Clayton's Tech Bits

Home

Contact

Resumé / C.V.

Links

Search this site:
Custom Search

Categories:

/ (224)
  Admin/ (86)
    Apache/ (7)
      HTTPS-SSL/ (4)
    Cherokee/ (1)
    LAN/ (4)
    LVM/ (3)
    Monitoring/ (2)
      munin/ (2)
    OpenVPN/ (1)
    SSH-Proxy/ (3)
    SSH-SSL/ (6)
    backups/ (16)
      SpiderOak/ (1)
      backuppc/ (5)
      dirvish/ (1)
      misc/ (6)
      rdiff-backup/ (1)
      rsync/ (1)
      unison/ (1)
    commandLine/ (11)
    crontab/ (1)
    databases/ (8)
      MSSQL/ (2)
      MySQL/ (5)
      PostgreSQL/ (1)
    dynamicDNS/ (2)
    email/ (9)
      Dovecot/ (1)
      deliverability/ (1)
      misc/ (1)
      postfix/ (6)
    iptables/ (2)
    virtualization/ (8)
      VMware/ (1)
      virtualBox/ (7)
  Coding/ (11)
    bash/ (1)
    gdb/ (1)
    git/ (2)
    php/ (4)
    python/ (3)
      Django/ (1)
  Education/ (1)
  Hosting/ (23)
    Amazon/ (14)
      EBS/ (3)
      EC2/ (11)
    Godaddy/ (2)
    NearlyFreeSpeech/ (3)
    Rackspace/ (1)
    vpslink/ (3)
  Linux/ (20)
    Awesome/ (3)
    CPUfreq/ (1)
    Chinese/ (1)
    Debian/ (5)
      WPA/ (1)
    audio/ (1)
    encryption/ (2)
    fonts/ (1)
    misc/ (4)
    router-bridge/ (2)
  SW/ (39)
    browser/ (2)
      Chrome/ (1)
      Firefox/ (1)
    business/ (25)
      Drupal/ (8)
      KnowledgeTree/ (6)
      Redmine/ (2)
      SugarCRM/ (6)
      WebERP/ (2)
      eGroupware/ (1)
    email/ (1)
    fileSharing/ (1)
      mldonkey/ (1)
    graphics/ (2)
    research/ (2)
    website/ (6)
      blog/ (6)
        blosxom/ (3)
        rss2email/ (1)
        webgen/ (1)
  Security/ (12)
    IMchat/ (1)
    circumvention/ (2)
    e-mail/ (4)
    greatFirewall/ (1)
    hacking/ (1)
    password/ (1)
    privacy/ (1)
    skype/ (1)
  Services/ (1)
    fileSharing/ (1)
  TechWriting/ (1)
  xHW/ (13)
    Lenovo/ (1)
    Motorola_A1200/ (2)
    Thinkpad_600e/ (1)
    Thinkpad_a21m/ (3)
    Thinkpad_i1300/ (1)
    Thinkpad_x24/ (1)
    USB_audio/ (1)
    scanner/ (1)
    wirelessCards/ (2)
  xLife/ (17)
    China/ (9)
      Beijing/ (5)
        OpenSource/ (3)
    Expatriation/ (1)
    Vietnam/ (7)

Archives:

  • 2012/03
  • 2012/01
  • 2011/12
  • 2011/11
  • 2011/10
  • 2011/09
  • 2011/08
  • 2011/07
  • 2011/06
  • 2011/05
  • 2011/04
  • 2011/02
  • 2010/12
  • 2010/11
  • 2010/10
  • 2010/09
  • 2010/08
  • 2010/07
  • 2010/06
  • 2010/05
  • 2010/04
  • 2010/03
  • 2010/02
  • 2010/01
  • 2009/12
  • 2009/11
  • 2009/10
  • 2009/09
  • 2009/08
  • 2009/07
  • 2009/06
  • 2009/05
  • 2009/04
  • 2009/03
  • 2009/02
  • 2009/01
  • 2008/12
  • 2008/11
  • 2008/10
  • 2008/09

    • Subscribe XML RSS Feed

    Sat, 04 Oct 2008

    /Admin/email/postfix: Simple E-mail Server Relay

    The obvious first thing to try is an unauthenticated relay through your ISP's e-mail server: since I am a paying ADSL customer within their network, hopefully authentication will not be necessary. My ISP is China Netcom (中国网通 - “Wang Tong”). From China Netcom's e-mail web page I deduce that one of their servers is smtp.bbn.cn. If I add

    relayhost = smtp.bbn.cn
    to /etc/postfix/main.cf, my e-mails bounce with the error “530 Authentication required”, ie. for this SMTP server I need to set up a China Netcom/网通 e-mail account and use authenticated relaying.

    I then set up a bbn.cn account on http://mail.bbn.com.cn/. Note that if you are not using a China Netcom/网通 internet connection, you will get the following error message when you attempt to register: “提示:请您使用北京网通宽带接入才能购买此产品”. Also note that if you cannot read Chinese then the translation function of www.xuezhongwen.net/chindict/chindict.php is your friend.

    I then tested my new bbn.cn account's SMTP with my regular e-mail client, and it seemed to work fine. I then configured my postfix server to relay ALL e-mails through my bbn.cn account:

    First edit /etc/postfix/sasl_passwd to contain:

    smtp.bbn.cn username:password
    Restrict access to this password file:
    chown root:root /etc/postfix/sasl_passwd && chmod 600 /etc/postfix/sasl_passwd
    Create a database version of the file (sasl_passwd.db) for postfix:
    postmap hash:/etc/postfix/sasl_passwd
    Now edit /etc/postfix/main.cf to add the following lines:
    relayhost = smtp.bbn.cn
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_type = cyrus
    smtp_sasl_security_options = noanonymous
    and restart postfix:
    /etc/init.d/postfix restart
    You can then verify that your server’s outgoing e-mails are passing through smtp.bbn.cn by examining the header of a sent e-mail. Also, in /var/log/mail.log you should also see something like:
    postfix/smtp[7052]: 34CEA238D8: to=user@email.com, relay=smtp.bbn.cn[202.106.46.89]:25, delay=1388, delays=1382/0.11/5.6/0.14, dsn=2.0.0, status=sent (250 ok: Message 135909587 accepted)

    Sadly, there seems to be a problem with smtp.bbn.cn, as some of my e-mail disappeared without a trace or a bounce. Bad server. Stay away from smtp.bbn.cn.

    But the process is very easy to replicate. Next I registered for a sohu.com e-mail account at mail.sohu.com and substituted:

    relayhost = smtp.sohu.com

    in /etc/postfix/main.cf. (And don't forget the correct userid/password for your sohu.com account in /etc/postfix/sasl_passwd...)

    smtp.sohu.com seems to be reliable in the sense that they do not lose my e-mail, but if there is a lot of outgoing mail in a short period, they start refusing service and finally bounce everything for a period of time until things quiet down. In other words, a simple relay through sohu will probably work for personal e-mail, but if you have other people using your server this will probably not be the final solution.

    I am running now on a somewhat more complicated configuration: a multiple relay.

    posted at: 08:21 | path: /Admin/email/postfix | permanent link to this entry