There are many reasons why you would want to configure Postfix to
send email using an external SMTP provider such as Google Apps (Gmail),
Mandrill, SendGrid, Amazon SES, or any other SMTP server. One reason is
to avoid getting your mail flagged as spam if your current server’s IP
has been added to a spam list.
In this tutorial, you will learn how to install and configure a
Postfix server to send email through Google Apps, Mandrill, or SendGrid.
Prerequisites
Before starting this tutorial, you should have:- Debian 7 installed on your Linode
- Your fully qualified domain name (FQDN)
-
All updates installed :
1
sudo apt-get update
- A valid username and password for the SMTP mail provider, such as Google Apps, Mandrill, or SendGrid
-
Make sure the libsasl2-modules package is installed and up to date:
1
sudo apt-get install libsasl2-modules
This guide is written for a non-root user. Commands that require elevated privileges are prefixed withsudo
. If you’re not familiar with thesudo
command, you can check our Users and Groups guide.
Installing Postfix
In this section, you will install Postfix and set the domain and hostname.-
Install Postfix with the following command:
1
sudo apt-get install postfix
-
During the installation, a prompt will appear asking for your General type of mail configuration.
Select Internet Site.
-
Enter the fully qualified name of your domain, fqdn.example.com.
-
Once the installation is finished, open the
/etc/postfix/main.cf
file with your favorite text editor:
1
sudo nano /etc/postfix/main.cf
-
Make sure that the myhostname parameter is configured with your server’s FQDN:
- /etc/postfix/main.cf
-
1
myhostname = fqdn.example.com
Configuring SMTP Usernames and Passwords
Usernames and passwords are generally stored in a file calledsasl_passwd
in the /etc/postfix/
directory. In this section, you’ll add your external mail provider credentials to this file and to Postfix.If you want to use Google Apps, Mandrill, or SendGrid as your SMTP provider, you may want to reference the appropriate example while working on this section.
-
Open or create the
/etc/postfix/sasl_passwd
file, using your favorite text editor:
1
sudo nano /etc/postfix/sasl_passwd
-
Add your destination (SMTP Host), username, and password in the following format:
- /etc/postfix/sasl_passwd
-
1
[mail.isp.example] username:password
If you want to specify a non-default TCP Port (such as 587), then use the following format:
- /etc/postfix/sasl_passwd
-
1
[mail.isp.example]:587 username:password
-
Create the hash db file for Postfix by running the
postmap
command:
1
sudo postmap /etc/postfix/sasl_passwd
sasl_passwd.db
in the /etc/postfix/
directory.Securing Your Password and Hash Database Files
The/etc/postfix/sasl_passwd
and the /etc/postfix/sasl_passwd.db
files created in the previous steps contain your SMTP credentials in plain text.For security reasons, you should change their permissions so that only the root user can read or write to the file. Run the following commands to change the ownership to root and update the permissions for the two files:
1 2 | sudo chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db sudo chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db |
Configuring the Relay Server
In this section, you will configure the/etc/postfix/main.cf
file to use the external SMTP server.-
Open the
/etc/postfix/main.cf
file with your favorite text editor:
1
sudo nano /etc/postfix/main.cf
-
Update the relayhost parameter to show your external SMTP relay host. Important: If you specified a non-default TCP port in the
sasl_passwd
file, then you must use the same port when configuring the relayhost parameter.
- /etc/postfix/main.cf
-
1 2
# specify SMTP relay host relayhost = [mail.isp.example]:587
Check the appropriate Google Apps, Mandrill, or SendGrid section for the details to enter here.
-
At the end of the file, add the following parameters to enable authentication:
- /etc/postfix/main.cf
-
1 2 3 4 5 6 7 8 9 10
# enable SASL authentication smtp_sasl_auth_enable = yes # disallow methods that allow anonymous authentication. smtp_sasl_security_options = noanonymous # where to find sasl_passwd smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd # Enable STARTTLS encryption smtp_use_tls = yes # where to find CA certificates smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
- Save your changes.
-
Restart Postfix:
1
sudo service postfix restart
Testing Postfix
The fastest way to test your configuration is to send an email to any unrelated email address, using themail
command:1 | echo "body of your email" | mail -s "This is a Subject" -a "From: you@example.com" recipient@elsewhere.com |
1 2 3 4 5 | sendmail recipient@elsewhere.com From: you@example.com Subject: Test mail This is a test email . |
Examples of Postfix Configurations with Different Providers
This section shows you settings for some popular mail services you can use as external SMTP servers. You may have to do some fine-tuning on your own to avoid Postfix logins being flagged as suspicious.Settings for Google Apps
Use these settings for Google Apps.-
For
/etc/postfix/sasl_passwd
, use the following configuration with your own credentials:
- /etc/postfix/sasl_passwd
-
1
[smtp.gmail.com]:587 <USERNAME@gmail.com>:PASSWORD
/etc/postfix/sasl_passwd
with:
- /etc/postfix/sasl_passwd
-
1
[smtp.gmail.com]:587 <USERNAME@yourdomain.com>:PASSWORD
-
For
/etc/postfix/main.cf
, use the following relayhost:
- /etc/postfix/main.cf
-
1
relayhost = [smtp.gmail.com]:587
-
Create the hash db file for Postfix by running the
postmap
command:
1
sudo postmap /etc/postfix/sasl_passwd
-
Restart Postfix:
1
sudo service postfix restart
Settings for Mandrill
Use these settings for Mandrill.-
For
/etc/postfix/sasl_passwd
, use the following configuration with your own credentials:
- /etc/postfix/sasl_passwd
-
1
[smtp.mandrillapp.com]:587 USERNAME:API_KEY
-
For
/etc/postfix/main.cf
, use the following relayhost:
- /etc/postfix/main.cf
-
1
relayhost = [smtp.mandrillapp.com]:587
-
Create the hash db file for Postfix by running the
postmap
command:
1
sudo postmap /etc/postfix/sasl_passwd
-
Restart Postfix:
1
sudo service postfix restart
Settings for SendGrid
Use these settings for SendGrid.-
For
/etc/postfix/sasl_passwd
, use the following configuration with your own credentials:
- /etc/postfix/sasl_passwd
-
1
[smtp.sendgrid.net]:587 USERNAME:PASSWORD
-
For
/etc/postfix/main.cf
, use the following relayhost:
- /etc/postfix/main.cf
-
1
relayhost = [smtp.sendgrid.net]:587
-
Create the hash db file for Postfix by running the
postmap
command:
1
sudo postmap /etc/postfix/sasl_passwd
-
Restart Postfix:
1
sudo service postfix restart
0 nhận xét:
Post a Comment