HOWTO Set up Postfix to relay via a Sonic mailbox

Last update: 2016-09-26

Lots of Linux tools assume that your system can send e-mail: cron, mdadm, etc. Unfortunately setting up a system to send e-mail is a fair bit of work and making mail deliver reliably requires delving into the arcane world of SPF, DKIM, IP blacklists, and domain reputation. It's not really worth the trouble for individual hosts on a home network. Configuring your server to send e-mail via an external account is a simple solution to this problem.

These directions are intended for Debian/Ubuntu systems. They have been used successfully on Debian Jessie, Ubuntu 14.04, Ubuntu 15.10, and Ubuntu 16.04 systems. These directions are written with sudo, which isn't installed by default on Debian systems. On systems without sudo you can just run these commands as root without the sudo prefix.

  1. Create a new Sonic mailbox for the machine via the Member Tools page.

    I recommend using a separate mailbox for each machine so that it is easy to change the credentials in case the machine is compromised. Certainly don't use your main Sonic mailbox, as that is connected to your billing information! We'll be putting the credentials for this account in a file on your hard disk in plain text.

    Take down the username and password for later use.

  2. Install postfix as MTA:

    sudo aptitude install -y postfix
    

    Select "No Configuration" when prompted by debconf.

  3. Populate /etc/mailname with the FQDN of the host.

  4. Install main.cf as /etc/postfix/main.cf. Replace MYFQDN with the fully-qualified domain name of your machine (e.g., foo.bar.example.com). Replace MYLOCALNAME with the local part of the machine's hostname (e.g., foo).

  5. Since our system is (presumably) not accessible from the Internet, Sonic's mail servers may object to sender addresses created with its hostname (they'll bounce any mail with a sender domain they can't resolve). It's easiest to just clobber the sender address of every outgoing e-mail to match the account we're using as a relay. Create /etc/postfix/sender_canonical:

    /^.*$/ username@sonic.net
    
  6. Create the SASL password database. This is referenced in main.cf as the source of login credentials.

    Debian will conveniently have created an empty directory at /etc/postfix/sasl for us. First, configure its permissions appropriately:

    sudo chown root:postfix /etc/postfix/sasl
    sudo chmod 0750 /etc/postfix/sasl
    

    Now create /etc/postfix/sasl/passwd:

    mail.sonic.net USERNAME:PASSWORD
    

    Replace USERNAME and PASSWORD with the appropriate values, of course.

    And compile it into a hash file:

    sudo postmap /etc/postfix/sasl/passwd
    
  7. Restart postfix:

    sudo service postfix restart
    
  8. Test by sending an e-mail:

    sendmail your-username@domain
    To: your-username@domain
    From: username@sonic.net
    Subject: Test e-mail
    
    Test!
    

    (Press Ctrl-D to send EOF.)

  9. Set up /etc/aliases:

    # See man 5 aliases for format
    postmaster:    root
    root:          YOURUSER
    YOURUSER:      youremail@youremaildomain.example
    

    Run newaliases to tell postfix about the changes.

For More Information

  • By default, postfix logs to /var/log/syslog
  • man 5 postconf