Difference between revisions of "Email relay"
(Created page with "Category:Linux") |
|||
(12 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Category:Linux]] | [[Category:Linux]] | ||
+ | |||
+ | |||
+ | =Principle= | ||
+ | |||
+ | Our server will forward all emails to another SMTP server. The SMTP server we're gonna install is stupid: only local domain, no account checking, no anti-virus or spam protection. | ||
+ | |||
+ | # From a local point of view, all emails are send using Linux default configuration and system users | ||
+ | # From the other hand - the big SMTP server ("Gmail", "Outlook", ...) - all emails come from the same account | ||
+ | |||
+ | |||
+ | Principle: | ||
+ | |||
+ | [[File:SMTP server relay.png|none|SMTP server relay]] | ||
+ | |||
+ | |||
+ | As you can see, POSTFIX SMTP server will just act as a proxy between local services and Gmail. | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =When to use it ?= | ||
+ | |||
+ | If you only have a single server and want to monitor it, then use a relay! That's much easier than setup a complete email server. It's also easier to maintain! | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =Installation= | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | Choose: | ||
+ | * Internet Site | ||
+ | * Type your FQDN like: dev.daxiongmao.eu || smartcard-gw.smartcards.vehco.com | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =Configuration= | ||
+ | |||
+ | |||
+ | ==POSTFIX global conf== | ||
+ | |||
+ | Edit Postfix configuration | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | vim /etc/postfix/main.cf | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Add / adjust the SMTP relay and SASL settings (~ line 37) | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | ## SMTP relay | ||
+ | relayhost = [smtp.gmail.com]:587 | ||
+ | smtp_sasl_auth_enable = yes | ||
+ | smtp_sasl_password_maps = hash:/etc/postfix/sasl_password | ||
+ | smtp_sasl_security_options = noanonymous | ||
+ | smtp_sasl_tls_security_options = noanonymous | ||
+ | smtp_tls_policy_maps = hash:/etc/postfix/tls_policy | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Do not change the default TLS settings !! | ||
+ | |||
+ | |||
+ | ==Credentials file== | ||
+ | |||
+ | Create login / password file | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | vim /etc/postfix/sasl_password | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Put the following content | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | [smtp.gmail.com]:587 USERNAME@gmail.com:PASSWORD | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Compute new hash for postfix | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | postmap /etc/postfix/sasl_password | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | ==TLS policy== | ||
+ | |||
+ | Create TLS policy file | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | vim /etc/postfix/tls_policy | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Put the following content | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | [smtp.gmail.com]:587 encrypt | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Compute new hash for postfix | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | postmap /etc/postfix/tls_policy | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | ==Apply changes== | ||
+ | |||
+ | You must restart POSTFIX to apply changes | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | service postfix restart | ||
+ | /etc/init.d/postfix/reload | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =Test your configuration= | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | echo "Test from my new SMTP relay" | mail -s "Test Postfix SMTP relay" target@domain.com | ||
+ | |||
+ | ## Multi-users | ||
+ | echo "Test from my new SMTP relay" | mail -s "Test Postfix SMTP relay" target@domain.com,target2@domain.com | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Check your logs!! <code>cat /var/log/syslog</code> | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =Configure aliases= | ||
+ | |||
+ | To send all email address to "root" to your particular address you must create some aliases. | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | vim /etc/aliases | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | Put something like: | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | # See man 5 aliases for format | ||
+ | postmaster: root | ||
+ | root: me@mydomain.lu, you@mydomain.lu | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | Apply changes: | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | # Apply aliases to all the system | ||
+ | newaliases | ||
+ | |||
+ | # Restart postfix | ||
+ | service postfix restart | ||
+ | /etc/init.d/postfix/reload | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =Test your aliases= | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | echo "Test from my new SMTP relay" | mail -s "Test Postfix SMTP relay" root | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | =Usage= | ||
+ | |||
+ | The usage is transparent. | ||
+ | |||
+ | A lot of services like Zabbix, Nagios, Webmin... are already using the "mail" application. So you don't need to do anything on your side! :-) |
Latest revision as of 11:52, 21 January 2017
Contents
Principle
Our server will forward all emails to another SMTP server. The SMTP server we're gonna install is stupid: only local domain, no account checking, no anti-virus or spam protection.
- From a local point of view, all emails are send using Linux default configuration and system users
- From the other hand - the big SMTP server ("Gmail", "Outlook", ...) - all emails come from the same account
Principle:
As you can see, POSTFIX SMTP server will just act as a proxy between local services and Gmail.
When to use it ?
If you only have a single server and want to monitor it, then use a relay! That's much easier than setup a complete email server. It's also easier to maintain!
Installation
apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules
Choose:
- Internet Site
- Type your FQDN like: dev.daxiongmao.eu || smartcard-gw.smartcards.vehco.com
Configuration
POSTFIX global conf
Edit Postfix configuration
vim /etc/postfix/main.cf
Add / adjust the SMTP relay and SASL settings (~ line 37)
## SMTP relay
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
Do not change the default TLS settings !!
Credentials file
Create login / password file
vim /etc/postfix/sasl_password
Put the following content
[smtp.gmail.com]:587 USERNAME@gmail.com:PASSWORD
Compute new hash for postfix
postmap /etc/postfix/sasl_password
TLS policy
Create TLS policy file
vim /etc/postfix/tls_policy
Put the following content
[smtp.gmail.com]:587 encrypt
Compute new hash for postfix
postmap /etc/postfix/tls_policy
Apply changes
You must restart POSTFIX to apply changes
service postfix restart
/etc/init.d/postfix/reload
Test your configuration
echo "Test from my new SMTP relay" | mail -s "Test Postfix SMTP relay" target@domain.com
## Multi-users
echo "Test from my new SMTP relay" | mail -s "Test Postfix SMTP relay" target@domain.com,target2@domain.com
Check your logs!! cat /var/log/syslog
Configure aliases
To send all email address to "root" to your particular address you must create some aliases.
vim /etc/aliases
Put something like:
# See man 5 aliases for format
postmaster: root
root: me@mydomain.lu, you@mydomain.lu
Apply changes:
# Apply aliases to all the system
newaliases
# Restart postfix
service postfix restart
/etc/init.d/postfix/reload
Test your aliases
echo "Test from my new SMTP relay" | mail -s "Test Postfix SMTP relay" root
Usage
The usage is transparent.
A lot of services like Zabbix, Nagios, Webmin... are already using the "mail" application. So you don't need to do anything on your side! :-)