Friday, May 28, 2010

outbound smtp on osx leopard, enabling postfix for mail blasting

if you have a mac lying around and not being used, it can be setup fairly easily to be an smtp email server

this could come in handy for a company that doesn't have exchange, is using hosted email with relay limits such as godaddy and their 250 relays per day, and needs to regularly send a large number of emails out to clients as well as internal staff

we are going to use the built in postfix email server that is part of osx leopard, we will set it up so that the email server will look to the local osx user database, any user account setup on the osx box will be able to be used for sending email, so when you need a new email user just add a regular osx user instead of having to setup sasl lists

first thing we need to do is enable it, to do so navigate to:
/System/Library/LaunchDaemons/org.postfix.master.plist

let's open this file up and edit it, i prefer using the vi editor. right before the closing </dict> tag we need to add some parameters, these will enable postfix to start when the computer boots up, so add this line right before that tag:
<key>OnDemand</key> <false /> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/>

we can either use launchctl to start it up right now, or we can reboot, to use launchctl make sure you're root or sudo the command:
launchctl

once in the launchctl prompt do:
start org.postfix.master

after this, let's check netstat:
netstat -a | grep smtp

we should then see localhost listening for smtp connections, like this:
tcp4 0 0 localhost.smtp *.* LISTEN

next we need to make changes to /etc/postfix/main.cf:
smtpd_sasl_auth_enable=yes
smtpd_use_pw_server=yes
enable_server_options=yes
smtpd_pw_server_security_options=plain, login
smtpd_sasl_security_options=noanonymous
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_auth_destination, reject
broken_sasl_auth_clients=yes
mynetworks = 192.168.240.0/21


lastly we will want to tell postfix which networks to accept mail from, for my purposes i only want to accept mail from machines in our local subnet, there is an option called mynetworks_style that has a choice of subnet that should be acceptable for most people's uses, since the box i am setting up will be multihomed with 1 of the ips being public, i don't want to use that option for obvious reasons, instead of the mynetworks_style option i will use the mynetworks option like this:
mynetworks = 192.168.240.0/21

i am in a cidr network, most folks won't be, if we were in a standard class c network it'd look something like this:
mynetworks = 192.168.240.0/24

last thing here, the default file size is far too small for my purposes, i need to be able to send out at least 5 dvd's worth of date, 5 * 4.7gb = 23.5gb, just kidding! seriously if we can send out 20mb then i'm happy and my users will be too (keep in mind, it isn't uncommon to run across a system you are sending to that has a 10mb file size limit!), so we'll open up our main.cf and change the parameter named message_size_limit, like this:
message_size_limit = 20480000

after this, restart the server or restart postfix, as root you can do this to restart postfix:
postfix reload

that should be it!

here are some handy commands for postfix

Reload launchctl after plist edit:
sudo launchctl load /System/Library/LaunchDaemons/org.postfix.master.plist

List active plist files:
launchctl list

Start up/test updated plist:
sudo launchctl start org.postfix.master

Send a test email:
mail name@domain.com

Check the mail queue:
mailq

Clear the mail queue:
sudo postsuper -d ALL

Editing the configuration file:
vi /etc/postfix/main.cf

Reloading postfix after changes:
sudo postfix reload

Starting and Stopping postfix:
sudo postfix stop
sudo postfix start

-----------------------
UPDATE - 01/03/2010 - i have noticed mac osx will sometimes overwrite values in /etc/postfix/main.cf

in particular the inet_interfaces value was changed on my installation. it was changed from all, to localhost, of course this made postfix only listen on localhost thus causing a connection error when clients attempted to mail through this system, changing inet_interfaces from localhost to all then rebooting is the simplest way to resolve this issue.