Saturday, March 25, 2017

configure secure relayhost/smarthost with authentication

 1- configure mail server by following the link below
http://www.atechnote.com/2017/03/configure-smtps-and-pop3s-useing.html


*** on relay host ******
2- create a relay-password file that contain mail server address with username and password, then use postmap to generate its db file
$ echo 192.168.58.99    user1:pass1 > /etc/postfix/relay-password
$ sudo postmap /etc/postfix/relay-password

3-  configure postfix configuration as below
- /etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 2
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = zes
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, zes, localhost.localdomain, localhost
relayhost = [192.168.58.99]:465
smtp_use_tls=yes
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = plain
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/relay-password
smtp_tls_wrappermode = yes
smtp_tls_security_level = encrypt
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all





4- restart the postfix and we can observe the log on mail server when relay host send email through it.
$ sudo /etc/init.d/postfix restart

$ tail -f /var/log/mail.log
Mar 25 09:20:45 utrusty postfix/smtps/smtpd[6590]: connect from unknown[192.168.58.23]
Mar 25 09:20:45 utrusty postfix/smtps/smtpd[6590]: 1ECCC380C7B: client=unknown[192.168.58.23], sasl_method=PLAIN, sasl_username=user1
Mar 25 09:20:45 utrusty postfix/cleanup[6594]: 1ECCC380C7B: message-id=<20170325131401.2E64B3806B6@zes>
Mar 25 09:20:45 utrusty postfix/qmgr[6335]: 1ECCC380C7B: from=<root@zes>, size=2068, nrcpt=1 (queue active)
Mar 25 09:20:45 utrusty postfix/smtps/smtpd[6590]: disconnect from unknown[192.168.58.23]
Mar 25 09:20:45 utrusty postfix/smtp[6595]: 1ECCC380C7B: to=<info@test.main>, relay=none, delay=0.03, delays=0.03/0/0/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=test.main type=MX: Host not found, try again)
Mar 25 09:23:37 utrusty postfix/qmgr[6335]: ED8B03807A9: from=<root@zes>, size=2103, nrcpt=1 (queue active)
Mar 25 09:23:37 utrusty postfix/smtp[6598]: ED8B03807A9: to=<info@test.main>, relay=none, delay=462, delays=462/0.01/0/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=test.main type=MX: Host not found, try again)

No comments:

Post a Comment