How to configure Postfix relay in Centos 7

What is Postfix Relay ?

Postfix is a flexible mail server that is available on most Linux distribution. Though a full feature mail server, Postfix can also be used as a simple relay host to another mail server, or smart host. In this post we will describe how to configure Postfix as a relay through Gmail.

Simple Authentication and Security Layer (SASL) is a standard authentication framework supported by many services including Postfix.

Basic Requirements :

  • CentOS 7 or Red Hat Enterprise Linux 7
  • Valid Gmail or Google App credentials

Our Scenario :

Server Name – dlp.server.world

IP – 192.168.0.100

Configuration :

Step 1 : Install the packages like : Mailx, Postfix & SASL Authetication framework.

[#] yum -y install Postfix mailx cyrus-sasl-plain 1

Step 2 : Postfix will need to be restarted before the SASL framework will be detected.

[#] systemctl start postfix

[#] systemctl restart postfix 

1.PNG

Step 3 : Postfix should also be set to start on boot.

[#] systemctl enable postfix

1

Step 4 : Open the /etc/postfix/main.cf

1

Now install the following lines at the end of the file.

myhostname = dlp.server.world

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

1.PNG

Step 5 : Configure the Postfix SASL Credentials

In this scenario we are using gmail as a postfix relay, so gmail credentials must now be added for authentication. Create a /etc/postfix/sasl_passwd file and add following line:

 [smtp.gmail.com]:587 username:password

1.PNG

1

The username and password values must be replaced with valid Gmail credentials. The sasl_passwd file can now be saved and closed.

A Postfix lookup table must now be generated from the sasl_passwd text file by running the following command.

[#] postmap /etc/postfix/sasl_passwd

1

Access to the sasl_passwd files need to be restricted for the security purpose.

[#] chown root:postfix /etc/postfix/sasl_passwd*

1

[#] chown 640 /etc/posfix/sasl_passwd*

1.PNG

Now  reload the Postfix configuration.

[#] systemctl reload postfix

1.PNG

Step 6 : Now we will the test by sending the test mail to email id

Use the mail command to test the relay.

[#] echo ” this is a test mail.” | mail -s “test message” user@gmail.com

1.PNG

The destination address should receive the test message.

The maillog can be reviewed if the test message is not successfully delivered. Open another shell and run tail while performing another test.

[#] tail -f /var/log/maillog

1

If there are not enough details in the maillog to determine the problem, then the debug level can be increased by adding the following lines to the /etc/postfix/main.cf.

debug_peer_list=smtp.gmail.com
debug_peer_level=3

The Postfix configuration must be reloaded after updating the main.cf file.

[#] systemctl reload postfix.

                                   !!!!!!!!!!!!!!! Postfix Relay Successfully Completed !!!!!!!!!!!!!

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s