1

So, after a long trek around the blog-o-tubes, I arrive here.

I'm trying to set up email for my domain. I don't really want to do my own email hosting with my own mailserver, especially since my teeny tiny VPS instance is probably straining under the weight of running a webserver+app server+DB+the various message passing frameworks (hosting a prototype webapp)

I want to use my GMail address to send and receive email using my VPS as a relay - I set up email forwarding already using Postfix, so if someone sends something to "[email protected]" it lands in my GMail account. Yay!

But now I want to respond from my GMail account, and have it forwarded to the recipient, with my domain specific email showing in the From: field. It'd be nice if everything could be done over SSL/TLS as well, for forwarding from my server to GMail, as well as requiring (or strongly preferring) it for incoming send/receive email connections. But I'm a bit lost in the master.cf/main.cf/iptables.rules files at the moment.

I just tried to close port 25 and open port 587 in iptables.rules (I understand 465 is now deprecated for SMTPS?), just to see what would happen, and incoming emails were just rejected according to the syslog - Google was trying to connect to port 25 still. But I guess I have to actually tell postfix to prefer SMTPS on 587? Is that the "smtps inet ...." line or the "submission inet..." line that I have to uncomment? And I understand that I can point my gmail account at an SMTP server, but then how do I actually create users for postfix? Do I actually create user accounts with useradd (bad, more attack "surface"), or can I create "virtual" accounts just for postfix to send mail with? In both cases, SSL/TLS seems kind of mandatory at least for the auth step...

So far I created some self-signed certs and told Postfix where they are, but now I'm kinda stuck: what ports do I open, what...err...things do I point at other things...how do I tell incoming connections "yo, encrypt yo'self homeboy"?

I've struggled with this for quite a while, and had a look through quite a few guides, but most were geared towards setting up a full mail stack, which I don't really want to do (out of resource-scarcity rather than laziness :P)

Improve this question

1 Answer 1

Reset to default
0

  1. Follow this Ubuntu Postfix Guide to configure postfix, pay attention for sasl setup. That is for postfix authentication. Submission port will be 587.

  2. Create Linux user(eg bobbytables) for email address [email protected].

    sudo adduser bobbytables

  3. SASL Check List

    Go through the SASL check list in this post to make sure sasl configuration is complete.

Improve this answer
8
  • Is there a way to have email addresses without having corresponding system accounts? Like, virtual users? A few guides imply this, but then it seems to require using an actual mailserver like Courier.
    – user1843053
    Commented Feb 7, 2013 at 20:30
  • Courier is not required. However in this case using actual linux user is the easiest way. Setting up mysql tables with virtual domain and users seems way overkill in this situation. You can also check out my blog, the way I did it was even more lazier, lol.
    – John Siu
    Commented Feb 7, 2013 at 20:54
  • So I created the bobbytables user, set a password and tried to "Add another email address you own" on GMail. It threw a Postfix 535 error when trying to connect on :465 using TLS. This led me to: cyberciti.biz/faq/rhel-linux-postfix-sasl-authentication-error which I gave a go, and still, 535. I know I'm not mistyping the password, so what am I missing? @JohnSiu, basic forwarding already works for me, it's just responding with the domain email that's left to sort out :) The Ubuntu walkthrough was useful for securing the connections though, thanks!
    – user1843053
    Commented Feb 7, 2013 at 22:33
  • Port 465 is for smtp ssl, or smtps. If you are connecting to that port, choose SSL in your client, not TLS. If you use want to use TLS, choose port 587.
    – John Siu
    Commented Feb 7, 2013 at 23:42
  • Can you post your /etc/postfix/sasl/smtpd.conf?
    – John Siu
    Commented Feb 8, 2013 at 0:27

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .