Configure Postfix for Multiple ISP Client SMTP Authentication

By | 2009/03/13

Some time ago I blogged about configuring Postfix to relay outgoing email through your gmail account. One of the commenters left a question asking how to achieve the same result, but use unique relays for each account attempting to send email. I’ve only just now been able to find time to write up an answer and find a good solution. This post will outline how to configure specific users of your mail server to relay through unique providers for outgoing email. For example:

[email protected] must relay through smtp.isp1.com
[email protected] must relay through mail.isp2.org
[email protected] must relay through mx.isp3.net
all others must relay through the default, smtp.hugecorp.biz

Note: This is only supported on Postfix version v2.3+ and later. If you are using a recent version of Ubuntu or Debian you should be fine. To find out your current installed version you can run:

dpkg -l postfix

Step 1

Open your main.cf file:

vim /etc/postfix/main.cf

Add these lines to the configuration:

smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/passwd
relayhost = [smtp.hugecorp.biz]:submission

Step 2

Create /etc/postfix/relayhost_map file:

vim /etc/postfix/relayhost_map

Append entries for each unique sender => isp relay mapping you need. (note: our default relay, smtp.hugecorp.biz, is not included here):

# Per-sender provider
[email protected] [smtp.isp1.com]
[email protected] [mail.isp2.org]
[email protected] [mx.isp3.net]

Step 3

Update the /etc/postfix/passwd file with the user authentication information:

# Per-sender authentication
[email protected] [email protected]:SecretP@ssw0rd1
[email protected] [email protected]:SecretP@ssw0rd2
[email protected] [email protected]:SecretP@ssw0rd3
# Login for the default relayhost
[smtp.hugecorp.biz] defaultUsername:defaultPassword

Step 4
Hash the config files. Restart Postfix:

postmap hash:/etc/postfix/passwd
postmap hash:/etc/postfix/relayhost_map
/etc/init.d/postfix reload

Following these instructions you should be able to configure each of your users, or a specific subset of users, to relay their outgoing email through specific ISPs or even specific gmail accounts.  If my previous post is too limited for you–you don’t want everything authenticating and relaying through a single gmail account–these instructions should give you more flexibility.

Source: nixCraft

5 thoughts on “Configure Postfix for Multiple ISP Client SMTP Authentication

  1. Nico Prasetio

    I'd like to use two of my gmail accounts and send to one another; however I still got this warning:
    —————————————————————————————————————————————-
    Apr 11 02:47:10 ubserver postfix/postfix-script[27408]: refreshing the Postfix mail system
    Apr 11 02:47:10 ubserver postfix/master[25731]: reload configuration /etc/postfix
    Apr 11 02:48:50 ubserver postfix/pickup[27413]: F0C6E408ED: uid=1000 from=<[email protected]>
    Apr 11 02:48:51 ubserver postfix/cleanup[27418]: F0C6E408ED: message-id=<[email protected]>
    Apr 11 02:48:51 ubserver postfix/qmgr[27411]: F0C6E408ED: from=<[email protected]>, size=309, nrcpt=1 (queue active)
    Apr 11 02:48:56 ubserver postfix/smtp[27420]: connect to smtp.gmail.com[209.85.143.109]:25: Connection refused
    Apr 11 02:48:57 ubserver postfix/smtp[27420]: connect to smtp.gmail.com[209.85.143.111]:25: Connection refused
    Apr 11 02:48:58 ubserver postfix/smtp[27420]: F0C6E408ED: to=<[email protected]>, relay=none, delay=28, delays=21/0.07/6.9/0, dsn=4.4.1, status=deferred (connect to smtp.gmail.com[209.85.143.111]:25: Connection refused)
    ——————————————————————————————————————————————————-

    Here are my configuration:

    myhostname = ubserver.revetech.local
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = revetech.local, ubserver.revetech.local, localhost.localdomain, localhost
    relayhost = [smtp.gmail.com]:587

    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options = noanonymous
    smtp_tls_CAfile = /etc/postfix/cacert.pem
    smtp_use_tls = yes

    And here is the content of the relayhost_map and /etc/postfix/passwd

    nprasetio@ubserver:~$ sudo cat /etc/postfix/relayhost_map
    [email protected] [smtp.gmail.com]
    [email protected] [smtp.gmail.com]

    nprasetio@ubserver:~$ sudo cat /etc/postfix/passwd
    [email protected] [email protected]:xxxxxxxxx
    [email protected] g00rkha75:xxxxxxxxx

    Really appreciate your help.

    Rgds,
    NP

    Reply
  2. Nico Prasetio

    Hi,

    I think I know my mistake:
    Here it is on main.cf
    ——————————————————————————————————————————————
    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd <– changed to = hash:/etc/postfix/passwd
    smtp_sasl_security_options = noanonymous
    smtp_tls_CAfile = /etc/postfix/cacert.pem
    smtp_use_tls = yes
    ——————————————————————————————————————————————

    Then run the following commands:

    sudo postmap hash:/etc/postfix/passwd
    sudo postmap hash:/etc/postfix/relayhost_map
    sudo /etc/init.d/postfix reload

    By the way, it's very nice article thanks a lot.

    Rgds,
    NP

    Reply
  3. Mau

    So, if I am using this smtp relay how do I target the specific mapped account from say PHP?

    Sorry if this is kind of a stupid question, but while I get how the config and everything is working I just don't know how to make the PHP script trigger one of the defined relay accounts.

    Reply
  4. Mister

    @ Mau

    MAU , USE PHP.INI . create an account named postmaster@localhost . So php scripts send emails with postmaster account.

    Life is simple . Remember this.

    Hahahahaha.

    Reply
  5. Fil

    I have a terminal server where that we use for sales, inventory, purchasing, etc. Very often, we have to send emails (PDF invoices, purchase order, etc) which go out using postfix on this particular server. When we send these documents, we have to copy ourselves in order to have a record that it when out. It comes in to our Inbox. If we do not copy ourselves, we have no record of it going out. We have a separate IMAP server (main email server) that when I send email from my iphone, it will show up in the sent box on my computer. Is there a way to send these messages using postfix so that they are put in our sent folder of our Imap server without having to copy ourselves? Thanks.

    Reply

Leave a Reply