Setup postfix mail server to use external SMTP with authorization
In order to be aware of everything what happens on the server (in addition to monitoring) it is useful to follow the standard emails that are sent by various server services to root. I will tell you how to set up email sending through a standard postfix with authorization on a third-party SMTP server.
This guide will be also useful for sending email through the linux console with SMTP authorization.
By default the minimal installation of the CentOS 7 distribution kit already includes the postfix mail server. I will use it. Standard server settings do not provide normal options for sending mail. Let’s do some extra steps.
It is convenient when mail addressed to the local root was sent via an external mail server to the selected mailbox. If this is not done, then it will be locally added to the /var/spool/mail/root file. There may be urgent, important and useful information that you would not want to miss. Let’s set up sending this mail to an external GMail mailbox:
yum install mailx cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain
Edit file /etc/postfix/main.cf and add correct server settings:
nano /etc/postfix/main.cf
## DEFAULT CONFIG BEGIN ######################
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = localhost
inet_protocols = all
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
## DEFAULT CONFIG END ######################
# Server name by command hostname
myhostname = ChangeIT
# Here you need to leave only the domain, but in this case it is better to leave the full server name, so that the sender includes the full server name, so it is more convenient to parse the service messages
mydomain = ChangIT.local
mydestination = $myhostname
myorigin = $mydomain
# External SMTP server address
relayhost = smtp.gmail.com:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = may
Edit file /etc/postfix/generic:
nano /etc/postfix/generic
and add correct string [email protected] at the end:
[email protected] [email protected]
Run command:
postmap /etc/postfix/generic
Create a file with user name and password for authorization:
nano /etc/postfix/sasl_passwd
smtp.gmail.com:587 [email protected]:YOURPASSWORD
Create a database file:
postmap /etc/postfix/sasl_passwd
Restart postfix:
systemctl restart postfix
Open standard root aliases located in /etc/aliases, add an external address to which mail addressed to root will be duplicated. To do this, edit the specified file, change the last line:
root: root,[email protected]
Renew aliases:
newaliases
Send test email to any address, it should come from [email protected]:
df -h | mail -s "Disk usage" [email protected]
Check email 🙂
Now all emails addressed to the local root, for example reports from cron, will be duplicated to an external mailbox, and sent via an external mail server with authorization. Your emails will be delivered normally, not getting into spam. Now it is convenient to use local sending in scripts, without setting additional parameters. Everything is already configured, you can use a simple local delivery (just end it to root).
If you need to debug mail settings, open mail log:
tail -n 10 /var/log/maillog
Done! 🙂
