How to configure a Plesk server to send emails via an external SMTP provider like SendGrid?

Daniel Yordanov

Updated March 30, 2026 12:56

kb: how-to Plesk for Linux

Applicable to:

Plesk for Linux

Question

How to configure Postfix to send emails using SendGrid in Plesk?
How to configure sever-wide smarthost relaying of email to an external SMTP provider such as SendGrid?

Answer

Starting with Plesk Obsidian 18.0.64, server-wide sending of email via an external SMTP provider can be configured via the smarthost relaying option within the graphical interface of Plesk.

Warning: The configuration below is not compatible with the Plesk Email Security extension. Consider removing it before applying the changes below.

Smarthost (preferred solution)

1. Choose a reputable SMTP relay service (for example, SendGrid, Mailgun, Mailjet, Amazon SAS or any other) and create an account there.

2. Log into Plesk

3. Go to Tools & Settings > Mail > Smarthost

4. Check the Send users’ mail via a smarthost box.

Note: If you configure sending mail via a smarthost, you need to manually update the SPF and other related DNS records in the DNS template and in the DNS zones of existing domains. This is necessary to prevent verification errors for mail sent through the smarthost.

5. Fill in the Smarthost configuration details after obtaining them from your external external SMTP provider.

6. Press OK

More details are available on the following page of the Plesk Obsidian documentation:

Configuring a Smarthost or Relayhost

Manual Solution (old method)

Connect to the server via SSH.
Define which MTA is installed on the server and switch to Postfix if necessary.
Create a backup of the original /etc/postfix/main.cf configuration file and open it with a text editor:

# cp -a /etc/postfix/main.cf{,.original}
# vi /etc/postfix/main.cf
Modify the following:
- Add the SendGrid SMTP service as relayhost to the /etc/postfix/main.cf configuration file:
  
  CONFIG_TEXT: relayhost = [smtp.sendgrid.net]:2525
  
  Note: That port 2525 is used because the outbound connections on ports 25, 587 are not allowed on Google Compute Engine.
- Add the following lines at the end of the file:
  
  CONFIG_TEXT: smtp_tls_security_level = encrypt
  smtp_sasl_auth_enable = yes
  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
  header_size_limit = 4096000
  smtp_sasl_security_options = noanonymous
  smtp_sasl_tls_security_options = noanonymous
Additional step for Google Cloud instances

Check if the following parameters exist and if so, comment them out by adding a hashtag sign in the beginning of the line:

default_transport = error
relay_transport = error

Commented out directives

#default_transport = error
#relay_transport = error

After the parameters are set, make sure that there are no duplicate directives that can break the configuration:

# cat /etc/postfix/main.cf | grep -E "relayhost|smtp_sasl_auth_enable|smtp_sasl_password_maps|smtp_sasl_security_options|smtp_sasl_tls_security_options|smtp_tls_security_level|header_size_limit"

Comment out/remove duplicate directives if there are some.
Generate the SASL password map using the API key from the SendGrid panel:

Note: Replace <your_SendGrid_API_Key_value> in the command below with the real API Key value:

# echo [smtp.sendgrid.net]:2525 apikey:<your_SendGrid_API_Key_value> >> /etc/postfix/sasl_passwd
Use the postmap utility to generate a .db file:

# postmap /etc/postfix/sasl_passwd
Verify that the .db file has been created:

# ls -l /etc/postfix/sasl_passwd*
-rw------- 1 root root ... /etc/postfix/sasl_passwd
-rw------- 1 root root ... /etc/postfix/sasl_passwd.db
Set proper permissions on the .db file:

# chmod 600 /etc/postfix/sasl_passwd.db
Remove the file containing SendGrid API Key as it is no longer needed:

# rm /etc/postfix/sasl_passwd
Reload Postfix service to apply changes:

# service postfix restart