Monday, August 21, 2023

How to setup postfix on Ubuntu Server as a SMTP Email Relay

Setting up an SMTP Email Relay or Email Forwarder are used in organizations where applications that need to send email can where it is not dependent on an individual being logged in.  The typical example would be for email marking, but it can also be for the Photocopier in the office or any other number of commonly used devices that people use where it sends email.  The relay service allows you to use a generalized email setup by the organization.  Most commonly these are setup as "no-reply" or something to that effect.  To facilitate the setup of the mail forwarder/relay we will be using a Google Non-Profits email account.  The first thing you will need to do is setup the account, then login to the account and setup the account for use with "less secure app access".

Create the account, and set the password.  In this case I am using something called myemailservice


Then login to the account and setup "less secure app access" you can do this by using this link https://myaccount.google.com/lesssecureapps or by managing your Google Account as shown below.






Once that is done we can now do the setup for our relay server.  I am setting it up on Hyper-V using Ubuntu 22.04LTS.  I have given it 2 cores, a min 2GB Ram with dynamic memory management up to 8GB and a 40GB drive.  Obviously, networking, etc, etc, etc.  Also because it is linux don't forget to change the security boot setting to Microsoft Cert Authority.



When installing Ubuntu Server I am going to do my typical setup; minimized, no GUI, Live patching, vim, Powershell and ssh access for the default install.

After installation login and update the system, and set your timezone.  By default ETC is typically used.  If you know your timezone like I do you can manually specify it.  

sudo timedatectl set-timezone America/Edmonton


To verify the setting use the command timedatectl or ls -l /etc/localtime



Now we will install our postfix smtp relay

Install Postfix

sudo apt-get install postfix and set the mail configuration to "Internet Site"



Postfix doesn't natively support SASL authentication so we must install a module for SASL authentication support.  You can read more about it here

https://www.postfix.org/SASL_README.html

 sudo apt-get install libsasl2-modules postfix mailutils


Once installed we need to configure post fix.

sudo vi /etc/postfix/main.cf and set myhostname to the FQDN




Then we need to add the following

relayhost = [smtp.gmail.com]:587

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_sasl_security_options = noanonymous

smtp_use_tls = yes


Also don't forget to add any networks you want to be able to send email from via smtp.  You will have to add the host or network range to the mynetworks variable as shown below.


Now we need to make our password map.  This will allow us to connect to the google account we are going to use to send the emails via smtp.  The file will be located in /etc/postfix/sasl_passwd

sudo vi /etc/postfix/sasl_passwd

in the file put the following

[smtp.gmail.com]:587 $youremailaccount:$accountpassword

and save and exit.

Change the permissions of the file so it is only readable by root

sudo chmod 600 /etc/postfix/sasl_passwd

restart postfix to apply our changes.

sudo systemctl restart postfix

To test our setting use the following 

echo "This is a test email body." | mail -s "Subject" -a "From: $fromemail@yourdomain.ca" youremail@domain.ca

I also use this depreciated powershell command for testing as well

Send-MailMessage -From '$fromemail@domain.ca' -To '$toemail@domain.ca' -Subject '$SomeSubject' -smtpserver 'DNS or IP to relayserver' -port '25'

Here are some important commands you will want to keep when using the relay server

postqueue - p

run all messages 

sendmail -q

get mail queue

postqueue -f 

flush the mail queue


Sources

https://support.google.com/accounts/answer/6010255?hl=en#zippy=%2Cif-less-secure-app-access-is-on-for-your-account

https://www.faqforge.com/linux/how-to-relay-email-from-postfix-mail-server-to-gmail-on-ubuntu/

https://www.cyberciti.biz/faq/how-to-configure-postfix-relayhost-smarthost-to-send-email-using-an-external-smptd/

https://www.tutorialspoint.com/configure-postfix-to-use-gmail-smtp-on-ubuntu

https://blog.iron.io/how-to-flush-a-postfix-mail-queue/

How to fix CURL call imporitng an RSS feed on a site blocking CURL calls

There is a 3rd party service provider that my organization uses called bibliocommons.  They have these nice book carousels.  However the car...