Setup Postfix with a remote SMTP relay host

Platforms:
any Linux distro

What You’ll Need:
Postfix 2.2+
cyrus-sasl 2.1.19+
email account

So here’s the scenario: you’re a LAMP developer, and you’ve got a development box at home.  You need to be able to send emails from your code or cron jobs, but you’re too lazy to set up a full fledged email server on your LAN.  Or you just want to use your email account provided by your ISP.

Enter the Postfix.

Most Linux distros come with Sendmail already installed, and is usually the default mail client used by the running services.  However, Postfix beats the crap out of Sendmail and is a complete, seamless replacement.  Here’s how I got it going on my CentOS box.

Install Postfix and cyrus-sasl with your application manager of choice.  If you’re compiling from source, be sure to make Postfix with the -DUSE_SASL_AUTH flag for SASL support.

$ yum install postfix cyrus-sasl

Stop the sendmail service

$ /etc/init.d/sendmail stop

Remove sendmail from the startup runlevels

$ chkconfig --del sendmail

Add the following to /etc/postfix/main.cf

# Set this to your server's fully qualified domain name.
# If you don't have a internet domain name,
# make one up or use your email addy's domain - it'll keep
# postfix from generating warnings all the time in the logs
mydomain = foobar.com
 
# Set this to your email provider's smtp server. 
# A lot of ISP's (ie. Cox) block the default port 25
# to prevent spamming.  So we'll use port 80
relayhost = yourisp.smtp.servername:80
 
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_type = cyrus
smtp_sasl_auth_enable = yes
 
# optional: necessary if email provider uses load balancing and
# forwards emails to another smtp server
# for delivery (ie: smtp.yahoo.com --> smtp.phx.1.yahoo.com)
smtp_cname_overrides_servername = no
 
# optional: necessary if email provider
# requires passwords sent in clear text
smtp_sasl_security_options = noanonymous

There’s roughly a 99.9% chance that your email provider’s SMTP server requires authentication.  We need to set that up with the username and password given by your email provider.

Add the following line to /etc/postfix/sasl_passwd

# The server info must exactly match the value
# for "relayhost" in /etc/postfix/main.cf
yourisp.smtp.servername:80 username:password

Generate a postfix lookup table from the previous file

$ postmap hash:/etc/postfix/sasl_passwd

Test the lookup table, if all is good then the following will return the specified username:password

$ postmap -q yourisp.smtp.servername:80 /etc/postfix/sasl_passwd

Get rid of the clear text password file

$ rm -fr /etc/postfix/sasl_passwd

Add postfix to be started at boot

$ chkconfig --add postfix

Fire up Postfix

$ /etc/init.d/postfix start

Test it out using sendmail from the command prompt

$ sendmail email@example.com
Postfix is all up in dis hizzle.
.

Troubleshooting

Monitor postfix mail log in a separate session with the following command

$ tail -f /var/log/maillog

If the log is displaying the following error

(Authentication failed: cannot SASL authenticate to server ...: no mechanism available)

then set this variable in /etc/postfix/main.cf

smtp_sasl_security_options = noanonymous

If the log is displaying this error

553 Sorry, that domain isn't in my list of allowed rcpthosts. (in reply to RCPT TO command)

check your username and password in /etc/postfix/sasl_passwd. Your user name is usually your full email address. If you have to fix it, don’t forget to use postmap to generate a new lookup table.