For each website domain name I want to send email and make sure that it reliably delivered through a trusted relayhost. Mailgun allows you to set TXT records for each of your domains to add the mailgun smtp relay servers as trusted hosts for relaying your email from your websites.
I have these personal websites
I want to forward mail from each website and make sure it’s reliably delivered with the correct “From:” headers so you don’t get “relayed by” or “via Mailgun.org” warnings in mail clients.
I need to authenticate with smtp.mailgun.org as a different user when sending mail from each website.
[smtp.mailgun.org]:587 is the SASL secured relayhost for the all the mailgun relayed sites. Postfix may get confused if I use the same relayhost name for each separate website.
I need to relay with different usernames and passwords for each website but to the same relayhost.
I found that the default sender_dependent_relayhost_maps requires an email address. If you want to relay to a different SMTP server based on email address it works to just add email@example [relayhost.example.com] as below.
# To create unique relayhost entries that point to the same host (smtp.mailgun.org) requires access to the DNS records and the creation of a CNAME record mapping mg.jmits.com.au ==> smtp.mailgun.org.
But I wanted to be able to send from firstname.lastname@example.org email@example.com etc without having to list them individually. Instead of using sender_dependent_relayhost_maps with a list as above create a regex map
Postfix supports several types of Regular Expressions. Check which your postfix supports by running postconf -m. You can use regexp or pcre depending.
/@jamesmcdonald\.id\.au$/ [mg.jamesmcdonald.id.au]:587 /@jmits\.com\.au$/ [mg.jmits.com.au]:587 # returns default when the above don't match # probably don't need this entry # because relayhost = will be used if the # pcre lookup fails /./ [smtp.mailgun.org]:587
Test it with postconf -q firstname.lastname@example.org /etc/postfix/relayhost_maps_re
# should return [mg.jmits.com.au]:587
see below the example main.cf to see how you add the above file to it.
!!do not postmap the regex file
[mg.jamesmcdonald.au]:587 email@example.com:mailgunassignedpasswd [mg.jmits.com.au]:587 firstname.lastname@example.org:anothermgassignedpasswd # default password [smtp.mailgun.org:587 email@example.com:anotherpass
My /etc/postfix/main.cf is mostly default
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = localhost inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES # default relay host relayhost = [smtp.mailgun.org]:587 sample_directory = /usr/share/doc/postfix-2.6.6/samples # depending on the sender domain this perl regular expression # returns the correct relay host sender_dependent_relayhost_maps = pcre:/etc/postfix/relayhost_maps_re sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password_maps smtp_sasl_security_options = noanonymous # specify this or postfix won't know to trust the remote # smtp server smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtpd_tls_CApath = /etc/pki/tls/certs # create self signed smtpd.pem by # cd /etc/pki/tls/certs # make smtpd.pem smtpd_tls_cert_file = /etc/pki/tls/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_security_level = may unknown_local_recipient_reject_code = 550