Postfix relay authentification on Mac OS X
Goal
I develop locally with TYPO3 Flow and want to send out mails to test, whether my application is doing the right stuff when sending mails. But I don’t want to hassle with local mailboxes and fiddling around with my Mail client so that it gets the mails from the local host.
So I googled a bit and found out, that Mac OS X ships with a full-blown Postfix which is just cool!
Problem
Basically telling your postfix to use a relayhost is just a single line of config - no big deal. BUT: If you’re using a consumer internet uplink at home, it could easily be that the remote (target) server is rejecting your mails as your IP address is on one of the well-known blacklists used to filter out spam… So just using the relay host is not enough and you need to actually let your postfix authenticate on your remote relay host, and that’s done like described below:
Configure the Relayhost
Locate the postfix config file, on Mac OS X it’s located at /etc/postfix/main.cf, we need to add some lines into that file:
Ah, you need to do that with super-user power - either on the command line with sudo nano /etc/postfix/main.cf, or with a GUI tool, e.g. sudo mate /etc/postfix/main.cf.
Step 1: Add relayhost config
Add the following line to tell postfix to relay all non-nocal mails to that particular server (on the submission port 587), ignoring any DNS MX-Lookups:
relayhost = [your.remote.server.tld]:587
Step 2: Add authentication config
With the config from step 1, postfix would just surround/ignore the MX of a target domain - but this could fail as described above as this connection would be not authenticated. So we need to add the following lines to make sure postfix authenticates itself on the remote server:
smtp_tls_loglevel=1
smtp_tls_security_level=encrypt
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd
smtp_sasl_security_options = noanonymous
Step 3: Store valid user credentials
The lines in step 2 mention another file which is located at /etc/postfix/sasl/passwd (it could of course be at any other location, but must be accessible by Postfix). So go ahead and create that file, putting in the following content:
[your.remote.server.tld]:587 <username>:<password>
Then issue the following command to create a hashed file of this file, which is then read by Postfix:
sudo postmap /etc/postfix/sasl/passwd
Step 4: Test your new config!
Since Postfix is not run as a daemon in the background at all the time, no restart of Postfix is needed. Just try to send a mail, either from your PHP application or on the command line and postfix will be invoked and will read it’s new config. That’s also the big pro of this solution: It’s independent of the how the mail is generated, all mails to remote targets will be handled by Postfix the same way.
Thanks
I’ve basically followed big parts of the howto posted by Anupam Sengupta. Thanks man!
BTW: His blog post does some more fancy things that I don’t need/want to use. But if you want to see how to rewrite addresses, just have a look at the blog post, it’s well explained in there.