Using Postfix with specialized, transactional email services like SendGrid or Mandrill is excellent for not only for optimizing email deliverability, but they usually also offer some nice features.
You may of course setup your web application, like WordPress, to use the external service, but this requires you to configure each application independently.
Some applications are not so easy to set up with an external service, though. A lot of OS tools that are setup to send you email notifications, warnings and statuses will simply use the servers’ locally installed MTA (i.e. Postfix for us).
Also Postfix automatically queues and retries emails which might fail due to temporary connection issues. Having your application dispatch email to a local MTA, makes it much more responsive, and you don’t have to think about handling temporary failures.
Configure Postfix
Configuring authenticated SMTP relay in Postfix is actually quite easy. You just need to add a few directives in the /etc/postfix/main.cf configuration file.
smtp_sasl_auth_enable = yes smtp_sasl_password_maps = static:YourSMTPUsername:YourSMTPPassword smtp_sasl_security_options = noanonymous relayhost = [smtp.example.com]:587
Replace YourSMTPUsername and YourSMTPPassword with your SMTP credentials, and smtp.example.com with your provider’s SMTP server.
While you’re at it, check these settings too:
smtp_use_tls = yes mydestination = localhost
Restart Postfix, and you’re ready to go:
$ sudo service postfix restart
Update your SPF record
Remember to update your SPF record to include your provider’s servers.
For Mandrill, that would be adding include:spf.mandrillapp.com and for SendGrid it is include:sendgrid.net
Not sure what a SPF record is?
Sender Policy Framework (SPF) is an email authentication standard that compares the email sender’s IP address against a list of authorized addresses. The addresses is published in a TXT DNS record. To see what my SFP record looks like, type this in a terminal window:
$ dig txt www.bjornjohansen.com
You should see something like this (subject to change):
"v=spf1 a mx include:_spf.google.com include:servers.mcsv.net include:spf.mandrillapp.com -all"
This means that I’ve authorized any IP with a A or MX record for my domain, and includes the SPF records for Google, MailChimp and Mandrill.
Testing
Try sending yourself a test message:
$ mail -s Testing [email protected]
(type a message, end it with a single dot on a line or CTRL+D)
Last note
This has absolutely nothing to do with your regular email accounts for your domain. They will be handled separately on the servers defined in your MX records. This is just for outgoing emails sent by this particular server.
An alternative way to send a test message / email is by typing…
echo ‘test message’ | mail -s ‘test subject’ [email protected]
I added this to my raspberrypi posfix conf:
This config changes sender addresses from both local originated, and relayed SMTP mail traffic:
/etc/postfix/main.cf:
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = regexp:/etc/postfix/sender_canonical_maps
smtp_header_checks = regexp:/etc/postfix/header_check
Rewrite envelope address from email originating from the server itself
/etc/postfix/sender_canonical_maps:
/.+/ [email protected]
Rewrite from address in SMTP relayed e-mail
/etc/postfix/header_check:
/From:.*/ REPLACE From: [email protected]