Postfix is a very good SMTP relay. In this article we will study the possibility of relaying mails externally but also of relaying mails to an internal mail server (another postfix, Zimbra, Exchange…).
The relay can be used to contact a specific SMTP for one or several domains. This feature is useful to use postfix as a border SMTP and hide your mail server.
To use this feature we must declare a set of domains to relay and a transport_map (file defining domain/relay mappings). Add the following lines in the main.cf file:
relay_domains = mydomain.com
transport_maps = hash:/etc/postfix/transport
Then open/create the /etc/postfix/transport file and add the mapping. Note: if you want to use a set of sub-domains, you can use the second configuration line.
mydomain.com smtp:mylocalsmtp
.lan.mydomain.com smtp:mylocalsmtp.lan
Finally run the postalias command to generate the .db file then reload postfix:
postmap /etc/postfix/transport
service postfix reload
We will here configure a relay SMTP for sending messages. This configuration is typically used if you have a professional ADSL/SDSL line from an ISP that does not allow the use of other SMTPs.
To solve this issue, specify a relay SMTP. The relayhost directive will fix this issue. If you depend on machin.com, your ISP:
relayhost = example.com
You can also specify a specific SMTP server, without using MX resolution:
relayhost = [smtp.example.com]:25
If you need to use a failover SMTP, use the following directive:
fallback_relay = [fallbacksmtp.example.com]:25
In the case where the upstream SMTP requires authentication (Orange SMTP for instance), you will need to use SASL (enable it at compile time under FreeBSD). First enter the following lines in the main.cf file:
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
These lines will create a SASL authentication database on the SMTP client (MTA). They will also disable anonymous authentication. Now open/create the sasl_passwd file and insert the following lines:
[smtp.example.com]:25 username:password
The host notation must be identical to the relayhost. Now format the SASL database with the following command:
postmap /etc/postfix/sasl_passwd
A sasl_passwd.db file will be created, containing the SASL users.