Email is messy 🙁 It's often useful to have programs send emailsFor example, my backup program sends out an email every time it runs., so rather than forcing everyone to deal with the messiness themselves, it's often easier to set up an email relay. This is a program that runs on the gateway and accepts email from computers on the internal network, then forwards them on to the real recipients on the internet.
Unfortunately, if we just send out the email ourself, there is virtually no chance of it reaching its destination, since most mail servers will not accept email from other servers unless they meet some stringent requirementsThis is in order to prevent spam.. So, the best way for our relay to forward emails is to forward them on again to another email server, one that is known to be acceptable to the internet at large, and have it send the email to the real recipient.
Installing and configuring the mail server
A popular mail server is exim4, and installing it is easy:
sudo apt-get install exim4
EditAlternatively, you can run sudo dpkg-reconfigure exim4-config for a sorta GUI. /etc/exim4/update-exim4.conf.conf and set the following options:
- dc_eximconfig_configtype = 'satellite'Set this to 'smarthost' if you would like to be able to receive email as well.
- dc_other_hostnames = ''
- dc_local_interfaces = '10.0.0.1'This is the network interface the mail server should listen on.
- dc_readhost = 'gateway'This is the name of the gateway server.
- dc_smarthost = 'myserver.com'This is the computer we want to forward emails to. If it listens on a non-standard port, include it here using a double-colon e.g. myserver.com::26.
- dc_hide_mailname = 'true'
- dc_relay_nets = '10.0.0.0/24'This restricts who we will relay emails for i.e. anyone with an IP address of 10.0.0.XXX.
Edit /etc/mailname and put in the host name of the gateway machine.
Your email server will almost certainly require authentication, so edit /etc/exim4/passwd.client and set the login details there e.g.
Finally, edit /etc/email-addresses and set the email addresses you want to use when sending emails from each user account e.g.
taka: email@example.com root: firstname.lastname@example.org
This means that if I send an email when logged on as taka, it will appear to have come from email@example.com, or firstname.lastname@example.org if I am logged on as root.
Now everything has been configured, we can install the new settings and restart the server:
sudo update-exim4.conf sudo /etc/init.d/exim4 restart
Testing the email relay
Open a new console window and monitor the exim4 log file:
sudo tail -f /var/log/exim4/mainlog
Back in the original console, install the command-line email program and send a test email:
sudo apt-get install mailutils echo body | mail -s "relay test" email@example.com
In the exim4 log, you should see it receive the email, forward it on, and a few seconds later, hopefully receive it at the final email address.
A warning about relaying email
We have configured our relay to not require any login, so we need to be very careful about restricting access to it - spammers just love it when they find an open email relay 🙁 Above, we configured dc_relay_nets so that we only relay emails from computers on our internal network, and you should also control access via the firewall, so the only danger is if one your computers in your internal network gets compromised, since it will be able to send out emails without restriction. Keep an eye on your logs!
|« Setting up OpenVPN||Tutorial index||Setting up a firewall »|
[ + ]
|1.||↵||For example, my backup program sends out an email every time it runs.|
|2.||↵||This is in order to prevent spam.|
|3.||↵||Alternatively, you can run sudo dpkg-reconfigure exim4-config for a sorta GUI.|
|4.||↵||Set this to 'smarthost' if you would like to be able to receive email as well.|
|5.||↵||This is the network interface the mail server should listen on.|
|6.||↵||This is the name of the gateway server.|
|7.||↵||This is the computer we want to forward emails to. If it listens on a non-standard port, include it here using a double-colon e.g. myserver.com::26.|
|8.||↵||This restricts who we will relay emails for i.e. anyone with an IP address of 10.0.0.XXX.|