Mail relay with special port not working

mail

#1

I’ve created an account with SMPT2GO and want to use that as a mailrelay.

I’ve added the relayserver:
ucr set mail/relayhost=mail.smtp2go.com:465

And I’ve created a file /etc/postfix/smtp_auth. After “postmap /etc/postfix/smtp_auth” my main.cf doesn’t seem to have the required rows that indicate a password should be used. In /var/log/mail.log I see that the connection to SMTP2GO gets lost: “lost connection with mail.smtp2go.com:465 while receiving the initial server greeting”.

I assume that the credentials aren’t transferred on connecting. How can I make sure that they are used?

My smtp_auth:

mail.smtp2go.com:465      username:password

My main.cf:

[code]# Warning: This file is auto-generated and might be overwritten by

univention-config-registry.

Please edit the following file(s) instead:

Warnung: Diese Datei wurde automatisch generiert und kann durch

univention-config-registry überschrieben werden.

Bitte bearbeiten Sie an Stelle dessen die folgende(n) Datei(en):

/etc/univention/templates/files/etc/postfix/main.cf.d/10_general

/etc/univention/templates/files/etc/postfix/main.cf.d/30_maps

/etc/univention/templates/files/etc/postfix/main.cf.d/50_restrictions

/etc/univention/templates/files/etc/postfix/main.cf.d/60_tls

/etc/univention/templates/files/etc/postfix/main.cf.d/80_delivery

The message_size_limit parameter limits the total size in bytes of

a message, including envelope information. Default is 10240000

message_size_limit = 20480000

mailbox_size_limit limits the max. size of local mailboxes. Default is 51200000

mailbox_size_limit = 51200000

some basic path definitions

command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix

some basic mail system settings

myhostname = intranet.vermail.nl

mydomain is unset - The default is to use $myhostname minus the first component.

myorigin = intranet.vermail.nl
smtp_helo_name = intranet.vermail.nl

append_dot_mydomain = no

inet_interfaces = all
inet_protocols = ipv4

mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8

masquerade_domains = $mydomain
masquerade_exceptions = root

transport_maps = hash:/etc/postfix/transport

we need to name a smtp relay host to which we forward non-local

mails. smtp authentication is also possible.

relayhost = mail.smtp2go.com:465

disable_vrfy_command = no

banner

local_header_rewrite_clients =

virtual_alias_domains =

virtual_alias_maps = hash:/etc/postfix/virtual,
ldap:/etc/postfix/ldap.groups,
ldap:/etc/postfix/ldap.distlist,
ldap:/etc/postfix/ldap.sharedfolderremote,
ldap:/etc/postfix/ldap.sharedfolderlocal,
ldap:/etc/postfix/ldap.virtual

virtual_mailbox_domains = ldap:/etc/postfix/ldap.virtualdomains

virtual_mailbox_maps = hash:/etc/postfix/virtual,
ldap:/etc/postfix/ldap.groups,
ldap:/etc/postfix/ldap.distlist,
ldap:/etc/postfix/ldap.sharedfolderremote,
ldap:/etc/postfix/ldap.sharedfolderlocal,
ldap:/etc/postfix/ldap.virtual

virtual_transport = lmtp:127.0.0.1:2003

canonical_maps = hash:/etc/postfix/canonical
relocated_maps = hash:/etc/postfix/relocated

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

smtpd_sender_restrictions is not defined since all relevant checks have been moved to

smtpd_recipient_restrictions (see below) and every mail has to pass smtpd_recipient_restrictions too.

#smtpd_sender_restrictions =

smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unlisted_recipient

special recipient_restrictions which may be used by smtps/submission services

(can be configured via UCR: mail/postfix/submission/restrictions/recipient/…)

submission_recipient_restrictions =

#TLS settings
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_starttls_timeout = 300s
smtpd_timeout = 300s
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_protocols =
smtpd_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_cert_file = /etc/univention/ssl/intranet.vermail.nl/cert.pem
smtpd_tls_key_file = /etc/univention/ssl/intranet.vermail.nl/private.key

smtpd_tls_received_header = no
smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtp client

smtp_tls_security_level = may
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_exclude_ciphers = RC4, aNULL

Support broken clients like Microsoft Outlook Express 4.x which expect AUTH=LOGIN instead of AUTH LOGIN

broken_sasl_auth_clients = yes

tls logging

smtp_tls_loglevel = 0
smtpd_tls_loglevel = 0

EDH config

smtpd_tls_dh1024_param_file = /etc/postfix/dh_2048.pem
smtpd_tls_dh512_param_file = /etc/postfix/dh_512.pem

use the Postfix SMTP server’s cipher preference order instead of the remote client’s cipher preference order.

tls_preempt_cipherlist = yes

The Postfix SMTP server security grade for ephemeral elliptic-curve Diffie-Hellman (EECDH) key exchange

smtpd_tls_eecdh_grade = strong

if virus scanning is desired, all mails can be redirected through amavis.

content_filter = smtp-amavis:[127.0.0.1]:10024
[/code]


#2

Hi,

from Postfix Small/Home Office Hints and Tips:

Using Port 2525 as described in Setting Up Postfix Smarthost on Linux or other ports listed in smtp2go.com/faq should work.

Best Regards,
Dirk


#3

Thanks Dirk for hinting in the right direction!

The instructions at http://www.smtp2go.com/docs/postfix/ are for 90% right, but needed a bit of tuning.

My resulting /etc/postfix/main.cf needed to be a little bit different, as a static reference of the username and password didn’t work:

[code=]# we need to name a smtp relay host to which we forward non-local

mails. smtp authentication is also possible.

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = may
header_size_limit = 4096000
relayhost = mail.smtp2go.com:2525
relay_destination_concurrency_limit = 20

disable_vrfy_command = no
[/code]

I created a file called /etc/postfix/sasl_passwd, with the following content:

mail.smtp2go.com:2525   my.username:my_password

I then had to create the /etc/postfix/sasl_passwd.db file by doing:

postmap /etc/postfix/sasl_passwd

Then finally restarting postfix and it worked!

/etc/init.d/postfix restart