c a n d l a n d . n e t

SMTP Set Up For Hosting Servers

Dusty Candland | | postfix, hostname, hosting

Notes for setting up SMTP for sending mail from hosting servers.

DNS

  • Make sure you have a fully qualified PTR record setup at the server provider.
  • Make sure you have an A record for the domain above pointing to the server.
  • Add an SPF record for the domain above, allowing to send from that domain.
  • Add the above domain to your sending domain's SPF record.

SPF

Setup SPF records in DNS.

TEXT maindomain.com

v=spf1 MX ip4:<ip:server-1.hostingdomain.com> ip4:<...> ~all

TEXT server-1.hostingdomain.com

v=spf1 a -all

Hostname

On the hostingdomain.com servers, make sure the hostname is set correctly.

hostname
> server-1
# Set using this:
hostname server-1.hostingdomain.com

Check IP Blacklists

If you get assigned an IP address that's on blacklists, you need to fix them OR try another IP. Check IP address at: MX Toolbox. The report contains links on how to remove.

The following lists shouldn't matter.

  • UCEPROTECTL2
  • UCEPROTECTL3

Postfix

Assuming Postfix is already installed, we need to configure it.

dpkg-reconfigure postfix

Most of the defaults should be fine. You want an internet site that sends from the server's configured, qualified hostname. I also set up an alias for root so those emails will get forwarded to me.

Limit send from only this machine

You should have a firewall setup to make sure outside users can't get to the SMTP server, but for added protection, edit the Postfix config. Set the inet_interfaces to loopback-only.

/etc/postfix/main.cf

inet_interfaces = loopback-only

Change the default sending address

If you don't actually have email set up in the domain or the subdomain, you can change the default from address to come from a domain you do have email setup for.

Append the following to the Postfix config.

echo "smtp_generic_maps = hash:/etc/postfix/generic" >> /etc/postfix/main.cf

Next we need to create the generic map.

echo "@server-1.hostingdomain.com hello@maindomain.com" > /etc/postfix/generic

Next, hash the generic file.

postmap /etc/postfix/generic

Finally, restart Postfix.

systemctl restart postfix

TLS

If there are already certificates for the domain, we can use those. The DO article has info on creating certificates, if you need them.

Edit /etc/postfix/main.cf to set the paths to the certificates.

smtpd_tls_cert_file=/etc/lsws-rc/conf.d/server-1.d/ssl/server.crt
smtpd_tls_key_file=/etc/lsws-rc/conf.d/server-1.d/ssl/server.key

Restart Postfix again

systemctl restart postfix

Testing

Install mailutils for sending

apt install mailutils

Send a test email

echo "Test my server 1" | mail -s "test my server 1" <TO>@gmail.com

View the logs

tail /var/log/mail.log

References

How To Install and Configure Postfix as a Send-Only SMTP Server on Ubuntu 22.04

Postfix masquerading or changing outgoing SMTP email or mail address

Webmentions

These are webmentions via the IndieWeb and webmention.io. Mention this post from your site: