PREREQUISITES
update yum
$ sudo yum update
install perl, net-tools, and telnet
$ sudo yum install perl nettools telnet
SELINUX
$ sudo vi /etc/sysconfig/selinux
SELINUX=disabled
check out
$ getenforce
Disabled
FIREWALL
$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-port=25/tcp
$ sudo firewall-cmd --reload
check it out
$ sudo firewall-cmd --list-ports
25/tcp
or check out iptables
$ sudo iptables -S
-A IN_public_allow -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW -j ACCEPT -A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
or check directly the listening any port i.e. 25
$ sudo netstat -an | egrep '\:25.*LISTEN'
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp6 0 0 ::1:25 :::* LISTEN
let’s configure postfix as a relay server for socket labs smtp here on haproxy1 and haproxy2
$ sudo yum install postfix cyrus-sasl-plain mailx
postfix commands
$ sudo systemctl start postfix
$ sudo systemctl stop postfix
$ sudo systemctl restart postfix
$ sudo systemctl enable postfix
$ sudo systemctl status postfix
$ sudo systemctl reload postfix
let’s edit the postfix config, we put “mail” for hostname see /etc/hostname
$ sudo vi /etc/postfix/main.cf
myhostname = mail
mydomain = na.edu
inet_interfaces = all
relayhost = [smtp.socketlabs.com]
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
to add more detail level debug messages for mail logs
$ sudo vi /etc/postfix/main.cf
debug_peer_list=smtp.socketlabs.com
debug_peer_level=3
create the smtp authentication file
$ sudo vi /etc/postfix/sasl_passwd
[smtp.socketlabs.com] serverblabla:Ps7b6JTn97Bra2Y4Hq
give the proper rights
$ sudo chmod 600 /etc/postfix/sasl_passwd
create the hash db file
$ sudo postmap /etc/postfix/sasl_passwd
reload postfix
$ sudo systemctl reload postfix
TEST RELAY LOCALLY
USING MAIL
test a mail message using mail
$ echo "This is a test." | mail -s "test message" mehmetsen80@gmail.com
follow the logs
$ sudo tail -f /var/log/maillog
$ sudo tail -100 /var/log/maillog
USING TELNET
get a base64 encoding of username
$ perl -MMIME::Base64 -e 'print encode_base64("server13304");'
b5VydmVyMTMzMDA=
get a base64 encoding of password
$ perl -MMIME::Base64 -e 'print encode_base64("Fs8b6JTn97Brq2Y4Hg");'
FnN9YjZKVG45N0JycTJZNIam
type the italic-bold commands, you’ll enter above username and password for AUTH LOGIN
$ telnet smtp.socketlabs.com 25
Trying 54.86.14.32…
Connected to smtp.socketlabs.com.
Escape character is ‘^]’.
220 r6.us-east.aws.in.socketlabs.com Hurricane Server ESMTP service ready.
EHLO socketlabs.com
250-r6.us-east.aws.in.socketlabs.com Hello [50.201.92.222]
250-PIPELINING
250-SIZE 0
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH CRAM-MD5 LOGIN
250-AUTH=LOGIN
250 OK
AUTH LOGIN
334 VXNlcm5hbWU6
b5VydmVyMTMzMDA=
334 UGFzc3dvcmQ6
FnN9YjZKVG45N0JycTJZNIam
235 2.7.0 Accepted.
mail from: <msen@na.edu>
250 2.1.0 sender msen@na.edu OK
rcpt to: <mehmetsen80@gmail.com>
250 2.1.5 recipient mehmetsen80@gmail.com OK
data
354 Send data. End with CRLF.CRLF
From:msen@na.edu
Subject:test subject
this is a test
.
250 2.0.0 Message received and queued as c80000008b34a2.
Connection closed by foreign host.
TEST RELAY REMOTELY
Let’s test the relay server remotely from another same network server
$ sudo telnet mail.na.edu 25
Trying 10.10.4.20…
Connected to mail.na.edu.
Escape character is ‘^]’.
220 mail ESMTP Postfix
helo me
250 mail
mail from:msen@na.edu
250 2.1.0 Ok
rcpt to:mehmetsen80@gmail.com
250 2.1.5 Ok
data
354 End data with .
From:msen@na.edu
Subject:Hello World
this is a damn test
.
250 2.0.0 Ok: queued as 4D1E025E46
2 thoughts on “CONFIGURE POSTFIX RELAY FOR SOCKETLABS ON CENTOS 7”