How to configure to require outbound authentication to be required?

RNDPMO

New Member
Apr 18, 2025
1
0
1
Hi all

I'd like to use PMG as a mail relay mails to my on premises environment at home.
Inbound mail routing is already working fine, but for outbound mails I'd like to configure authentication to be required.
PMG and the sender are not located in the same local area network and do not have a fixed IP address.

Basically I want PMG to require authentication on TCP port 26
Local username/password authentication is good enough.

From what I have read, I need to work with templates in the /var/lib/pmg/templates directory.

Which file do I need to copy? main.cf.in or master.cf.in ?

Can anyone point me at a reference configuration?

Kind regards
 
As far as I can tell, the only thing supposed to be communicating on port 26 with PMG is your mail server.

https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#firewall_settings

Mail server > Firewall > PMG port 26

Your mail clients are supposed to talk to your mail server, not PMG. The mail server then sends mail to PMG on port 26 for final delivery.

To achieve this in your setup, you need to first open port 26 on your firewall in front of PMG from your home network to PMG. Then you add the IP of your home network under PMG UI > Configuration > Mail Proxy > Networks.

If your home network is on DDNS, this is the tricky part. You need to update /etc/pmg/mynetworks on your PMG every time the IP address of your home network changes (and run pmgconfig sync).

As far as I know there is no way to add auth to port 26 and I believe I have seen responses from the Proxmox team in this regard here on the forum (don't take my word for it), PMG is simply not designed to handle auth on port 26 (again, since this is the "internal SMTP" port, only meant for communicate from your mail server).

NB: In terms of PMG port 26 is actually a port for 'incoming' emails. Incoming from your (trusted) mail server for further delivery by PMG.
 
Last edited: