[SOLVED] Unable to setup mail relay

G

gck303

Member
Sep 14, 2022
15
2
8
I have a fresh install of proxmox mail gateway. It is nicely configured and will receive emails and forward them to our iredmail email server.

I want to get it to now act as an outbound relay. I want for it to receive calls from our website and send the outbound emails. This will mean that I do not need to expose the iredmail's SMTP service to the internet.

My local installation of wordpress (on the same subnet as the PMG) and it is unable to connect and send any emails. It is returning the follows errors:

I have spent quite a few hours debugging and trying to get this working, but can.

What is going wrong, and how can I fix it?

Thanks, George

220 pmg1.xxxxxxxxxxxxxxxx.com ESMTP Proxmox EHLO camley20220315.local 250-pmg1.xxxxxxxxxxxxx.com 250-PIPELINING 250-SIZE 10485760 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-SMTPUTF8 250 CHUNKING STARTTLS 220 2.0.0 Ready to start TLS EHLO xxxxxx20220315.local 250-pmg1.xxxxxxxxxx.com 250-PIPELINING 250-SIZE 10485760 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-SMTPUTF8 250 CHUNKING AUTH PLAIN 503 5.5.1 Error: authentication not enabled

1663789656852.png

1663789738813.png
 
dcsapak said:
AFAICS you enabled authentication, but pmg does not support any form of authentication for smtp. instead it only accepts mails on the internal port from the 'trusted networks' (which defaults to the same subnet of the pmg)
(see also https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#_mail_proxy_configuration)
Click to expand...

Hmmm. Thank you for your reply.

The wordpress IS on the same subnet. So, I when I turn of the authentication it works. Which is great.

I can do the same thing with the externally hosted wordpress and add the site's IP address into the trusted networks with a '/32'. This works and allows me to do what I need.

But is the security of this approach acceptable?
 
gck303 said:
But is the security of this approach acceptable?
Click to expand...
for internal networks (which pmg is targeted at) it's fine. you must decide yourself if it's ok for external ips/networks (should also be fine, as nobody should be able to spoof ips over the internet in general for tcp connections, as the return path of the packages will (hopefully) not be routed to an attacker but the real ip...)
 
I think it will be okay. These are only order tracking emails and not anything super personal.

I intend to keep a monitoring on the PMG tracking centre I can see if anything is being sent that should not. The volumes of email are not in the thousands per day, so anything strange should be spottable.

Thank you for your help.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back