Development

Postfix Relayhost Setup

Jussi Kaijalainen

1 min read
Postfix Relayhost Setup

Cloud service providers such as Amazon often prevent email sending by default on their EC2 instances to stop spammers. This can be a nuisance when you want to send legit email. You can request for this restriction to be removed, but it can be a bit of a black box if and when they will accept your request.

Here's a quick guide how to configure your postfix with a relayhost to send emails through a third party email gateway such as Sendgrid, Mailgun, or Mandrill. The steps are for Ubuntu, but should be adaptable for most linux based systems.

  1. Install postfix sudo apt-get install postfix
  2. Copy and modify the config from the bottom of this post to /etc/postfix/main.cf
  3. Replace at least relayhost and smtp_sasl_password_maps in the config with your own configuration
  4. Create /etc/mailname file if it's not there yet and put in your preferred hostname
  5. Restart postfix sudo systemctl restart postfix
  6. Install sendemail sudo apt install sendemail
  7. Test sending an email sendemail -f [email protected] -t [email protected] -u Subject -m "message" -o tls=no
  8. Check your logs tail /var/log/syslog -f to see if any issues cropped up
  9. Remember to configure the sending domain in your email service provider
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no

smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname
relayhost = smtp.mailgun.org
smtp_sasl_auth_enable = yes=
smtp_sasl_password_maps = static:[email protected]:your_secret_key
smtp_sasl_security_options = noanonymous
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = all
local_recipient_maps =