Applicable to:
- Plesk for Linux
Question
- How to configure Postfix in Plesk to relay all emails to Amazon SES?
- Can I configure Postfix in Plesk to relay all emails to Amazon SES automatically?
Answer
In general, the setup steps that would be necessary are the following:
Warning: The steps below describe how to configure integration with a 3rd-party service that is not officially supported by Plesk and should be performed only at your own will and risk. Alternatively, consider this task to be handled by the Plesk Professional Services team on your behalf by submitting an official request.
Note: The configuration below is not compatible with the Plesk Email Security extension. Consider removing it before applying the changes below.
1. Connect to the server via SSH as the root user
2. Define which MTA is installed on the server and switch to Postfix
3. Create a backup of the original /etc/postfix/main.cf
configuration file by executing this command:
# cp -a /etc/postfix/main.cf{,.original}
4. Open the /etc/postfix/main.cf
file with your favorite command-line text editor
5. Make the following modifications in the /etc/postfix/main.cf
file:
5.1 Add the Amazon SES SMTP service as relayhost to the /etc/postfix/main.cf
configuration file (specific name of the SMTP endpoint depends on the location of your Amazon SES server and can be obtained on the end of AWS):
CONFIG_TEXT: relayhost = [replace_with_your_smtp_endpoint.amazonaws.com]:587
Note: Ports 465 and 587 are used for mail submissions towards the Amazon SES server, due to which you should make sure that they open for incoming and outgoing connections on the side of your Plesk server.
5.2 Make sure the following lines are present at the end of the /etc/postfix/main.cf
file (add them if they are not there):
CONFIG_TEXT: smtp_tls_security_level = encrypt
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_note_starttls_offer = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_use_tls = yes
header_size_limit = 4096000
5.3 Save the changes to the /etc/postfix/main.cf
file
Warning: After the parameters are set, make sure that there are no duplicate directives that can break the configuration. You should comment out or remove duplicate directives if there are any.
6. Open the /etc/postfix/sasl_passwd
file with your favorite command-line text editor
7. Add the necessary Amazon SES SMTP user and password (replace SMTP_USER
and PASSWORD_FOR_THE_USER
with the values provided by Amazon SES to that file (so that the configuration on the side of the Plesk server would be accurate) by following this example:
CONFIG_TEXT: [your_smtp_endpoint.amazonaws.com]:587 SMTP_USER:PASSWORD_FOR_THE_USER
8. Save the changes to the /etc/postfix/sasl_passwd
file
9. Use the postmap
utility to generate a new database sasl_passwd.db
file:
# postmap /etc/postfix/sasl_passwd.db
10. Verify that the .db file has been created:
# ls -l /etc/postfix/sasl_passwd*
-rw------- 1 root root ... /etc/postfix/sasl_passwd
-rw------- 1 root root ... /etc/postfix/sasl_passwd.db
11. Set proper permissions on both sasl_passwd
and the newly created sasl_passwd.db
file:
# chmod 600 /etc/postfix/sasl_passwd
# chmod 600 /etc/postfix/sasl_passwd.db
12. Reload the Postfix service to apply changes:
# systemctl restart postfix
13. Send a test mail to check if the postfix works properly with Amazon SES by executing this command:
# echo "This is a test email." \
| mail -r example@frommail.com-s 'AWS SES test' example@tomail.com
You can then trace this email in the mail log at (most commonly at /var/log/maillog
)
Comments
1 comment
This tutorial has a couple of errors
Step 7, should be
SMTP_HOST SMTP_USERNAME:SMTP_PASSWORD
Step 9, Instead of "postmap /etc/postfix/sasl_passwd.db" should be "postmap /etc/postfix/sasl_passwd"
Please sign in to leave a comment.