Software >> OS >> Unix >> Linux >> RHEL >> 7 >> RHCE >> Section 8 - SMTP

 

Configure a system to forward all email to a central mail server


### Install and configure postfix
and cyrus-sasl

[root@rhel7server1 services]# yum install -y postfix cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain

[root@rhel7server1 services]# cd /etc/postfix

[root@rhel7server1 postfix]# vi main.cf


## use the following settings

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
#inet_interfaces = localhost
inet_protocols = all
#mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options=noanonymous
smtp_sasl_tls_security_options=noanonymous

inet_interfaces = loopback-only
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = $myhostname

mydestination =
local_transport = error: local delivery disabled


## Example, turning ON the "use of less secure protocol" (temporarily) for this demo !!


Account -> Security ->

## Change back to OFF after the test !!


## create sasl passwd file

[root@rhel7server1 postfix]# vi sasl_passwd

/etc/postfix/sasl_passwd
[smtp.gmail.com]:587 your_id@gmail.com:your_password


## If not using gmail, but AWS SES as the relay host, replace similar to below.  You must have a working AWS SES configured

/etc/postfix/main.cf
...
relayhost = [email-smtp.ap-southeast-2.amazonaws.com]:587
...

/etc/postfix/sasl_passwd

[email-smtp.ap-southeast-2.amazonaws.com]:587 <aws-ses-credential-username>:
<aws-ses-credential-password>



## set owner and permission and create the hash for the sasl passwd file

[root@rhel7server1 postfix]# postmap sasl_passwd

[root@rhel7server1 postfix]# chown root:postfix sasl_passwd

[root@rhel7server1 postfix]# chmod 640 sasl_passwd

[root@rhel7server1 postfix]# postmap sasl_passwd


## enable and start postfix service

[root@rhel7server1 postfix]# systemctl enable postfix

[root@rhel7server1 postfix]# systemctl start postfix


## send test email from the same machine

## mail command line options : -r sets the from address, -s sets the subject

[root@rhel7server1 ~]# mail -s "rhce objective - Configure a system to forward to a central mail server" webmaster@myfaqbase.com
Hi webmaster

Let me know if you can receive this email

regards
.
EOT


## ALTERNATIVELY if the SMTP relay host has a restriction on the sender (from) email address, then

[root@rhel7server1 ~]# mail -s "rhce objective - Configure a system to forward to a central mail server" -r allowedsender@somedomain.com webmaster@myfaqbase.com
....


## tail /var/log/maillog

[root@rhel7server1 ~]# tail /var/log/maillog

Jun 18 05:22:27 rhel7server1 postfix/pickup[11166]: 0050361511E6: uid=0 from=<root>
Jun 18 05:22:27 rhel7server1 postfix/cleanup[11526]: 0050361511E6: message-id=<20200618092227.0050361511E6@rhel7server1.localdomain>
Jun 18 05:22:27 rhel7server1 postfix/qmgr[11167]: 0050361511E6: from=<root@rhel7server1.localdomain>, size=592, nrcpt=1 (queue active)
Jun 18 05:22:29 rhel7server1 postfix/smtp[11528]: 0050361511E6: to=<webmaster@myfaqbase.com>, relay=smtp.gmail.com[74.125.68.108]:587, delay=2.7, delays=0.17/0.14/1.5/0.91, dsn=2.0.0, status=sent (250 2.0.0 OK  1592472149 w22sm2334753pfq.193 - gsmtp)
Jun 18 05:22:29 rhel7server1 postfix/qmgr[11167]: 0050361511E6: removed



## mail received




 back to Objectives