Languages

You are here

HomeTechnology

Setting up GMail mail relay for CentOS server with Postfix

Thu, 05/09/2013 - 23:21 — peb_admin

After talking to a wall for a few weeks with Comcast about an issue I had with their mail server not relaying my mails, I decided to prove them wrong when they told me the issue was located at my end...

Here's a recap:

We use Comcast as cable provider, and we have a database of email recipients we contact
through email to announce our services.

I open here a parenthesis to vent a little: oddly enough, we are supposed to live in an open society, with freedom of choice for services, but still we are locked to only one cable provider per whichever region one lives in. How would you feel if you bought a car, and could only refuel at given gas stations?... Sounds like a monopoly, and people accept this as a matter of fact...
This being said, let's move on.

 

So, we used Comcast for about one year and a half to send emails since we needed to have a variable-length email recipients list.

 

Why not use ConstantContact, you might ask, to send emails to a list of recipients?

  1. You pay per number of recipients in your overall list of recipients;
  2. Adding recipients adds to your costs;
  3. Removing recipients DOES NOT reduce your costs - they account per any number that's added to your lists.
  4. ConstantContact did acknowledge our business model, which has a customer base that is temporary, was not suitable to their offering.
    1. Just consider: we receive new leads on a weekly basis, at a rate of 50~150 per week, and customers do unsubscribe after a certain time. These unsubscribed users are not reduced in the mind of ConstantContact.

So, my solution was to setup a mail server using CentOS, Postfix and Dovecot, and
relaying my mail through Comcast (since Comcast allows relay of up to 1000 mails/day).

 

Great plan! Now I had to find some instructions to setup the whole thing.
The Linux Mail Server Setup and Howto Guide was a great help - simple walkthrough to setup Postfix SMTP server, Dovecot POP3 and IMAP, as well as using SSL/TLS for authentication.
That website has been a gem as to how accurate and simple the process can be. With this setup, and using smtp.comcast.net, port 587 has been very good to us.

 

However, starting early February 2013, we noticed our mails were not delivered - and here's the
keyword: DELIVERED.

Looking into my logs, I've noticed the handshake to the mail server at Comcast is successful,
Comcast sending us a satisfying '250 2.0.0 2o2V1l0163nUdRY3Wo2rnn mail accepted for delivery'

 

What happened?  No one in Comcast seems to know. I've been even given 20 different answers from different helpdesk staff members, ranging from "You must use a recommended email client" to "Well, looks like the email is being delivered. Are you sure the emails you're using are accurate?"
What followed were attempts to use port 465 of Comcast (their SSL port) without much success: Comcast still denied they were holding mails.

 

So, my options go on to use Gmail. Pre-requisites to do so are:

  • Postfix
  • Dovecot
  • Authentication Certificates
  • ... a Gmail account (which goes without saying, right?)

 

Here's a map of the activity:

 

  1. Start by setting up your Postfix installation
    1. Identify the relayhost server (through the variable 'relayhost')
    2. Define the domains that this server will accept to relay for
  2. Move on to setting up a certificate if TLS is required
  3. If SASL authentication is done with Dovecot, you can cross-link it with Postfix
    1. In doing so, you'll need to generate a password database; this is simple to do, through the 'postmap' command
    2. You'll need your user and password for the relayhost you target, as defined in the main.cf postfix configuration file (found in '/etc/postfix')
  4. Once these configuration steps are done, you must restart the postfix services
    1. Use '/sbin/services postfix restart'
  5. Test Postfix through console mail commands (for instance,  'mail -s "Subject" recipient@anymaildomain.com')
    1. Upon sending emails, the message is passed onto the relay host, and the SASL password database is used to resolve the authentication.
    2. If authentication requires a certificate, it is invoked when negotiating with the mail server defined for the Postfix configuration
    3. If using SSL, the stunnel service is invoked to encrypt the message for the target mail serve
      1. The stunnel service uses a configuration file that listens on a port, which is cross-referenced from the Postfix configuration file.

Update: gMail now has a mechanism that checks for "less secured" services using the GMail SMTP application. Use this link (https://myaccount.google.com/lesssecureapps?pli=1) to toggle the "less secure" mode.

Powered by Drupal