[TUTORIAL] Get Postfix to Send Notifications (Email) Externally

Seed

Renowned Member
Oct 18, 2019
109
63
68
124
I'm not sure I did this in the proxmox way but I couldn't get email to relay to me and some posts were dated or didn't work for me, so I did the following:

Gmail for example:

Change /etc/postfix/main.cf to include/change these lines:
Code:
relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

#mydestination = $myhostname, localhost.$mydomain, localhost

Be sure there are no dupes as the main.cf may have smtp_sasl_security_options = {} , and relayhost = {}. Just delete or comment those lines.

Create an /etc/postfix/sasl_passwd file with:
Code:
[smtp.gmail.com]:587    testmehere@gmail.com:PASSWD

run
Code:
chmod 600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd

install for passwd support:
Code:
apt-get install libsasl2-modules

Restart service:
Code:
systemctl restart postfix.service

Test:
Code:
echo "Test mail from postfix" | mail -s "Test Postfix" test@test.com

Test from PVE:
Code:
echo "test" | /usr/bin/pvemailforward


Logs:
Code:
/var/log/mail.warn
is helpful as well as
Code:
/var/log/mail.info



Customize From:
This is nice so it's not from "root"

Create smtp_header_checks file, this changes all outgoing mail:
Code:
/^From:.*/ REPLACE From: HOSTNAME-alert <HOSTNAME-alert@something.com>

Add to main.cf:
Code:
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks

Don't forget to run postmap on the header file

#note. For pcre support you'll need to install apt install postfix-pcre and restart postfix service
 
Last edited:
Thanks for sharing this - the config looks quite right!

(You could consider using the 'TUTORIAL' prefix for your thread - that makes the thread stand out visibly)
 
I have tried this and struggle with the problem that my proxmox runs behind a dynamic IP which is on many blacklists. So even though everything is configured right, I get rejected from the mailserver. Is there a way to configure postfix as MUA and not as MTA? So that it would work with dynamic blocked IPs on any mail-server?
 
I have tried this and struggle with the problem that my proxmox runs behind a dynamic IP which is on many blacklists. So even though everything is configured right, I get rejected from the mailserver. Is there a way to configure postfix as MUA and not as MTA? So that it would work with dynamic blocked IPs on any mail-server?

It seems like the described problem does not occur when SSL/TLS is used, so I don't have this problem anymore.
Thanks for this guide!
 
  • Like
Reactions: wegiii and Seed
The custom From: should be
Code:
 # for outgoing changes only "smtp".
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
 
  • Like
Reactions: wegiii
This does not work and throws errors in syslog :
Code:
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks . #for outgoing changes only "smtp".

This works without errors :
Code:
# for outgoing changes only "smtp".
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
 
  • Like
Reactions: wegiii
The problem is the dot: "smtp_header_checks . #"
Correct will be:

smtp_header_checks = pcre:/etc/postfix/smtp_header_checks # for outgoing changes only "smtp".

Thx. for the tutorial!

Good luck /Bafta
 
  • Like
Reactions: Stoiko Ivanov
The problem is the dot: "smtp_header_checks . #"
Correct will be:

smtp_header_checks = pcre:/etc/postfix/smtp_header_checks # for outgoing changes only "smtp".

Thx. for the tutorial!

Good luck /Bafta

Ahh thank you for clarifying that. Will change.
 
Awesome guide, thanks! I kept seeing log messages from Postfix complaining about not being able to send mail or whatever, so I finally got around to looking up up how to fix it! q: Who is it going to send email *to*? Will it be the email address I provided during installation? Because I've never seen a field for an email address anywhere in the configuration that I can recall.
 
Will it be the email address I provided during installation? Because I've never seen a field for an email address anywhere in the configuration that I can recall.
yes initially it's the email address you set during installation - you can customize this in an installed PVE system - by setting the email of the user root@pam (GUI->Datacenter->Users)

I hope this helps!
 
  • Like
Reactions: wegiii and Hyacin
The problem is the dot: "smtp_header_checks . #"
Correct will be:

smtp_header_checks = pcre:/etc/postfix/smtp_header_checks # for outgoing changes only "smtp".

Thx. for the tutorial!

Good luck /Bafta
This was still throwing fatal errors for me. Did what @Tommmii suggested and it works correctly. Thanks!

Great tutorial, and I have tested on my primary node (the one I use to monitor my cluster), but should this be done on every node in the cluster?
I have only done this on my main node as well, but will implement across all nodes as I imagine this has to be done on each one.

@Seed - Thank you for this tut!
 
This was still throwing fatal errors for me. Did what @Tommmii suggested and it works correctly. Thanks!
I'm not sure why this would cause an error. The original guide was updated to not include that typo a long time ago.
 
Last edited:
  • Like
Reactions: Tommmii
I'm not sure why this would cause an error. The original guide was updated to not include that typo a long time ago.

I'm not sure. I moved the comment above the config line, rather than after, restarted postfix, emails started going out. Thanks again.
 
  • Like
Reactions: Seed
Thank you for the instructions. I followed step by step but my mail.info shows

connect to smtp.gmail.com[2607:f8b0:4023:c03::6c]:587: Network is unreachable

And mail.warn shows

warning: symlink leaves directory: /etc/postfix/./makedefs.out

Attached is my main.cf - any suggestions?
 

Attachments

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!