Hi All,
I have set up three servers in a development environment. Via CR they're updated to Centos 6.2
It appears that these servers have postfix installed on them by default, which unfortunately I'm not very well acquainted with.
All I want is a quick and dirty way to enable these hosts to send email through my own SMTP host.
My (sendmail) SMTP host uses SMTP AUTH on a non-standard port and my dev (virtual env) runs off my laptop, so a dynamic IP.
Does anyone have a quick and dirty configuration for setting up postfix to forward all remote mail through my smarthost?
I'm guessing that I can put the hostname, the port, and the username and password somewhere in the postfix configuration and it will just work...
Many Thanks in Advance,
Giles
On 01/10/2012 05:54 PM, Giles Coochey wrote:
Hi All,
I have set up three servers in a development environment. Via CR they're updated to Centos 6.2
It appears that these servers have postfix installed on them by default, which unfortunately I'm not very well acquainted with.
All I want is a quick and dirty way to enable these hosts to send email through my own SMTP host.
My (sendmail) SMTP host uses SMTP AUTH on a non-standard port and my dev (virtual env) runs off my laptop, so a dynamic IP.
Does anyone have a quick and dirty configuration for setting up postfix to forward all remote mail through my smarthost?
I'm guessing that I can put the hostname, the port, and the username and password somewhere in the postfix configuration and it will just work...
Many Thanks in Advance,
Giles
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
/etc/postfix
Edit main.cf
# The relayhost parameter specifies the default host to send mail to # when no entry is matched in the optional transport(5) table. When # no relayhost is given, mail is routed directly to the destination. # # On an intranet, specify the organizational domain name. If your # internal DNS uses no MX records, specify the name of the intranet # gateway host instead. # # In the case of SMTP, specify a domain, host, host:port, [host]:port, # [address] or [address]:port; the form [host] turns off MX lookups. # # If you're connected via UUCP, see also the default_transport parameter. # #relayhost = $mydomain #relayhost = [gateway.my.domain] #relayhost = uucphost #relayhost = [an.ip.add.ress]
I would recommend reading up on the configurations .
On 11/01/2012 00:31, Mail Lists wrote:
On 01/10/2012 05:54 PM, Giles Coochey wrote:
Hi All,
I have set up three servers in a development environment. Via CR they're updated to Centos 6.2
It appears that these servers have postfix installed on them by default, which unfortunately I'm not very well acquainted with.
All I want is a quick and dirty way to enable these hosts to send email through my own SMTP host.
My (sendmail) SMTP host uses SMTP AUTH on a non-standard port and my dev (virtual env) runs off my laptop, so a dynamic IP.
Does anyone have a quick and dirty configuration for setting up postfix to forward all remote mail through my smarthost?
I'm guessing that I can put the hostname, the port, and the username and password somewhere in the postfix configuration and it will just work...
/etc/postfix
Edit main.cf I would recommend reading up on the configurations .
I don't really have the enerygy to do that, thanks anyway. I'll uninstall postfix and use sendmail. Just thought maybe there was a quick way to keep the default MTA on the system.
On 01/11/12 12:50 AM, Giles Coochey wrote:
I don't really have the enerygy to do that, thanks anyway. I'll uninstall postfix and use sendmail. Just thought maybe there was a quick way to keep the default MTA on the system.
the first google hit on 'postfix smarthost' says to change/add the line
relayhost = your.server.com
to the main.cf file, and restart postfix... seems simple enough.
this is the 2nd or third hit, it expounds on that and shows how to setup SASL authentication with the smarthost... http://www.cyberciti.biz/faq/postfix-smtp-authentication-for-mail-servers/
On Wed, January 11, 2012 10:09, John R Pierce wrote:
On 01/11/12 12:50 AM, Giles Coochey wrote:
I don't really have the enerygy to do that, thanks anyway. I'll uninstall postfix and use sendmail. Just thought maybe there was a quick way to keep the default MTA on the system.
the first google hit on 'postfix smarthost' says to change/add the line
relayhost = your.server.comto the main.cf file, and restart postfix... seems simple enough.
this is the 2nd or third hit, it expounds on that and shows how to setup SASL authentication with the smarthost... http://www.cyberciti.biz/faq/postfix-smtp-authentication-for-mail-servers/
I forgot to mention that I had already googled. My smarthost doesn't use SASL, just STARTTLS - I have tried all those options to no avail.. Perhaps some combination of options might work... but which... I was just hoping someone else had done this before.
Dear Giles,
I think you're searching for this.
$ cat /etc/postfix/main.cf myorigin=yourdomain.com relayhost=your.smarthost.com smtp_sasl_auth_enable=yes ## you probably want to limit how postfix authenticates # smtp_sasl_security_options=noanonymous # smtp_sasl_mechanism_filter=login smtp_sasl_password_maps=hash:/etc/postfix/relay_password ## if something doesn't work and you need detailed(!!) logs #debug_peer_list=your.smarthost.com #debug_peer_level=3 smtp_use_tls=yes #inet_interfaces = loopback-only #local_transport = error: disabled unknown_local_recipient_reject_code = 450
$ cat /etc/postfix/relay_password your.smarthost.com yourusername:yourpassword
$ postmap /etc/postfix/relay_password $ service postfix reload
You can check out the commented option in the man pages or http://www.postfix.org/postconf.5.html if you're interested later/have some spare time/if it doesn't work ;-)
Brgds
On 11/01/2012 10:33, Benjamin Hackl wrote:
$ cat /etc/postfix/main.cf myorigin=yourdomain.com relayhost=your.smarthost.com smtp_sasl_auth_enable=yes ## you probably want to limit how postfix authenticates # smtp_sasl_security_options=noanonymous # smtp_sasl_mechanism_filter=login smtp_sasl_password_maps=hash:/etc/postfix/relay_password ## if something doesn't work and you need detailed(!!) logs #debug_peer_list=your.smarthost.com #debug_peer_level=3 smtp_use_tls=yes #inet_interfaces = loopback-only #local_transport = error: disabled unknown_local_recipient_reject_code = 450
This is very much nearly what I got to. Note though that outbound port 25 is blocked, but my smarthost listens on the submission port as well if auth is used. So my relayhost line says:
relayhost=my.smarthost.com:587
On my relayhost maillog I can see the connection appears, but mails are bounced with:
530 5.7.0 Authentication required (in reply to MAIL FROM command)
$ cat /etc/postfix/relay_password your.smarthost.com yourusername:yourpassword
I have tried my.smarthost.com username:password
and
[my.smarthost.com]:587 username:password
and
my.smarthost.com:587 username:password
With various entries in main.cf to co-incide with these... (and remembering to run postmap each time).
$ postmap /etc/postfix/relay_password $ service postfix reload
You can check out the commented option in the man pages or http://www.postfix.org/postconf.5.html if you're interested later/have some spare time/if it doesn't work ;-)
The line I get in the logs on my smarthost is:
Jan 11 18:31:35 gate sendmail[17441]: STARTTLS=server, relay=188.29.xxx.xxx.threembb.co.uk [188.29.xxx.xxx], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256
The mail just bounces back to the sender, nothing else on the smarthost logs.
On 11/01/2012 17:36, Giles Coochey wrote:
On 11/01/2012 10:33, Benjamin Hackl wrote:
$ cat /etc/postfix/main.cf myorigin=yourdomain.com relayhost=your.smarthost.com smtp_sasl_auth_enable=yes ## you probably want to limit how postfix authenticates # smtp_sasl_security_options=noanonymous # smtp_sasl_mechanism_filter=login smtp_sasl_password_maps=hash:/etc/postfix/relay_password ## if something doesn't work and you need detailed(!!) logs #debug_peer_list=your.smarthost.com #debug_peer_level=3 smtp_use_tls=yes #inet_interfaces = loopback-only #local_transport = error: disabled unknown_local_recipient_reject_code = 450
I was missing:
smtp_sasl_mechanism_filter <postconf.5.html#smtp_sasl_mechanism_filter> = !gssapi
Something about GSSAPI auth meant it was tried first, failed, and failed permanently.
Disabling that, and it works.
-
Benjamin Hackl -
Giles Coochey -
John R Pierce -
Mail Lists