Configure Postfix SMTP Relay (Smart Host) on CentOS 8

Jan 17, 2020 Bash, Linux

Install and Configure Postfix SMTP Smart Host on CentOS
Postfix is a Mail Transport Agent (MTA), which can be easily configured as a private relay host, passing mail to other mail servers. Unlike Sendmail, Postfix is considered a very secure MTA, offering a high level of flexibility and ease of administration.
In this article, I am configuring Postfix on CentOS 8, running on CinderCloud VPS, as SMTP smart host (relay host) using SASL authentication to send out mail further to the OVH mail server.

1. Install Postfix

Postfix should be preinstalled on CentOS 8 by default. If for some reason you don’t have the service installed, use the below command to install the relevant package:

[root@chronos ~]# dnf install postfix

2. Install SASL plugin

Package cyrus-sasl-plain contains the Cyrus SASL plugins which support PLAIN and LOGIN authentication.

[root@chronos ~]# dnf install cyrus-sasl-plain

3. Edit the configuration file

I am configuring the service to act as SMTP smart host, sending the mail to OVH mail server (ssl0.ovh.net), which is my ISP mail server, using SASL authentication (login and password).

Edit /etc/postfix/main.cf configuration file and update the below relevant lines:

...
meta_directory = /etc/postfix
myhostname = chronos
mydomain = tuxfixer.com
local_transport = error: this is a null client
myorigin = $myhostname.$mydomain
# list of trusted network addresses, that can relay through this MTA
mynetworks = 127.0.0.0/8 [::1]/128
relayhost = [ssl0.ovh.net]
disable_dns_lookups = yes

# SASL authentication 
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = static:admin@tuxfixer.com:mypassword
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = encrypt
...

4. Test the configuration

Test the configuration for any obvious errors. If the configuration is correct, the below command should not give any output:

[root@chronos ~]# postfix check

5. Start and enable Postfix service

Launch and enable Postfix daemon:

[root@chronos ~]# systemctl start postfix
[root@chronos ~]# systemctl enable postfix

6. Test the e-mail delivery

Verify the configuration by sending the test e-mail from the command line.
Prepare test e-mail body:

[gjuszczak@chronos ~]# echo "Subject: Mail Delivery Test" > /tmp/mail.txt
[gjuszczak@chronos ~]# echo "This is the example e-mail body" >> /tmp/mail.txt

Send the test e-mail using sendmail script with increased verbosity:

[gjuszczak@chronos ~]# sendmail -v admin@tuxfixer.com < /tmp/mail.txt

Monitor the system journal to check if the e-mail was successfully relayed to the OVH mail server:

[root@chronos ~]# journalctl -u postfix
...
Jan 18 00:30:05 chronos.tuxfixer.com postfix/smtpd[14611]: connect from localhost[127.0.0.1]
Jan 18 00:30:06 chronos.tuxfixer.com postfix/smtpd[14611]: 08A7F40E5250: client=localhost[127.0.0.1]
Jan 18 00:30:06 chronos.tuxfixer.com postfix/cleanup[14614]: 08A7F40E5250: message-id=<202001172330.00HNU5jv014610@chronos.tuxfixer.com>
Jan 18 00:30:06 chronos.tuxfixer.com postfix/qmgr[8420]: 08A7F40E5250: from=<gjuszczak@chronos.tuxfixer.com>, size=573, nrcpt=1 (queue active)
Jan 18 00:30:06 chronos.tuxfixer.com postfix/smtpd[14611]: disconnect from localhost[127.0.0.1] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Jan 18 00:30:07 chronos.tuxfixer.com postfix/smtp[14615]: 08A7F40E5250: to=<admin@tuxfixer.com>, relay=ssl0.ovh.net[193.70.18.144]:25, delay=1.1, delays=0.14/0.05/0.62/0.27, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as E3F06E696754)
Jan 18 00:30:07 chronos.tuxfixer.com postfix/qmgr[8420]: 08A7F40E5250: removed
...

Last but not least – check the recipient’s Inbox (or SPAM box), the test e-mail should be delivered successfully.

If for some reason the e-mail has not arrived yet, you can display mail queue on your relay host:

[root@chronos ~]# mailq

2 thoughts on “Configure Postfix SMTP Relay (Smart Host) on CentOS 8”
  1. Ensure you set vi
    /etc/postfix/main.cf
    inet_interfaces = all

    Otherwise postfix won’t listen for incoming connections on the server’s network interface only internally to the server itself.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.