How to set up Postfix on Debian to use a mailhoster with SMTP

Tags: Postfix, Mailhoster, Linux, SMTP
Last update: Jul 2022

Tested with: Debian 10.

Note: Seems to stop working on Debian 11.

First we need to install packages:

sudo apt-get install postfix libsasl2-modules sasl2-bin libsasl2-2

If it’s not opening up automatically you can configure Postfix with “sudo dpkg-reconfigure postfix”.
Confige Postfix by choosing:

• satellite system
• system mail name = your-computername
• smtp relay host = [your-mailhost]:port
• root mail recipient = empty
• other destinations = leave default
• yes
• local networds = leave default
• procmail = yes
• mailbox size limit = 0
• local address extension = +
• internet protocols to use = all

Edit Postfix config file:

sudo nano /etc/postfix/main.cf

and add the following:

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noplaintext noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_tls_wrappermode = yes
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
sender_canonical_maps = hash:/etc/postfix/sender_canonical

In the end your main.cf should look like:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
myhostname=hostname.your.domain
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = hostname.your.domain, localhost.your.domain, localhost
relayhost = [your-mailhost.com]:465
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
recipient_delimiter = +
compatibility_level = 2
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
inet_protocols = all

# custom settings for using a mailhoster
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noplaintext noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_tls_wrappermode = yes
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
sender_canonical_maps = hash:/etc/postfix/sender_canonical

Providing authentication details by editing this file:

sudo nano /etc/postfix/sasl_password

and adding:

[yourmailhost.com]:465 username:password

Secure the file and generate a database for it:

sudo chmod 600 /etc/postfix/sasl_password
sudo postmap hash:/etc/postfix/sasl_password

Let’s create a file to specify our sender addresses:

sudo nano /etc/postfix/sender_canonical

Fill it with all users who will be sending mails:

root yourmail@host.com
anotheruser yourmail@host.com

And process it:

sudo postmap /etc/postfix/sender_canonical

Restart Postfix and send yourself a test mail:

sudo service postfix restart
echo "test" | mailx -s "test" destination@mail.com

You can also send a mail with attachment using mpack:

mpack -d yourmessagebody.txt -s "subject" file destination@mail.com

Troubleshooting

In case something goes wrong you might find these command helpful:

# show the mail log and follow
tail -f /var/log/mail.log

# list all mails which are in the queue
postqueue -p

# flush all mails
postsuper -d ALL

Sources

• https://wiki.ubuntuusers.de/Postfix/
• https://www.caretech.io/2018/10/06/how-to-use-proxmox-mail-gateway-with-an-authenticated-smarthost/
• https://www.ratatouille90.com/2019/07/configure-postfix-with-gmail-and-google-apps-on-debian-or-ubuntu/
• https://forum.proxmox.com/threads/proxmox-setup-for-gmail.13405/
• https://tecadmin.net/flush-postfix-mail-queue/
• https://ashraflinux.wordpress.com/useful-postfix-commands-to-troubleshooting-postfix-issue/

Change history

• Dec 2018: initial post based on raspbian
• Feb 2021: adding packages and fixing various mailhost settings
• Jul 2022: adding note; doesn’t work on Debian 11