Configuring Postfix in RHEL 7 to relay emails through Zoho Mail

Below is a guide on how to setup Postfix mail server on RHEL 7 to relay emails through Zoho Mail.

There are a number of reasons as to why you would want to use an external SMTP server to relay your emails. You can configure it with with your application to send email alerts. You can also use it to relay emails if you happen to have your IP address blacklisted.

Also, using an external SMTP provider is one way to ensure that your email isn’t flagged as spam. This however is not a loophole to send spam emails. The mail service providers have extensive measures put in place to ensure users don’t abuse the email service.

Prerequisites:

  • A fully qualified domain name.
  • A valid username and password for Zoho Mail.

Installing Postfix and Mailutils

yum install postfix mailutils

Create a file to store your account details and smtp server details.

vi /etc/postfix/sasl_passwd

smtp.zoho.com [email protected]:password 

Now we need to hash the postfix password and set proper permissions and set proper permissions on the original file.

The postmap command is used to hash the postfix password.

postmap sasl_passwd

Since this file contains SMTP credentials in plain text, the permissions and ownership should be edited such that only the root user can read and write the file.

 chown root:root /etc/postfix/sasl_passwd/etc/postfix/sasl_passwd.db
 chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db 

Configuring the Relay Server

Open /etc/postfix/main.cf , which is the main configuration file, with your favorite text editor and add the following configurations.

vi /etc/postfix/main.cf

 # specify SMTP relay host
 relayhost = [smtp.zoho.com]:587
 # enable SASL authentication
 smtp_sasl_auth_enable = yes
 # disallow methods that allow anonymous authentication.
 smtp_sasl_security_options = noanonymous
 # where to find sasl_passwd
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 # Enable STARTTLS encryption
 smtp_use_tls = yes
 smtp_tls_wrappermode = yes
 smtp_tls_security_level = encrypt
 # where to find CA certificates
 smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
 smtp_tls_session_cache_timeout = 3600s
 sender_canonical_classes = envelope_sender, header_sender
 sender_canonical_maps = regexp:/etc/postfix/sender_canonical
 smtp_header_checks = regexp:/etc/postfix/smtp_header_checks 


Create /etc/postfix/sender_canonical and put in your Zoho email address:

/.+/ [email protected]

Create /etc/postfix/smtp_header_checks and put in your Zoho email address

/From:.*/ REPLACE From: [email protected]

Save the changes once done, reload postfix and use the command below to send a test message.

service postfix restart

echo “test message” | mailx -s “test subject” [email protected]

In case of any issues, check out /var/log/maillog to troubleshoot

Leave a Reply

Your email address will not be published.