Setup mail relay with Proxmox Mail Gateway

[William Edwards]

I am setting up a Proxmox Mail Gateway server that will be used only as a mail relay for hosting customers.

I have followed these steps:

• Installed Proxmox Mail Gateway;
• Added our subnet under 'Configuration' -> 'Mail Proxy' -> 'Networks'

The 'Networks' tab currently looks like this:


Networks tab

Now, when I attempt to authenticate against the server with `telnet`, it says authentication is not enabled on both port 25 and port 26:

MacBook-van-William-David:~ server$ telnet 185.233.175.141 25
Trying 185.233.175.141...
Connected to 185.233.175.141.
Escape character is '^]'.
220 proxmox-mg0.cyberfusion.cloud ESMTP Proxmox
ehlo proxmox-mg0.cyberfusion.cloud
250-proxmox-mg0.cyberfusion.cloud
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 SMTPUTF8
auth login
503 5.5.1 Error: authentication not enabled
^]
telnet> quit
Connection closed.
MacBook-van-William-David:~ server$ telnet 185.233.175.141 26
Trying 185.233.175.141...
Connected to 185.233.175.141.
Escape character is '^]'.
220 proxmox-mg0.cyberfusion.cloud ESMTP Proxmox
ehlo proxmox-mg0.cyberfusion.cloud
250-proxmox-mg0.cyberfusion.cloud
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
auth login
503 5.5.1 Error: authentication not enabled

500 5.5.2 Error: bad syntax
^]
telnet> quit
Connection closed.

I have a feeling that I should add all domains that the Mail Gateway server is allowed to relay for under 'Configuration' -> 'Mail Proxy' -> 'Relay Domains', but I want it to relay for any domain (the Mail Gateway server will be firewalled and in a vLAN). Adding an asterix does not work, with a fairly logical error:

Parameter verification failed. (400)

domain: invalid format - value does not look like a valid transport domain

As a first-time user, I'm stuck now.

Looking in the syslog, I see:

May 20 10:05:07 proxmox-mg0 postfix/postscreen[1045]: CONNECT from [141.138.138.136]:63672 to [185.233.175.141]:25
May 20 10:05:07 proxmox-mg0 postfix/postscreen[1045]: WHITELISTED [141.138.138.136]:63672
May 20 10:05:07 proxmox-mg0 postfix/smtpd[1046]: connect from office.cyberfusion.email[141.138.138.136]
May 20 10:05:25 proxmox-mg0 postfix/smtpd[1046]: lost connection after AUTH from office.cyberfusion.email[141.138.138.136]
May 20 10:05:25 proxmox-mg0 postfix/smtpd[1046]: disconnect from office.cyberfusion.email[141.138.138.136] ehlo=1 auth=0/1 commands=1/2
May 20 10:05:27 proxmox-mg0 postfix/smtpd[1049]: connect from office.cyberfusion.email[141.138.138.136]
May 20 10:05:34 proxmox-mg0 postfix/smtpd[1049]: lost connection after AUTH from office.cyberfusion.email[141.138.138.136]
May 20 10:05:34 proxmox-mg0 postfix/smtpd[1049]: disconnect from office.cyberfusion.email[141.138.138.136] ehlo=1 auth=0/1 commands=1/2

Any ideas? Or perhaps a better way to tackle what I'm trying to do with Proxmox Mail Gateway?

 

[William Edwards]

I just noticed that I'm actually able to send mail via `telnet` without authenticating first. And when the IP address I'm connecting from is not added under 'Networks', it denies relay access. Great, because that is what I wanted.

I do have a question: what is the difference between port 25 and port 26? I read somewhere that port 26 is meant to be used to connect from an external host, but I fail to see the logic in this...

 

[fluxX04]

Hi,

port 25 should be used for incoming mail traffic and port 26 for outgoing mail traffic.

According to the admin docu:

ext_port: <integer> (1 - 65535) (default = 25)
SMTP port number for incoming mail (untrusted). This must be a different number than int_port.

int_port: <integer> (1 - 65535) (default = 26)
SMTP port number for outgoing mail (trusted).

Greetz