Postfix: Internal Mailrelay with Auth and TLS encryption to Provider

Hi,

this will describe the steps to setup a MailRelay for internal use the accepts SMTP Mails and relay it over a secure TLS connection with authification to an external mail provider on top of Debian 8 Jessie.

Install Postfix, after installation the basic configuration starts

root@devdebt ~ # apt-get install postfix


+---------------------------¦ Postfix Configuration ¦---------------------------+
¦ Please select the mail server configuration type that best meets your needs.  ¦
¦ General type of mail configuration:                                           ¦
¦                           Satellite system           X                        ¦
+-------------------------------------------------------------------------------+

Set the hostname of your local mailrelay (usually $HOSTNAME)


+------------------------------¦ Postfix Configuration ¦-------------------------------+
¦ The "mail name" is the domain name used to "qualify" _ALL_ mail addresses without a  ¦
¦ System mail name:                                                                    ¦
¦ yourmailrelay.yourlocaldomain.local_________________________________________________ ¦
+--------------------------------------------------------------------------------------+

The mail server/relay of your provider


+------------------------------¦ Postfix Configuration ¦-------------------------+
¦ SMTP relay host (blank for none):                                              ¦
¦ mail.yourmailprovider.org_____________________________________________________ ¦
+--------------------------------------------------------------------------------+

Handle for mails to postmaster and root


+------------------------------¦ Postfix Configuration ¦-------------------------+
¦ Root and postmaster mail recipient:                                            ¦
¦ ______________________________________________________________________________ ¦
+--------------------------------------------------------------------------------+

The destinations which are NOT forwarded. For these domains postfix accept mails and deliver these mails to local accounts.


+---------------------------¦ Postfix Configuration +----------------------------+
¦ Other destinations to accept mail for (blank for none):                        ¦
¦ yourmailrelay.yourlocaldomain.local, localhost________________________________ ¦
+--------------------------------------------------------------------------------+


+------------------------------¦ Postfix Configuration ¦-------------------------+
¦ Force synchronous updates on mail queue?                                       ¦
¦                                                        <No>                    ¦
+--------------------------------------------------------------------------------+

Networks from which mails are accepted


+------------------------------¦ Postfix Configuration ¦-------------------------+
¦ Local networks:                                                                ¦
¦ 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.100.0/24_________________ ¦
+--------------------------------------------------------------------------------+


+-----------------------------¦ Postfix Configuration ¦--------------------------+
¦ Use procmail for local delivery?                                               ¦
¦                       <Yes>                                                    ¦
+--------------------------------------------------------------------------------+


+------------------------------¦ Postfix Configuration ¦-----------------------+
¦ Mailbox size limit (bytes):                                                  ¦
¦ 0___________________________________________________________________________ ¦
+------------------------------------------------------------------------------+


+------------------------------¦ Postfix Configuration ¦-----------------------+
¦ Local address extension character:                                           ¦
¦ +____________________________________________________________________________¦
+------------------------------------------------------------------------------+


 +------------------------------¦ Postfix Configuration ¦----------------------+
 ¦ Internet protocols to use:                                                  ¦
 ¦                                         All                                 ¦
 +-----------------------------------------------------------------------------+

Create a SMTP Authfile /etc/postfix/smtp_auth_passwd ($SMTP_PASSWD_FILE) for the authentication at your Mailprovider
mail.yourmailprovider.org sender@yourdomain.org:yourpassword
Create the authentification hash file and set permissions

postmap hash:/etc/postfix/smtp_auth_passwd
chmod 600 /etc/postfix/smtp_auth_passwd.db

Enable Authentification

postconf -e 'relayhost=mail.yourmailprovider.org:587'
postconf -e 'smtp_use_tls=yes'
postconf -e 'smtp_sasl_auth_enable = yes'
postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth_passwd'
postconf -e 'smtp_sasl_security_options = noanonymous'
postconf -e 'inet_interfaces = all'

Restart Postfix

systemctl restart postfix.service

Also edit /etc/aliases for forwarding local E-Mails as needed. After editing you have to call newaliases to build the forwarding database.

Michael

Michls Tech Blog

Postfix: Internal Mailrelay with Auth and TLS encryption to Provider

Leave a Reply Cancel reply

My Knowledgebase for things about Linux, Windows, VMware, Electronic and so on…