Sending mails in postfix through external smtp

I have a requirement to enable smtp on all desktops to send the emails to web. But normally those mails send from this untrusted network will cause third party smtp servers to treat this spam mail when the source address is listing the private ips we used and whenever the no. of mails increases from the network.

What I’m planning to do is

1. Install a open relay server in LAN which is using trusted thrid party email account to send the mail.
2. Configure postfix on each desktops to use this as relay server in LAN.
3. Configure php.ini and pointing this out as smtp server for local mails.

Installing open relay server in LAN
#yum install postfix*
#chkconfig postfix on
Now you need to know the ip address of your trusted email smtp providers. Normally it would be resolve the ip of mail.mydomain.com and identify the ip showing on it.

Add the following lines at the end of “/etc/postfix/main.cf“
relayhost =
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtp_sasl_password_maps = hash:/etc/postfix/smtp_passwd
smtp_sasl_type = cyrus
smtp_sasl_auth_enable = yes
smtp_cname_overrides_servername = no
smtp_sasl_security_options = noanonymous

Now we need to configure the smtp account details to Postfix server.
#vi /etc/postfix/smtp_passwd
Add the entry like this
SMTP server ip :port username:password

An eg. should like this,
6.202.165.58:25 smtpuser@domain.com:pass save and exit.

Now you need to run the following command,
# postmap hash:/etc/postfix/smtp_passwd

Verify the configuration by,
$ postmap -q smtp.IP:25 /etc/postfix/smtp_passwd will returns user:password

It’s the time for verifying all the settings made.
#service postfix restart

Ensure the smtp is running
[root@rc-016 ~]# netstat -nlp | grep “:25″
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 23589/master

Sending a test mail to verify whether it’s working,
[root@rc-016 ~]# echo ” SMTP relay mail” | mail -s “Relay mail from new office LAB” liju@serveridol.com

Verify the mail delivery,
[root@rc-016 ~]# tail -f /var/log/maillog
Sep 15 23:13:55 rc-016 postfix/smtp[23600]: 98F227C060B: to=, relay=64.202.165.58[64.202.165.58]:25, delay=4.3, delays=0.05/0.01/2.1/2.2, dsn=2.0.0, status=sent (250 Accepted message qp 21658 bytes 734)
Sep 15 23:13:55 rc-016 postfix/qmgr[23592]: 98F227C060B: removed

Which is showing ,I have success with email delivery to my smtp server and I should be get a new mail in my inbox

Configuring it as a open reply sever in LAN

We need to configure this server listening to all adapters to ensure that other desktops can contact it and this relay access is limited to only from our LAN. There is no any authentication to send email from the LAN.
a.Open the file “/etc/postfix/main.cnf”
uncomment the line and modified it with respect to our network. Assuming that my network is 192.168.0.0/24

mynetworks = 192.168.0.0/24,127.0.0.0/8
inet_interfaces = all

[root@rc-016 ~]# vi /etc/postfix/main.cf
[root@rc-016 ~]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
[root@rc-016 ~]# netstat -nlp | grep ":25"
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 23763/master
[root@rc-016 ~]#

Now you need to verify whether we can forward all the mails using this server,

Login to other desktops on the LAN and verify you can contact the open relay smtp server.

$telnet 192.168.10.25 25
Trying 192.168.10.25…
Connected to 192.168.10.25 (192.168.10.25).
Escape character is ‘^]’.
220 rc-016.localdomain ESMTP Postfix

Configuring mail server on Desktop to use this as relay server

Now you need to install postfix in the server.
#yum install postfix*
#chkconfig postfix on
#vi /etc/postfix/main.cf
uncomment the line and the relay server IP
relayhost = 192.168.0.25
#service postfix restart

Sending a test email to verify it’s working,

[root@rc-016 ~]# echo ” SMTP relay mail” | mail -s “Relay mail from new office LAB” liju@serveridol.com
check the open relay server’s “/var/log/maillog” to check whether it can communicate with the mails coming from Desktops.

My php mails are moving to spam box in Gmail

One of my client has spam issue with his server. Initial it was the problem with the sever IP reputation.

Possible reasons are,

1. Neighborhood ip on the same network was listed in the RBL black list. I have contacted hosting company to do the needful to solve the issue. They inform me that their ‘abuse team will take care of that.
2. All the major SMTP vendors are black listed our ips since it has been in the black list. Thus all the mails from my server moves directly to spam box. So that I need to contact the each vendors and fill out an online submission reg. this.

1. Yahoo
http://help.yahoo.com/l/us/yahoo/mail/postmaster/defer.html

2. For Hotmail/MSN
https://support.msn.com/eform.aspx?productKey=edfsmsbl&ct=eformts&wa=wsignin1.0&st=1&wfxredirect=1

After 3-5 days later, all my yahoo and hotmails are reached the proper place. But Gmail still having issues and my Googling would not help me to find a solution.

For further research I found that whenever I sent email from the web mail interface, it’s correctly reaching INBOX but not programmaticaly. I suspect issue is with the function we used to send mail or the parameter mentioned and developers are tried many ways, even spent a day. Evening I’m starting some research and googling to find a way to send a mail. Actually I do not know anything about php.

I have double checked the parameter used and ensure that mails are properly formatted. Again I got the mail in spam box.

After 2 or more testing, I got a mail in Gmail inbox, the way to hope.

The reason is that I thinking is,
WHM/Cpanel wouldn’t allow to impersonate the emails without been used any authentication or not permit to email from the non-existent email id on the same domain.

Suppose, I have an email id “matt@mydomain” and I need to send email from the non-existent id of ‘support@mydomain.com’. That mail definitely move to spam box in Gmail. I have enabled DKIM’ on the server at the same time.

The following piece of code helped me to send an authenticated mail.

<?php
require_once "Mail.php";

$from = "Mathew ";
$to = "Gmail user ";
$subject = "Welcome!";
$body = "User ,\n\nYou have recently registered US";

$host = "mail.domain.com";
$username = "matt@domain.com";
$password = "pass";

$headers = array ('From' => $from,
'To' => $to,
'Subject' => $subject);
$smtp = Mail::factory('smtp',
array ('host' => $host,
'auth' => true,
'username' => $username,
'password' => $password));

$mail = $smtp->send($to, $headers, $body);

if (PEAR::isError($mail)) {
echo("

" . $mail->getMessage() . "

");
} else {
echo("

Message successfully sent!

");
}
?>


Now All is Well

The following link will e helpful for checking spam possibility,

1. Checking the ip is being blacklisted.
a. http://www.dnsbl.info/dnsbl-database-check.php
b. http://www.mxtoolbox.com/blacklists.aspx

2. Checking the RDNS ( Reverse DNS lookup)
a. From linux #host
[root@host.sportu.com] test >> host 209.85.225.18
18.225.85.209.in-addr.arpa domain name pointer iy-in-f18.1e100.net.
Check the ip is returning a dns entry to that ip

3. Checking SPF and DKIM ( domain keys)
a. http://www.mxtoolbox.com/spf.aspx
b. http://www.kitterman.com/spf/validate.html

4. Is our server an Open relay
a. http://verify.abuse.net/cgi-bin/relaytest
b. www.checkor.com/
c.www.mailradar.com/openrelay/

How to check open relay

[root@web-test1 ~]# telnet mydomain.com 25
Trying 63.165.1.57...
Connected to mydomain.com (63.15.1.7).
Escape character is '^]'.
220 host.mydomain.com ESMTP Postfix
ehlo localhost
250-host.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: tom@test.com
250 2.1.0 Ok
rcpt to: liju@office.com
554 5.7.1 : Relay access denied

It's shows our server is safe

Plesk – qmail sending the mails from localhost.localdomain

Yesterday I have issue with plesk mail.
During the nagios setup on a pleask installed server, I noticed that all the mails which generated from the console showing the suffix localhost.localdomain. Hence it caught moved to spam mail.

My trails are,

1. First checking the mx records properly point to the server
2. Check the /etc/hosts and hostname ( etc/sysconfig/network) whether it’s correctly resolve the hostname
3. Make sure that mx record point to the “mail.myserver.com“. It must have a FQDN.
4. Verifying reverse dns lookup. I created a “PTR’ record of the server ip pointing to the “mail” host record and the server domain.
5. Verifying that smtp server is listening the port 25. Actually Plesk uses qmail smtp to send out the mail and SMTP server (Postfix) was not started during the setup time. So that I can send the mail but not receive any mails.

Finally I found a solution from thread is.

Just change the ” /var/qmail/control/me” file entry to mydomain which was set to localhost.localdomain.com
# echo "mydomain.com" > /var/qmail/control/me

restart qmail and nagios
[root@rc-042 php-5.2.9]# /etc/init.d/qmail restart
[root@rc-042 php-5.2.9]# /etc/init.d/nagios restart

How to verify qmail configured to use my domain.
# /var/qmail/bin/qmail-showctl | less press the key “q” quit from window which must shows
defaulthost: (Default.) Default host name is mydomain.com.

It’s working charm after that. -:)

Note: I have spent few hours to find how the email was send out. I stopped the posfix and verified the port 25 is not listening. But it’s still sending out the mail. Lately I found Plesk is using qmail to send the mail.