Email: Send emails via SMTP Relay

As of TurnKey v14.2, Confconsole supports SMTP relay configuration. If you are running an earlier v14.x release, then you can upgrade to the latest version of Confconsole fairly easily. Alternatively, you can use the manual config instructions below.

Also, there is some info and discussion related to older TurnKey versions on the forums.

Setup

As of v14.0 all TurnKey apps include postfix MTA. The other dependencies are libsasl2-2 & ca-certificates (although these should be installed in all TurnKey appliances already). For v14.0+ you will only need to install one additional SASL library:

apt-get install libsasl2-modules

For users of earlier TurnKey apps, this should work:

apt-get install postfix libsasl2-modules libsasl2-2 ca-certificates

Configuration

The following postfix configuration is general for all smtp relay services tested to date:

append config to /etc/postfix/main.cf :

cat >> /etc/postfix/main.cf <<EOF

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/private/cert.pem
smtp_use_tls = yes
inet_protocols = ipv4
EOF

Depending on what relay service you're using the following steps might be slightly different. The following examples show how to setup using the Gmail SMTP relay service, Elasticemail's service and Amazon SES. If you have a different service, then hopefully the below will give you some ideas to check.

 

Gmail

(It is recommended that you DO NOT use your personal gmail account for this)

add Gmail as the SMTP relay in /etc/postfix/main.cf :

sed -i "s|^relayhost =.*|relayhost = [smtp.gmail.com]:587|" /etc/postfix/main.cf

then add your username and password to /etc/postfix/sasl_passwd Replace USERNAME with your username (note for Google Apps accounts replace USERNAME@gmail.com with USERNAME@YOUR_DOMAIN.TLD) and PASSWORD with your password.

cat > /etc/postfix/sasl_passwd <<"EOF"
[smtp.gmail.com]:587    USERNAME@gmail.com:PASSWORD
EOF

run postmap on your new password file

postmap /etc/postfix/sasl_passwd

If for whatever reason you disabled TLS you'll need to allow access to your gmail account from postfix, to allow that go to the following link when logged into your google account and click "Turn On" However it is highly recommended you don't do this.

https://www.google.com/settings/security/lesssecureapps

Finally restart postfix"

service postfix restart

and you're done!

 

Elasticemail

First of all as with the gmail setup you'll need to edit /etc/postfix/main.cf and set your relayhosts to the relevant host, in this case

sed -i "s|^relayhost =.*|relayhost = [smtp.elasticemail.com]:587|" /etc/postfix/main.cf

and then you'll need to set your login details inline with the ones you find at https://elasticemail.com/account#/settings in your /etc/postfix/sasl_passwd file
 like so (replace USERNAME and PASSWORD with your username & password).

cat > /etc/postfix/sasl_passwd <<"EOF"
[smtp.elasticemail.com]:587    USERNAME:PASSWORD
EOF

now run postmap on your /etc/postfix/sasl_passwd file

postmap /etc/postfix/sasl_passwd

and restart postfix and you should be good to go!

service postfix restart

 

Amazon SES

Firstly you'll need to choose your preferred region and obtain your SMTP account details (not the same as your amazon account details). You can read about this from the following links.

http://docs.aws.amazon.com/ses/latest/DeveloperGuide/regions.html Region List

http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html SMTP Credentials

You'll also need to authenticate the email address you wish to use to send mail, you can do this from Amazon Console by clicking SES, then "Email Addresses" under "Identity Management"

 

now we'll need to edit /etc/postfix/main.cf

if you see a line with "relayhost =" replace that, otherwise add the following to the end

relayhost = [region-you-selected]:25

now you'll need to edit /etc/postfix/sasl_passwd so it has authentication to access the server with.

[region-you-selected]:25    smtp-username:smtp-password

now run

postmap /etc/postfix/sasl_passwd

and restart postfix and your server should be working

NOTE:

If you are still in sandbox mode you'll have to authenticate the addresses you send mail too as well as the addresses you send mail from.

Comments

oskar's picture

in the setup section:

it is unclear, if libsasl2 or libsasl2-modules has to be installed. if it is libsasl2-modules, it should be stated in the text, too: "libsasl2-modules & ca-certificates", if it is libsasl2, the correct package to install should be "libsasl2-2"

in the gmail section:

then edit /etc/postfix/sasl_password and add (username is email in this context)

should be

then edit /etc/postfix/sasl_passwd and add (username is email in this context)

 

 

Jeremy Davis's picture

Hopefully I've fixed it now :)