September 2010
« Aug   Oct »

Sending mails in postfix through external smtp

I have a requirement to enable smtp on all desktops to send the emails to web. But normally those mails send from this untrusted network will cause third party smtp servers to treat this spam mail when the source address is listing the private ips we used and whenever the no. of mails increases from the network.

What I’m planning to do is

1. Install a open relay server in LAN which is using trusted thrid party email account to send the mail.
2. Configure postfix on each desktops to use this as relay server in LAN.
3. Configure php.ini and pointing this out as smtp server for local mails.

Installing open relay server in LAN
#yum install postfix*
#chkconfig postfix on
Now you need to know the ip address of your trusted email smtp providers. Normally it would be resolve the ip of and identify the ip showing on it.

Add the following lines at the end of “/etc/postfix/

relayhost = <SMTP server IP>
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtp_sasl_password_maps = hash:/etc/postfix/smtp_passwd
smtp_sasl_type = cyrus
smtp_sasl_auth_enable = yes
smtp_cname_overrides_servername = no
smtp_sasl_security_options = noanonymous

Now we need to configure the smtp account details to Postfix server.
#vi /etc/postfix/smtp_passwd
Add the entry like this
SMTP server ip :port username:password

An eg. should like this, save and exit.

Now you need to run the following command,
# postmap hash:/etc/postfix/smtp_passwd

Verify the configuration by,
$ postmap -q smtp.IP:25 /etc/postfix/smtp_passwd will returns user:password

It’s the time for verifying all the settings made.

#service postfix restart

Ensure the smtp is running
[root@rc-016 ~]# netstat -nlp | grep “:25″
tcp 0 0* LISTEN 23589/master

Sending a test mail to verify whether it’s working,
[root@rc-016 ~]# echo ” SMTP relay mail” | mail -s “Relay mail from new office LAB”

Verify the mail delivery,
[root@rc-016 ~]# tail -f /var/log/maillog
Sep 15 23:13:55 rc-016 postfix/smtp[23600]: 98F227C060B: to= , relay=[]:25, delay=4.3, delays=0.05/0.01/2.1/2.2, dsn=2.0.0, status=sent (250 Accepted message qp 21658 bytes 734)
Sep 15 23:13:55 rc-016 postfix/qmgr[23592]: 98F227C060B: removed

Which is showing ,I have success with email delivery to my smtp server and I should be get a new mail in my inbox :-)

Configuring it as a open reply sever in LAN

We need to configure this server listening to all adapters to ensure that other desktops can contact it and this relay access is limited to only from our LAN. There is no any authentication to send email from the LAN.
a.Open the file “/etc/postfix/main.cnf”
uncomment the line and modified it with respect to our network. Assuming that my network is

mynetworks =,
inet_interfaces = all
[root@rc-016 ~]# vi /etc/postfix/
[root@rc-016 ~]# service postfix restart
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                              [  OK  ]
[root@rc-016 ~]# netstat -nlp | grep ":25"
tcp        0      <strong>0</strong>        *                   LISTEN      23763/master
[root@rc-016 ~]#

Now you need to verify whether we can forward all the mails using this server,

Login to other desktops on the LAN and verify you can contact the open relay smtp server.

$telnet 25
Connected to (
Escape character is ‘^]’.
220 rc-016.localdomain ESMTP Postfix

Configuring mail server on Desktop to use this as relay server

Now you need to install postfix in the server.
#yum install postfix*
#chkconfig postfix on
#vi /etc/postfix/
uncomment the line and the relay server IP

relayhost =

#service postfix restart

Sending a test email to verify it’s working,

[root@rc-016 ~]# echo ” SMTP relay mail” | mail -s “Relay mail from new office LAB”
check the open relay server’s “/var/log/maillog” to check whether it can communicate with the mails coming from Desktops.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>