as of 18:14, 13 November 2013
This is short guide how to setup postfix to use another server as email relay. Most of the dynamic IP address assigned to broadband (home) network are blacklisted. This is desired behavior as users should use email service instead of direct email delivery. If your are using server or Linux box to send notifications from local services then you may find problem to deliver such a notifications. Configuration of postfix is flexible and it is possible to configure it to act as "user" which use user/pass for authentication. Once postfix is authenticated on relay host it's possible to send emails through it. Here is example how to configure postifx in this way:
You should have running postfix. It should be installed with options sasl
and ssl
enabled. I don't cover installation itself here.
In order to configure postfix set following options in /etc/postfix/main.cf
by editing file or by postconf
:
- by editing:
relayhost = mail.example.com:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
- via command:
postconf -e 'relayhost = mail.example.com:587' postconf -e 'smtp_use_tls = yes' postconf -e 'smtp_sasl_auth_enable = yes' postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd' postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt'
Description of configuration:
-
relayhost
- dns name (or IP) used for client connection on remote server -
smtp_use_tls
- enable TLS/SSL connection to remote servers -
smtp_sasl_auth_enable
- sasl authentication to remote SMTP servers (e.g. client login) -
smtp_sasl_password_maps
- map file with password -
smtp_tls_CAfile
- list of CAs to trust
Syntax for password file (/etc/postfix/sasl_passwd
) is:
mail.example.com:587 user:password
Once this file is in place access should be secured. I recommend root:root
owner and 600
permisions.
chown root:root /etc/postfix/sasl_passwd chmod 600 /etc/postfix/sasl_passwd
Postfix access its files in binary form so before restart it is necessary to convert password file:
Last step is restart or reload of postfix: <pre> /etc/init.d/postfix restart