Tag: postfix

Zoho and Postfix

I’ve recently migrated to zoho to host mail on a domain I own. I also have a couple VPSs that I’d like to send email from. The sensible thing would be to relay through my Zoho account, right? Well, it’s not that easy. This one took a while…

Pre-requisites

I am configuring this on a Fedora23 server, but the dependencies should be the same on any Linux system.

dnf install postfix postfix-pcre cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain

Configuration

First of all you need the Zoho email address you want to use when relaying emails through Zoho.

Let’s say that this email address is app@planethawleywood.com

It will have a password as well, say apppassword

When configuring postfix, you edit many files. Let’s see them one by one.

Generic

The file /etc/postfix/generic maps local users to email addresses.

If email is sent to a local user such root, the address will be replaced with the one you specify.

In my case I have a single line like:

root app@planethawleywood.com

After editing this file remember to hash the file by using the command:

postmap generic

Password

The file /etc/postfix/password contains the passwords postfix has to use to connect to the smtp server.

It’s content will be something like:

smtp.zoho.com:587 app@planethawleywood.com:apppassword

You also need to hash this file

postmap password

tls_policy

The file /etc/postfix/tls_policy contains the policies to be used when sending encrypted emails by using the TLS protocol, the one I’m using in this case. Create this file if it doesn’t exist.

The file contains just this line:

smtp.zoho.com:587 encrypt

By doing so we force the use of TLS every time we send an email.

And then hash the file

postmap tls_policy

smtp_header_checks

This is the most important file in our case.

The file /etc/postfix/smtp_header_checks contains rules to be used to rewrite the headers of the emails about to be sent. Create this file too, if needed.

It rewrites the sender so that it always matches our Zoho account, app@planethawleywood.com

No more ‘Relaying disallowed’ errors!

Put this in the file, replacing your valid email address:

/^From:.*/ REPLACE From: <app@planethawleywood.com>

No need for postmap here.

main.cf

This is the main configuration file postfix uses.

Replace yourhostname with the hostname of your server, the one where postfix is installed on and that is sending emails through Zoho.

# TLS parameters
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
 
myhostname = yourhostname
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = yourhostname, localhost.com, localhost
relayhost = smtp.zoho.com:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/password
smtp_sasl_security_options =
smtp_generic_maps = hash:/etc/postfix/generic

master.cf

In the file /etc/postfix/master.cf I uncommented this line:

smtps     inet  n       -       n       -       -       smtpd

Apply the changes

Reload postfix by typing

postfix reload

Or by restarting the service

systemctl restart postfix

Test

Try sending and email from the command line:

echo "Test" | mail -s "Postfix Zoho Email test" email@domain.com

References: