Configuring an SMTP relay with Transactional Email and Postfix

• smtp
• relay
• postfix

Deploying an SMTP relay on your servers enhances your notification system, ensuring prompt alerts in case of issues, as servers typically report them via email. Moreover, it streamlines email-sending processes for software installed on the server, eliminating the need for complicated email configuration setups.

In this tutorial, you will learn how to set up Postfix and configure Transactional Email’s SMTP service to dispatch emails efficiently. For demonstration purposes, will walk through the configuration process on a MacOS system.

Before you start

To complete the actions presented below, you must have:

• A Scaleway account logged into the console
• Owner status or IAM permissions allowing you to perform actions in the intended Organization
• A valid API key with the right permissions
• Configured your domain with Transactional Email
• Installed Postfix on your local machine
• Installed stunnel on your local machine
• Opened the mail ports on your Instance
• Configured your SMTP server

Configuring Postfix with submission

1. Open a terminal and access the sasl_passwd file within Postfix, using the following command:

   nano /etc/postfix/sasl_passwd
   

2. Copy and paste the following content into the sasl_passwd file.

   [smtp.tem.scw.cloud]:587 <$SCW_USERNAME>:<$SCW_SECRET_KEY>
   

3. Replace <$SCW_USERNAME> with your username that displays in the Overview tab of your domain, in the SMTP configuration section.

4. Replace <$SCW_SECRET_KEY> with your API’s secret key.

5. Type CTRL O and press Enter to save, then type CTRL X to exit the file.

6. Access the main.cf file to configure Postfix:

   nano /etc/postfix/main.cf
   

7. Add the following lines at the end of the main.cf file. Make sure you replace <your-domain-name> with your own domain name and set the relayhost to [smtp.tem.scw.cloud]:587.

   smtpd_banner = $myhostname ESMTP $mail_name
   biff = no
   append_dot_mydomain = no
   myorigin = <your-domain-name>
   delay_warning_time = 4
   alias_maps = hash:/etc/aliases
   alias_database = hash:/etc/aliases
   mydestination = $myhostname, localhost.$mydomain, localhost
   smtp_sasl_auth_enable = yes
   smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
   smtp_sasl_security_options = noanonymous
   smtp_use_tls = yes
   relayhost = [smtp.tem.scw.cloud]:587
   mynetworks = 127.0.0.0/8
   inet_interfaces = loopback-only
   smtpd_relay_restrictions = permit_mynetworks,defer_unauth_destination,reject
   

8. Type CTRL O and press Enter to save, then type CTRL X to exit the file.

9. Use the following command to launch Postmap:

   postmap /etc/postfix/sasl_passwd
   

   Tip

   Depending on your configuration, you might need to use sudo postmap /etc/postfix/sasl_passwd to be able to launch Postmap.

10. Relaunch Postfix using the following command:

    sudo postfix reload
    

11. Use the following command to send an email. Make sure that you replace <your-domain> with your own domain and recipient@recipient.com with your recipient’s email address.

    date | mail -s "Test from postfix" -a "From:<you@your-domain>" recipient@recipient.com
    

    Important

    Keep in mind that the subject, body, and HTML of your emails must have at least 10 characters each.

12. Optionally, use mailq to see if your mail has been sent. An empty mail queue means that your email has been sent.

Configuring Postfix with a TLS port

Some providers do not let you access port 587. To solve this issue, Scaleway offers non-standard ports that are unlikely to be blocked: 2587 (SMTP) and 2465 (TLS). A workaround is to use stunnel to be able to use Postfix.

1. Open a terminal and access the smtp-wrapper.conf file using the following command:

   nano /etc/stunnel/smtp-wrapper.conf
   

2. Copy the following configuration and paste it into the smtp-wrapper.conf file:

   [smtp-tls-wrapper]
   accept = 2465
   client = yes
   connect = smtp.tem.scw.cloud:2465
   

3. Type CTRL O and press Enter to save, then type CTRL X to exit the file.

4. Start stunnel by running the following command:

   stunnel /etc/stunnel/smtp-wrapper.conf
   

5. Open a new terminal and access your sasl_passwd file within Postfix using the following command:

   nano /etc/postfix/sasl_passwd
   

6. Copy the following configuration and paste it into your file:

   [localhost]:2465 <$SCW_USERNAME>:<$SCW_SECRET_KEY>
   

7. Replace <SCW_USERNAME> with your username that displays in the Overview tab of your domain, in the SMTP configuration section.

8. Replace <$SCW_SECRET_KEY> with your API’s secret key.

9. Type CTRL O and press Enter to save, then type CTRL X to exit the file.

10. Access your main.cf file using the following command:

    nano /etc/postfix/main.cf
    

11. Replace relayhost = [smtp.tem.scw.cloud]:587 with relayhost = [localhost]:2465.

12. Type CTRL O and press Enter to save, then type CTRL X to exit the file.

13. Use the following command to launch Postmap:

    postmap /etc/postfix/sasl_passwd
    

    Tip

    Depending on your configuration, you might need to use sudo postmap /etc/postfix/sasl_passwd to be able to launch Postmap.

14. Relaunch Postfix using the following command:

    sudo postfix reload
    

15. Use the following command to send an email. Make sure that you replace <your-domain> with your own domain and recipient@recipient.com with your recipient’s email address.

    date | mail -s "Test from postfix" -a "From:<you@your-domain>" recipient@recipient.com
    

    Important

    Keep in mind that the subject, body, and HTML of your emails must have at least 10 characters.

16. Optionally, use mailq to see if your email was sent. An empty mail queue means that your email was sent.