TD:LR:
1- fuck you members who saw my post and refused to help
2- you can use SMTP relays like dynu service (easy to do but they keep logs)
3- you can be your own SMTP relay service using VPS and postfix (hard to setup but worth it)

  • You need a trusted VPS ( i use vlutr)
  • You need to open port 25 within that VPS
  • You need to setup postfix as send only
  • You need to setup SASL to not be an open relay

I’m by all means not an expert in emails or network in fact i keep learning about them daily but i have leanred a lot and i wanted to share it among others (even tho i got negative replies from here and i did not get help except from 2 on my first post and this is was it. So yes even tho -almost- i did not get help here, i will help new members because fuck you old ones who saw my post and knew the info but did not want to help)

Intro:
So now my problem was with my ISP is blocking port 25 (SMTP) and has no option to open it (no plans or addons) so i had nothing to do, now what i can do is use online SMTP relay service but my problem with it is they keep logs on emails (it’s just how it works) you can’t avoid that and if you think about it, it defeats the idea of self-hosting and that you own your data. so i wanted to get it higher in level and i wanted to be my own relay now here i found problem is that it’s not so common so i struggled onlin until i found a guide so now i had to pick up good VPS provider who is trusted and allow ports such as 25, So while you are searching on VPS, pick up trusted one and that can open SMTP port for you. I used to be a luke smith viewer so i know about vultr and i wanted to give a shot so i contacted them and they asked why i want it and how many i will send per day so i said it’s personal and probably one or two at max as i’m not active email user. Now my strugle was within setting up postfix to use it as smtp relay…

STEPS:

  • I will assume you already have mailcow running healthy and i will just explain SMTP part
  • All you need for this step is setting up postfix and a note is that do not change network interface, keep it open for all not loopback (because you will use it outside your network as relay)
  • And you need to setup SMTP or SASL so to speak to avoid being an open relay
  • make sure your postfix is running in chroot
  • make sure all ports are opened for SMTP to connect to it from mailcow as relay later (simple telnet command would help)
  • after you done, go to mailcow UI admin page and click on routing then add relay info as:
  • HOST: the host you configured during setup along side IP address (as we added in postfix master.cf)
  • username: username you added while you setting up SASL with command line so it will be something like username@host.name
  • password: will be same password you added while you setting up SASL with command line too!

LINKS:

TIPS and TRICKS i have found:

  • in postfix do not change network interface to loopback as we need to access postfix outside the network, loopback will make it local only
  • while setting up sasl make sure postfix is running in chroot, check it by opening master.cf file and replace line:
    smtp inet n - n - - smtpd to smtp inet n - - - - smtpd
    and make sure you changed SMTP port (As it’s defualt to 25 and our ISP is blocking it so create new line of smtp and change it to be(587 is our port, change as needed):
    587 inet n - - - - smtpd and restart postfix

This was my try with postfix and the tricks i had to solve but if you found different errors you can post them and i will try to help and heck! let’s make a big wiki page in mailcow for it. Also if you will use vultr too you might use my link and get some free credits: https://www.vultr.com/?ref=9020605-8H

(also count it as thanks for my guide)


If you still want to use other services like dynu (fuck you) it’s easy just go to thier outbound smtp relay service page from their email tab then buy it and you will get info just copy and paste inside mailcow smtp relay (the hostname, username and password) so it’s easy to setup and you really don’t need a guide

5 days later

A note: if you are getting error: 0: NO "authentication failed"
make sure you have changed that line from: MECHANISMS="pam" to MECHANISMS="sasldb" in /etc/default/saslauthd then restart saslauthd (via systemctl of course!)

    Have something to say?

    Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

    esmailelbob sorry guys i meant /etc/default/saslauthd-postfix not /etc/default/saslauthd


    Also when you are about to paste contents in: /etc/postfix/sasl/smtpd.conf
    paste from https://serverfault.com/questions/547282/postfix-how-to-use-simple-file-for-sasl-authentication/547851#547851

    not from debian wiki

    8 months later

    mailcow ip 23.45.67.89
    main.cf
    relayhost = [123.222.444.200]:1225

    Smarthost.VPS ip 123.222.444.200
    add-iptables
    iptables -A INPUT -s 23.45.67.89 -i eth2 -p tcp -m tcp –dport 1225 -j ACCEPT

    add - master.cf
    1225 inet n - y - 5 smtpd

    add - main.cf
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 23.45.67.89

    postfix reload

    Happy

    :-)

    2 years later

    Brother i am stuck i will share my logs with you i am using vultr but they dont want to ublock port 25
    Im using Brevo for relay previously known as SendinBlue.

    Apr 25 12:48:47 website postfix/smtp[46494]: 7ED 271DA9: to=emailteam@gmail.com, relay=smtp-relay .brevo.com IP:587, delay-2287, delays=2286 10.02/0.77/0, dsn=4.7.8, status=deferred (SASL authe ntication failed; server smtp-relay.brevo.com/IP.] said: 535 5.7.8 Authentication failed)

    Ive tried some basic trouble shooting , how to know if isp is blocking port 25 and does it matter if i am already relaying through an online provider,

    Ive tried some basic trouble shooting , how to know if isp is blocking port 25 and does it matter if i am already relaying through an online provider,

      AlchemyofBliss server smtp-relay.brevo.com/IP.] said: 535 5.7.8 Authentication failed

      This error message is pretty obvious… you somehow need to authenticate to brevo

      2 months later

      I am probably misunderstanding what it means to run postfix as send only, but don’t we want postfix to also receive emails for us? If port 25 is blocked on our network, when we send an email from our self hosted server to our SMTP relay VPS (on port 26 for example), does postfix not need to receive that email? Therefore send only wouldn’t work? I don’t think I’m fully understanding how the SMTP relay works and would like some further clarification.

      a month later

      Hey there an thank you @esmailelbob for this guide.
      I’m in the same situation as you were: my ISP filters port 25, but allowed me to use its smtp relay with my mailcow server for a couple of years. Now they don’t anymore without any notice of course, so I have to setup my own relay on a vps.

      I rent a Ionos VPS, and got the port 25 opened, got successfully configured postfix, but I don’t get the sasl part. I don’t understand why we use saslauth and sasldb. In fact when I look to the stackExchnage post:
      "Configure SASL
      Configure SASL to use sasldb by editing /etc/sasl2/smtpd.conf:"
      I don’t have any /etc/sasl2/smtpd.conf file, and I’m not sure I have sasldb plugin installed (I’m on ubuntu 24.04). Do you have any clue on how to install it ?
      Also, does the relay needs its own spf/dkim or does the mailcow mail server DNS zone spf dkim records are enough ? Same, does the relay needs encryption ? Or can I just rely on the encryption of the mailcow mail server ?
      Any help will do 🙂

      OK, I finally managed to get it working. I just needed to try harder. Thanks for this useful guide.

      I was struggling to get this to work using postfix but found an alternative in case anyone else has issues. I setup a postalserver on the VPS and was able to use the postal server to send and receive emails. It then forwards incoming messages to my mailcow instance hosted at home. It all runs in docker so it is much easier to setup.

      Postal only uses port 25, so to allow my mailcow instance to connect over a different port I used firewall-cmd (or your could use iptables) to route incoming port 26 to port 25.

      I screwed up my DNS settings trying to setup a backup postalserver on a different VPS, but was able to get everything working with the one no problem.

      GitHub Icon postalserver/postal


      Postal - the open source mail delivery platform Icon Feature List - Postal - the open source mail delivery platform
      Postal - the open source mail delivery platform Icon Postal - the open source mail delivery platform
      Feature List - Postal - the open source mail delivery platform
      This is a list of features (in no real particular order) of things that Postal can do.
      Postal - the open source mail delivery platform

      20 days later

      Well I don’t know what I am doing wrong but I haven’t been able to get mailcow to receive mail using one Postal server ever since trying to setup the backup one. This is the error mailcow keeps giving me.

      0BE6E441EE38: to=<lkbcld@rp.smtp.mydomain.com>, relay=smtp.mydomain.com[162.XXX.XXX.XX]:26, delay=0.81, 
      delays=0/0/0.53/0.27, dsn=5.0.0, 
      status=bounced (host smtp.mydomain.com[162.XXX.XXX.XX] said: 530 From/Sender name is not valid (in reply to end of DATA 
      command))

      I may start a new thread about this, but I think it is relevant to what the original poster’s goals were.

      No one is typing