Installing Postfix Relay Host for Local Network on SmartMachines
March 17, 2015. 703 words.
Installing Postfix on a SmartMachine is trivial as long as you do not defer far from the usual ;-)
Problem
Hardware and appliances usually come with reporting facilities which enable the hardware admin to send status reports via email. Actually, using hardware status reports usually is a good idea. “Ay, shit, I need to buy new toner again” is usually better do bear than “Shit, the toner is spent and I need to print $IMPORTANTTHING”.
Solution
Install SMTP-mail server to accept mail from local network only and forward via your ISP’s SMTP-server to arbitrary addresses.
Discussion
On Joyent’s SmartOS SmartOS. open source hypervisor, virtual machines are easily installed using vmadm vmadm(1M). . Opinions differ on whether it manually crafting JSONs counts as easy, for those who disagree there is always “Project Fifo” Project FiFo. .
Provisioning a SmartMachine to host SMTP email services is quickly done.
Timing
Installing the mailer host turned out to be accomplished in 5 min IT-time. IT-time is derived by taking the estimate (5 min), doubling that (10 min) and rounding that up to the next order of unit (10 hours). My mistake was not to put the FQDN into /etc/nodename. Finding out was non-trivial because the issue would look like a failed alias lookup in /var/log/maillog.
Installation
In order for SASL to work, it es necessary to install the binaries for SASL transactions on the newly provisioned SmartMachine.
[admin@mail:~]$ pfexec pkgin in \
cy2-anonymous-2.1.26 \
cy2-login-2.1.26 \
cy2-plain-2.1.26 \
cyrus-sasl-2.1.26nb4 \
cyrus-saslauthd-2.1.26nb3
Should you have elected to use minimal-64-lts, it is necessary to install Postfix first.
[admin@mail:~]$ pfexec pkgin in postfix
Postfix Configuration
Anyhow, factually, the Postfix configuration needs only sparse alterations, which I borrowed in parts from someone call drscream ~drscream. .
For /opt/local/etc/postfix/main.cf set
command_directory = /opt/local/sbin
config_directory = /opt/local/etc/postfix
daemon_directory = /opt/local/libexec/postfix
data_directory = /var/db/postfix
html_directory = no
manpage_directory = /opt/local/man
queue_directory = /var/spool/postfix
readme_directory = /opt/local/share/doc/postfix
sample_directory = /opt/local/share/examples/postfix
mailq_path = /opt/local/bin/mailq
newaliases_path = /opt/local/bin/newaliases
sendmail_path = /opt/local/sbin/sendmail
alias_database = dbm:/opt/local/etc/postfix/aliases
alias_maps = dbm:/opt/local/etc/postfix/aliases
mail_owner = postfix
setgid_group = maildrop
inet_interfaces = $privateip, 127.0.0.1
inet_protocols = ipv4
mynetworks = $privatenet/24, 127.0.0.0/8,
mynetworks_style = host
unknown_local_recipient_reject_code = 550
relayhost = mailer.isp.tld:25
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = dbm:/opt/local/etc/postfix/relay_passwords
smtp_sasl_security_options = noanonymous
smtp_sasl_type = cyrus
smtp_use_tls = yes
In addition, it is necessary to include a relay-mapping in /opt/local/etc/postfix/relay_passwords
mail.isp.tld <mailuser:mailpasswd>
It is then possible to define an alias in /opt/local/etc/postfix/aliases:
hardware-admin: <email@isp.tld>
In this configuration, you can send mail in your LAN to hardware-admin@<mailer>, which will be relayed to public email addresses using your ISP’s mailer.
Comparison
As an aside, I have compared both minimal-64 and base-64 for memory usage, as I am kind of sparse in my personal setup. They differ, but not significantly, though. prstat prstat(1M). gave me about 45 and 65 MB resident memory for the zones respectively. I had hoped for more, but I believe due to ZFS memory semantics, that may add up when provisioning more than a handful.