Configure Postfix for Multiple ISP Client SMTP Authentication

By | 2009/03/13

Some time ago I blogged about configuring Postfix to relay outgoing email through your gmail account. One of the commenters left a question asking how to achieve the same result, but use unique relays for each account attempting to send email. I’ve only just now been able to find time to write up an answer and find a good solution. This post will outline how to configure specific users of your mail server to relay through unique providers for outgoing email. For example:

user1@server1.com must relay through smtp.isp1.com
user2@server2.com must relay through mail.isp2.org
user3@server3.com must relay through mx.isp3.net
all others must relay through the default, smtp.hugecorp.biz

Note: This is only supported on Postfix version v2.3+ and later. If you are using a recent version of Ubuntu or Debian you should be fine. To find out your current installed version you can run:

dpkg -l postfix

Step 1

Open your main.cf file:

vim /etc/postfix/main.cf

Add these lines to the configuration:

smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/passwd
relayhost = [smtp.hugecorp.biz]:submission

Step 2

Create /etc/postfix/relayhost_map file:

vim /etc/postfix/relayhost_map

Append entries for each unique sender => isp relay mapping you need. (note: our default relay, smtp.hugecorp.biz, is not included here):

# Per-sender provider
user1@server1.com [smtp.isp1.com]
user2@server2.com [mail.isp2.org]
user3@server3.com [mx.isp3.net]

Step 3

Update the /etc/postfix/passwd file with the user authentication information:

# Per-sender authentication
user1@server1.com user1@server1.com:SecretP@ssw0rd1
user1@server2.com user2@server2.com:SecretP@ssw0rd2
user1@server3.com user2@server3.com:SecretP@ssw0rd3
# Login for the default relayhost
[smtp.hugecorp.biz] defaultUsername:defaultPassword

Step 4
Hash the config files. Restart Postfix:

postmap hash:/etc/postfix/passwd
postmap hash:/etc/postfix/relayhost_map
/etc/init.d/postfix reload

Following these instructions you should be able to configure each of your users, or a specific subset of users, to relay their outgoing email through specific ISPs or even specific gmail accounts.  If my previous post is too limited for you–you don’t want everything authenticating and relaying through a single gmail account–these instructions should give you more flexibility.

Source: nixCraft

5 thoughts on “Configure Postfix for Multiple ISP Client SMTP Authentication

  1. Nico Prasetio

    I'd like to use two of my gmail accounts and send to one another; however I still got this warning:
    —————————————————————————————————————————————-
    Apr 11 02:47:10 ubserver postfix/postfix-script[27408]: refreshing the Postfix mail system
    Apr 11 02:47:10 ubserver postfix/master[25731]: reload configuration /etc/postfix
    Apr 11 02:48:50 ubserver postfix/pickup[27413]: F0C6E408ED: uid=1000 from=<prasetionico@gmail.com>
    Apr 11 02:48:51 ubserver postfix/cleanup[27418]: F0C6E408ED: message-id=<20090410194850.F0C6E408ED@ubserver.revetech.local>
    Apr 11 02:48:51 ubserver postfix/qmgr[27411]: F0C6E408ED: from=<prasetionico@gmail.com>, size=309, nrcpt=1 (queue active)
    Apr 11 02:48:56 ubserver postfix/smtp[27420]: connect to smtp.gmail.com[209.85.143.109]:25: Connection refused
    Apr 11 02:48:57 ubserver postfix/smtp[27420]: connect to smtp.gmail.com[209.85.143.111]:25: Connection refused
    Apr 11 02:48:58 ubserver postfix/smtp[27420]: F0C6E408ED: to=<g00rkha75@gmail.com>, relay=none, delay=28, delays=21/0.07/6.9/0, dsn=4.4.1, status=deferred (connect to smtp.gmail.com[209.85.143.111]:25: Connection refused)
    ——————————————————————————————————————————————————-

    Here are my configuration:

    myhostname = ubserver.revetech.local
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = revetech.local, ubserver.revetech.local, localhost.localdomain, localhost
    relayhost = [smtp.gmail.com]:587

    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options = noanonymous
    smtp_tls_CAfile = /etc/postfix/cacert.pem
    smtp_use_tls = yes

    And here is the content of the relayhost_map and /etc/postfix/passwd

    nprasetio@ubserver:~$ sudo cat /etc/postfix/relayhost_map
    prasetionico@gmail.com [smtp.gmail.com]
    g00rkha75@gmail.com [smtp.gmail.com]

    nprasetio@ubserver:~$ sudo cat /etc/postfix/passwd
    prasetionico@gmail.com prasetionico@gmail.com:xxxxxxxxx
    g00rkha75@gmail.com g00rkha75:xxxxxxxxx

    Really appreciate your help.

    Rgds,
    NP

    Reply
  2. Nico Prasetio

    Hi,

    I think I know my mistake:
    Here it is on main.cf
    ——————————————————————————————————————————————
    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd <– changed to = hash:/etc/postfix/passwd
    smtp_sasl_security_options = noanonymous
    smtp_tls_CAfile = /etc/postfix/cacert.pem
    smtp_use_tls = yes
    ——————————————————————————————————————————————

    Then run the following commands:

    sudo postmap hash:/etc/postfix/passwd
    sudo postmap hash:/etc/postfix/relayhost_map
    sudo /etc/init.d/postfix reload

    By the way, it's very nice article thanks a lot.

    Rgds,
    NP

    Reply
  3. Mau

    So, if I am using this smtp relay how do I target the specific mapped account from say PHP?

    Sorry if this is kind of a stupid question, but while I get how the config and everything is working I just don't know how to make the PHP script trigger one of the defined relay accounts.

    Reply
  4. Mister

    @ Mau

    MAU , USE PHP.INI . create an account named postmaster@localhost . So php scripts send emails with postmaster account.

    Life is simple . Remember this.

    Hahahahaha.

    Reply
  5. Fil

    I have a terminal server where that we use for sales, inventory, purchasing, etc. Very often, we have to send emails (PDF invoices, purchase order, etc) which go out using postfix on this particular server. When we send these documents, we have to copy ourselves in order to have a record that it when out. It comes in to our Inbox. If we do not copy ourselves, we have no record of it going out. We have a separate IMAP server (main email server) that when I send email from my iphone, it will show up in the sent box on my computer. Is there a way to send these messages using postfix so that they are put in our sent folder of our Imap server without having to copy ourselves? Thanks.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *