Setup mail relay with Proxmox Mail Gateway

May 20, 2017
172
18
58
Netherlands
cyberfusion.nl
I am setting up a Proxmox Mail Gateway server that will be used only as a mail relay for hosting customers.

I have followed these steps:
  • Installed Proxmox Mail Gateway;
  • Added our subnet under 'Configuration' -> 'Mail Proxy' -> 'Networks'
The 'Networks' tab currently looks like this:

Schermafbeelding 2018-05-20 om 10.09.28.png
Networks tab

Now, when I attempt to authenticate against the server with `telnet`, it says authentication is not enabled on both port 25 and port 26:

Code:
MacBook-van-William-David:~ server$ telnet 185.233.175.141 25
Trying 185.233.175.141...
Connected to 185.233.175.141.
Escape character is '^]'.
220 proxmox-mg0.cyberfusion.cloud ESMTP Proxmox
ehlo proxmox-mg0.cyberfusion.cloud
250-proxmox-mg0.cyberfusion.cloud
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 SMTPUTF8
auth login
503 5.5.1 Error: authentication not enabled
^]
telnet> quit
Connection closed.
MacBook-van-William-David:~ server$ telnet 185.233.175.141 26
Trying 185.233.175.141...
Connected to 185.233.175.141.
Escape character is '^]'.
220 proxmox-mg0.cyberfusion.cloud ESMTP Proxmox
ehlo proxmox-mg0.cyberfusion.cloud
250-proxmox-mg0.cyberfusion.cloud
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
auth login
503 5.5.1 Error: authentication not enabled

500 5.5.2 Error: bad syntax
^]
telnet> quit
Connection closed.

I have a feeling that I should add all domains that the Mail Gateway server is allowed to relay for under 'Configuration' -> 'Mail Proxy' -> 'Relay Domains', but I want it to relay for any domain (the Mail Gateway server will be firewalled and in a vLAN). Adding an asterix does not work, with a fairly logical error:

Code:
Parameter verification failed. (400)

domain: invalid format - value does not look like a valid transport domain

As a first-time user, I'm stuck now.

Looking in the syslog, I see:

Code:
May 20 10:05:07 proxmox-mg0 postfix/postscreen[1045]: CONNECT from [141.138.138.136]:63672 to [185.233.175.141]:25
May 20 10:05:07 proxmox-mg0 postfix/postscreen[1045]: WHITELISTED [141.138.138.136]:63672
May 20 10:05:07 proxmox-mg0 postfix/smtpd[1046]: connect from office.cyberfusion.email[141.138.138.136]
May 20 10:05:25 proxmox-mg0 postfix/smtpd[1046]: lost connection after AUTH from office.cyberfusion.email[141.138.138.136]
May 20 10:05:25 proxmox-mg0 postfix/smtpd[1046]: disconnect from office.cyberfusion.email[141.138.138.136] ehlo=1 auth=0/1 commands=1/2
May 20 10:05:27 proxmox-mg0 postfix/smtpd[1049]: connect from office.cyberfusion.email[141.138.138.136]
May 20 10:05:34 proxmox-mg0 postfix/smtpd[1049]: lost connection after AUTH from office.cyberfusion.email[141.138.138.136]
May 20 10:05:34 proxmox-mg0 postfix/smtpd[1049]: disconnect from office.cyberfusion.email[141.138.138.136] ehlo=1 auth=0/1 commands=1/2

Any ideas? Or perhaps a better way to tackle what I'm trying to do with Proxmox Mail Gateway?
 
I just noticed that I'm actually able to send mail via `telnet` without authenticating first. And when the IP address I'm connecting from is not added under 'Networks', it denies relay access. Great, because that is what I wanted. :)

I do have a question: what is the difference between port 25 and port 26? I read somewhere that port 26 is meant to be used to connect from an external host, but I fail to see the logic in this...
 
Hi,

port 25 should be used for incoming mail traffic and port 26 for outgoing mail traffic.

According to the admin docu:
Code:
ext_port: <integer> (1 - 65535) (default = 25)
SMTP port number for incoming mail (untrusted). This must be a different number than int_port.

int_port: <integer> (1 - 65535) (default = 26)
SMTP port number for outgoing mail (trusted).

Greetz
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!