CONFIGURE POSTFIX RELAY FOR SOCKETLABS ON CENTOS 7

PREREQUISITES

update yum
$ sudo yum update

install perl, net-tools, and telnet
$ sudo yum install perl nettools telnet

SELINUX
$ sudo vi /etc/sysconfig/selinux

SELINUX=disabled

check out
$ getenforce

Disabled

FIREWALL
$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-port=25/tcp
$ sudo firewall-cmd --reload

check it out
$ sudo firewall-cmd --list-ports

25/tcp

or check out iptables
$ sudo iptables -S

-A IN_public_allow -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT

or check directly the listening any port i.e. 25
$ sudo netstat -an | egrep '\:25.*LISTEN'

tcp       0      0 127.0.0.1:25           0.0.0.0:*               	LISTEN     
tcp6      0      0 ::1:25                 :::*                    	LISTEN

let’s configure postfix as a relay server for socket labs smtp here on haproxy1 and haproxy2
$ sudo yum install postfix cyrus-sasl-plain mailx

postfix commands
$ sudo systemctl start postfix
$ sudo systemctl stop postfix
$ sudo systemctl restart postfix
$ sudo systemctl enable postfix
$ sudo systemctl status postfix
$ sudo systemctl reload postfix

let’s edit the postfix config, we put “mail” for hostname see /etc/hostname
$ sudo vi /etc/postfix/main.cf

myhostname = mail
mydomain = na.edu
inet_interfaces = all
relayhost = [smtp.socketlabs.com]
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

to add more detail level debug messages for mail logs
$ sudo vi /etc/postfix/main.cf

debug_peer_list=smtp.socketlabs.com
debug_peer_level=3

create the smtp authentication file
$ sudo vi /etc/postfix/sasl_passwd

[smtp.socketlabs.com] serverblabla:Ps7b6JTn97Bra2Y4Hq

give the proper rights
$ sudo chmod 600 /etc/postfix/sasl_passwd

create the hash db file
$ sudo postmap /etc/postfix/sasl_passwd

reload postfix
$ sudo systemctl reload postfix


TEST RELAY LOCALLY

USING MAIL

test a mail message using mail
$ echo "This is a test." | mail -s "test message" mehmetsen80@gmail.com

follow the logs
$ sudo tail -f /var/log/maillog
$ sudo tail -100 /var/log/maillog

USING TELNET

get a base64 encoding of username
$ perl -MMIME::Base64 -e 'print encode_base64("server13304");'

b5VydmVyMTMzMDA=

get a base64 encoding of password
$ perl -MMIME::Base64 -e 'print encode_base64("Fs8b6JTn97Brq2Y4Hg");'

FnN9YjZKVG45N0JycTJZNIam

type the italic-bold commands, you’ll enter above username and password for AUTH LOGIN
$ telnet smtp.socketlabs.com 25
Trying 54.86.14.32…
Connected to smtp.socketlabs.com.
Escape character is ‘^]’.
220 r6.us-east.aws.in.socketlabs.com Hurricane Server ESMTP service ready.
EHLO socketlabs.com
250-r6.us-east.aws.in.socketlabs.com Hello [50.201.92.222]
250-PIPELINING
250-SIZE 0
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH CRAM-MD5 LOGIN
250-AUTH=LOGIN
250 OK
AUTH LOGIN
334 VXNlcm5hbWU6
b5VydmVyMTMzMDA=
334 UGFzc3dvcmQ6
FnN9YjZKVG45N0JycTJZNIam
235 2.7.0 Accepted.
mail from: <msen@na.edu>
250 2.1.0 sender msen@na.edu OK
rcpt to: <mehmetsen80@gmail.com>
250 2.1.5 recipient mehmetsen80@gmail.com OK
data
354 Send data. End with CRLF.CRLF
From:msen@na.edu
Subject:test subject

this is a test
.

250 2.0.0 Message received and queued as c80000008b34a2.
Connection closed by foreign host.


TEST RELAY REMOTELY

Let’s test the relay server remotely from another same network server
$ sudo telnet mail.na.edu 25
Trying 10.10.4.20…
Connected to mail.na.edu.
Escape character is ‘^]’.
220 mail ESMTP Postfix
helo me
250 mail
mail from:msen@na.edu
250 2.1.0 Ok
rcpt to:mehmetsen80@gmail.com
250 2.1.5 Ok
data
354 End data with .
From:msen@na.edu
Subject:Hello World

this is a damn test
.

250 2.0.0 Ok: queued as 4D1E025E46

Advertisements

2 thoughts on “CONFIGURE POSTFIX RELAY FOR SOCKETLABS ON CENTOS 7

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s