Connect with us

Hi, what are you looking for?

Latest

Set Up SMTP Relay Between 2 Postfix SMTP Servers on CentOS/RHEL

 

Beforehand we mentioned establishing Postfix SMTP relay with mailjet, which is helpful when it’s important to use a business SMTP relay service. This tutorial will likely be exhibiting you learn how to arrange SMTP relay between 2 Postfix SMTP servers on CentOS/RHEL.

Use Case

Let’s say there are two servers: server A and server B.

  • You might have arrange a full-featured mail server on server A with Postfix because the SMTP server. You need to use it to ship emails on to recipients, as a result of port 25 isn’t blocked.
  • Later you employ server B to arrange an internet site, which must ship notification emails to customers.

You possibly can arrange one other mail server on server B, but it surely’s a waste of time and {hardware} sources. A extra wise resolution is to put in Postfix SMTP server on server B and configure it to ship emails by way of server A, which may relay emails from server B to the ultimate recipients. Server A has constructed up its IP status, so that you don’t need to construct IP status for server B.

In case you run WordPress by yourself Linux server, I like to recommend you observe this tutorial to arrange Postfix SMTP relay. This manner, you may do away with SMTP plugins in WordPress. WordPress plugins decelerate your website and they are often susceptible, such because the vulnerability discovered within the Simple WP SMTP plugin, which permits unauthorized customers to switch WordPress choices and execute malicious code. My website has been compromised as soon as, due to a vulnerability in WordPress plugin. So I do away with as many plugins as I can, after I can implement the identical performance with the underlying working system.

With out additional ado, let’s get began.

Step 1: Set up Postfix SMTP Server on Server B

Run the next instructions to put in Postfix from the default CentOS/RHEL repository. The Cyrus SASL library is required to make SASL authentication work.

sudo dnf replace

sudo dnf set up postfix cyrus-sasl cyrus-sasl-plain -y

As soon as it’s put in, begin Postfix SMTP server.

sudo systemctl begin postfix

And allow auto-start at boot time.

sudo systemctl allow postfix

Step 2: Configure Postfix on Server B

Setting the Postfix hostname

By default, Postfix SMTP server makes use of the OS’s hostname to determine itself when speaking with different SMTP server. Nonetheless, the OS hostname may change, so it’s a very good follow to set the hostname straight in Postfix configuration file with the next command. Be aware that it’s not beneficial to make use of the principle area (yourdomain.com) because the hostname.

sudo postconf -e “myhostname = www.yourdomain.com”

Setting $mydomain Parameter

The $mydomain parameter specifies the native web area identify. The default is to make use of $myhostname minus the primary element. You possibly can show the present worth of $mydomain with:

postconf mydomain

It must be your apex area identify, like

linuxbabe.com

If it’s not displaying your apex area identify, then set the $mydomain parameter with:

sudo postconf -e “mydomain = yourdomain.com”

Setting $myorigin Parameter

The $myorigin parameter specifies the default area identify that’s appended to sender and recipient addresses that don’t have any @area half. The default is to make use of the worth of $myhostname, as might be seen with:

postconf myorigin

Output:

myorigin = $myhostname

You possibly can change its worth to yourdomain.com.

sudo postconf -e “myorigin = yourdomain.com”

Setting $mydestination Parameter

The $mydestination parameter specifies the checklist of domains that your server considers itself the ultimate vacation spot for. You possibly can show the present worth of $mydestination with:

postconf mydestination

Output

mydestination = $myhostname, localhost.$mydomain, localhost

The default worth permits your Postfix SMTP server to obtain emails coming for [email protected], [email protected] and [email protected] Be aware that the worth of mydestination shouldn’t embrace your major area identify like linuxbabe.com, as a result of that may make server B as a vacation spot on your major area identify, which implies emails generated from server B for [email protected] will likely be despatched to server B itself, as an alternative of server A.

Restarting Postfix

Lastly, we have to restart Postfix for the adjustments to take impact.

sudo systemctl restart postfix

Step 3: Postfix SMTP Relay by way of port 587

Run the next command on server B to set the relayhost parameter. Substitute mail.linuxbabe.com with the hostname of your mail server.

sudo postconf -e “relayhost = [mail.linuxbabe.com]:587”

Then edit the Postfix major configuration file on server B.

sudo nano /and so forth/postfix/major.cf

Add the next strains to the top of this file to configure SASL authentication. We specify that the /and so forth/postfix/sasl_password file accommodates the username and password.

# outbound relay configurations
smtp_sasl_auth_enable = sure
smtp_sasl_password_maps = hash:/and so forth/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = could
header_size_limit = 4096000

Save and shut the file. Subsequent, it is best to create a devoted e mail account in your mail server, so server B can use this e mail account to login by way of port 587. After that, create the /and so forth/postfix/sasl_passwd file on server B.

sudo nano /and so forth/postfix/sasl_passwd

Add the SMTP relay host and SMTP credentials to this file like beneath. Substitute these values with the hostname of your individual mail server, the e-mail account and password. Discover that there’s a colon between the e-mail account and password.

[mail.linuxbabe.com]:587 [email protected]:password

Save and shut the file. Then create the corresponding hash db file with postmap.

sudo postmap /and so forth/postfix/sasl_passwd

Now it is best to have a file /and so forth/postfix/sasl_passwd.db. Restart Postfix for the adjustments to take impact.

sudo systemctl restart postfix

By default, sasl_passwd and sasl_passwd.db file might be learn by any person on the server. Change the permission to 600 so solely root can learn and write to those two recordsdata.

sudo chmod 0600 /and so forth/postfix/sasl_passwd /and so forth/postfix/sasl_passwd.db

To any extent further, Web sites on server B can use Postfix to ship emails, which will likely be relayed by your mail server. Be aware that many net purposes supplies two email-sending modes:

SMTP normally refers back to the SMTP relay perform within the net software itself and sendmail refers to utilizing the SMTP server on the underlying working system. It’s essential to select the sendmail choice with the intention to use Postfix SMTP relay. In case you put in SMTP plugin in your WordPress website, take away the SMTP plugin and WordPress will use Postfix SMTP relay.

If You Have iRedMail on Server A

In case you used iRedMail to arrange mail server on server A, then the iRedAPD coverage daemon will more likely to reject e mail relay from server B, as a result of the sender isn’t similar as SMTP authenticate username. To resolve this downside, we have to add the SMTP authentication username to the allowed checklist.

Edit the iRedAPD configuration file.

sudo nano /choose/iredapd/settings.py

Add the next line on the finish of the file. Substitute the pink textual content as crucial.

ALLOWED_LOGIN_MISMATCH_SENDERS = [‘[email protected]’]

Save and shut the file. Then restart iRedAPD for the change to take impact.

sudo systemctl restart iredapd

Stopping Spammers on Server B

Because the Postfix SMTP server on server B is just used for sending transactional emails to customers, we are able to make it listens on localhost solely, so unhealthy actors can’t ship spam to it. Run the next command on server B to make Postfix hear on localhost solely.

sudo postconf -e “inet_interfaces = loopback-only”

Restart Postfix for the change to take impact.

sudo systemctl restart postfix

Setting the From Deal with, From Title and Return-Path

By default, the From handle and From identify are the identical as the e-mail account that’s used to authenticate login, and the return-path will likely be one thing like [email protected] You possibly can set customized From handle, From identify and Return-Path in your net software.

Let’s use WordPress for instance. You possibly can add the next strains in your WordPress theme’s capabilities.php file to override the default From handle, From identify and return-path. Substitute the pink textual content as crucial. It’s best to create the From e mail handle in your mail server to stop ship failure.

// Perform to alter From e mail handle
perform wpb_sender_email( $original_email_address ) {
return ‘[email protected]’;
}

// Perform to alter sender identify
perform wpb_sender_name( $original_email_from ) {
return ‘LinuxBabe’;
}

// Set return-path the identical as From handle
perform fix_my_email_return_path( $phpmailer ) {
$phpmailer->Sender = $phpmailer->From;
}

// Hooking up our capabilities to WordPress filters
add_filter( ‘wp_mail_from’, ‘wpb_sender_email’ );
add_filter( ‘wp_mail_from_name’, ‘wpb_sender_name’ );
add_action( ‘phpmailer_init’, ‘fix_my_email_return_path’ );

Save the file and you’re achieved.

Checking E mail Sender Rating

Now it is best to go to https://www.mail-tester.com and ship an e mail from the web site on server B to the mail tester handle. Verify your sender rating and see if SPF, DKIM and DMARC would move. As you may see, I bought an ideal rating.

Set Up SMTP Relay Between 2 Postfix SMTP Servers on CentOS/RHEL

If There Are A number of Web sites on Server B

You probably have a number of web sites operating on server B, then it is advisable to use completely different relay host for every area identify. Edit the Postfix major configuration file on server B.

sudo nano /and so forth/postfix/major.cf

Add the next line within the file, which tells Postfix that we need to use completely different relayhosts for every sender area.

sender_dependent_relayhost_maps = hash:/and so forth/postfix/relay_by_sender

Then create the file.

sudo nano /and so forth/postfix/relay_by_sender

Add parameters like beneath. The lefthand aspect are the sender domains. The righthand aspect are the hostnames of the mail servers and the port quantity.

@domain1.com mail.domain1.com:587
@domain2.com mail.domain2.com:587

Save and shut the file. Then edit the SASL authentication file.

sudo nano /and so forth/postfix/sasl_passwd

Add login credentials like beneath.

mail.domain1.com [email protected]:password
mail.domain2.com [email protected]:password

Save and shut the file. Then create the hash db file.

sudo postmap /and so forth/postfix/relay_by_sender

sudo postmap /and so forth/postfix/sasl_passwd

Restart Postfix SMTP server for the adjustments to take impact.

sudo systemctl restart postfix

From right here on out, emails with domain1.com within the Envelope From handle will likely be relayed by way of mail.domain1.com and emails with domain2.com within the Envelope From handle will likely be relayed by way of mail.domain2.com. Emails with different domains names within the Envelope From handle will likely be relayed by way of the host specified for relayhost parameter.

Mail.domain1.com and mail.domain2.com can level to the identical IP handle, which implies the 2 domains are utilizing the identical mail server. You possibly can verify one of many following tutorials to host a number of domains on a single mail server.

You can too host emails on completely different servers for the 2 domains. You probably have a number of WordPress websites on server B, you also needs to change every capabilities.php file in your WordPress themes to set customized From handle and names for every area identify.

Eradicating Delicate Info from E mail Headers

By default, Postfix SMTP server will add a Acquired: e mail header, recording the IP handle of server B, which may leak the IP handle of your web site (If it’s behind CDN). You possibly can inform Postfix to disregard it. Create a header verify file on server A.

sudo nano /and so forth/postfix/smtp_header_checks

Put the next strains into the file.

/^Acquired:/ IGNORE

Save and shut the file. Then edit the Postfix major configuration file.

sudo nano /and so forth/postfix/major.cf

Add the next line on the finish of the file.

smtp_header_checks = regexp:/and so forth/postfix/smtp_header_checks

Save and shut the file. Then run the next command to rebuild hash desk.

sudo postmap /and so forth/postfix/smtp_header_checks

Reload Postfix for the change to take impact.

sudo systemctl reload postfix

Now Postfix gained’t embrace these delicate info in e mail headers. Be aware that some people might also like eradicating the MIME-Model header. I don’t suggest it, as a result of this can trigger DKIM verification failure.

Troubleshooting

If Postfix on server B can’t ship emails and you discover the next error within the mail log (/var/log/maillog),

warning: SASL authentication failure: No worthy mechs discovered

it is advisable to set up the Cyrus SASL library.

sudo dnf set up postfix cyrus-sasl cyrus-sasl-plain -y

Then restart Postfix.

sudo systemctl restart postfix

Conclusion

I hope this tutorial helped you arrange SMTP relay between 2 Postfix SMTP servers. As at all times, in case you discovered this publish helpful, then subscribe to our free publication to get extra suggestions and methods. Take care 🙂

Charge this tutorial

[Total: 0 Average: 0]

centos postfix smtp relay office 365,centos configure sendmail smtp relay,how to configure mail server in rhel 7,send email using postfix centos,postfix fallback relay,linux sendmail configuration smtp server,postfix multiple relayhost,postfix mailbox backup,backup mx server,redundant mail server,ubuntu relay email,ubuntu postfix mailjet,redhat smtp configuration,local_transport postfix,rhel smtp relay configuration,postfix rhce,centos mail gateway,mutt postfix configuration,gmail smtp centos 7,postfix sasl centos 7,send mail gmail on centos 7 server,smtp_fallback_relay,postfix send test email command line,postfix configuration centos 7,postfix relayhost,postfix allow relay from ip,reconfigure postfix,redhat sendmail configuration,redhat mail command,redhat postfix configuration,dovecot configuration in redhat linux,rhel 6 smtp server,postfix relay centos 7,linux email relay,centos postfix sasl,centos postfix password,smtp relay server configuration in centos 7,how to check smtp relay configuration in linux,postfix mail server configuration in linux step by step,install postfix centos 7,nagios postfix configuration centos,centos smtp relay,postfix mail server configuration in rhel 7

You May Also Like

Hosting

The latest round of MITRE ATT&CK evaluations proved yet again that Microsoft customers can trust they are fully protected even in the face of...

Hosting

On Thursday, April 23rd, 2020, Canonical Ltd, the makers of Ubuntu Linux distribution officially released the long-awaited Ubuntu 20.04 version code-named “Focal Fossa”, it...

Hosting

As the robot process automation (RPA) market becomes more and more dynamic, more and more companies are trying to integrate RPA into their business...

Latest

Virtual Machine Manager is one of the best hypervisors available for the Linux desktop. This is well-designed and well-functioning QEMU/KVM virtualization software that takes...