I use a small Linux VM in my environment to relay outbound SMTP using my e-mail provider. This is primarily used to get alerts and notifications from my Home Lab systems to my inbox.

My Ubuntu version was at end-of-life so it was time to rebuild with the latest version.  I thought this was a good time to publish my notes to help myself – and anyone else!

Acknowledgements

I relied on 3 different blog articles to get this setup.  I am sure there are other ways to accomplish this task; but these worked for me:

• https://www.linode.com/docs/guides/configure-postfix-to-send-mail-using-gmail-and-google-workspace-on-debian-or-ubuntu/
• https://www.linuxsysadmins.com/forcing-the-from-address-when-postfix-relays-over-smtp
• Setup App-specific passwords for Apple IDs

Goals

• SMTP host capable of relaying emails from internal systems to my e-mail provider.
  • No inbound SMTP is needed or desired
  • SMTP had to send email using specific username/credentials
• Initially it had to work with Gmail.  I had the legacy free version of Google Apps since 2010.  When that was initially announced to be shuttered, I moved all of my email services to Apple.  Shortly after I had moved everything.  Google announced it had changed its mind and was not shutting down Legacy G Suite after all; but that was too late for me.  The steps below work for both Gmail and Apple mail.

Setting up the Relay

My new Linux VM is running Ubuntu 22.04.2 LTS.   You may need to make some adjustments in the steps below to account for your distro of choice.

Install Postfix and LIBSASL2

This is from Linode article above

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install postfix libsasl2-modules

You will be prompted to make a configuration choice on Postfix.  Choose Internet site and enter your system mail name.

Edit Postfix config file (/etc/postfix/main.cf)

Locate the myhostname parameter and ensure it matches your server’s FQDN

myhostname = host.cybersylum.com

At the end of the main.cf file add the following lines:

note: your postfix config file may have existing entries for these configuration items.  You can remove them.  I keep my updates in a group to make it easier to find

# use Apple SMTP relay
relayhost = [smtp.mail.me.com]:587
#allow relay from specific local VLANs
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.4.0/24 192.168.9.0/24
#force email to go out as my personal email
sender_canonical_classes = envelope_sender,header_sender
sender_canonical_maps = regexp:/etc/postfix/sender_canonical_maps
header_checks = regexp:/etc/postfix/header_checks

Create sender_canonical_maps file (/etc/postfix/sender_canonical_maps) – from the LinuxSysAdmins article

/.+/ [email protected]

Create header_checks file (/etc/postfix/header_checks) – from the LinuxSysAdmins article

/From:.*/ REPLACE From:[email protected]

Create sassl_password file (/etc/postfix/sasl/sasl_password)

[smtp.mail.me.com]:587 [email protected]:password

Create the hash db file 

sudo postmap /etc/postfix/sasl/sasl_passwd

Secure the DB hash and password files

sudo chown root:root /etc/postfix/sasl/sasl_passwd /etc/postfix/sasl/sasl_passwd.db 
sudo chmod 0600 /etc/postfix/sasl/sasl_passwd /etc/postfix/sasl/sasl_passwd.db

Restart Postfix

sudo systemctl restart postfix

Testing

You can use the sendmail command to test the config and review the logs at /var/log/syslog to look for errors.