I have LAN VM's which are blocked from WAN access but I want to be able to receive e-mail notifications from them. I setup a WAN facing PostFix server and configured it to be able to send e-mails via my original post on setting up PostFix. But, I had some issues when setting up the VM's to utilize the PostFix relay server which I will cover in this post.
First do the above (get WAN facing PostFix VM Server up and running and able to send e-mails) by following this post → PostFix - Ubuntu - CentOS.
Now you'll need to make two adjustments to enable postfix to allow e-mails from your LAN and to enable it to listen on the "submission" port.
Allow e-mails from your LAN: (Add your network to "mynetworks" in main.cf)
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24
Enable PostFix to listen on the "submission" port: (Uncomment "submission" in master.cf)
submission inet n - y - - smtpd
Testing:
From Postfix Server:
root@smtp:~# netstat -tlanp | grep 587 tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 2301/master tcp6 0 0 :::587 :::* LISTEN 2301/master
From Remote Server:
telnet smtp.domain.com 587
Note: To exit Telnet use "CTRL + ]" and then type "Close"
Setting Up PostFix on LAN side to utilize "PostFix Relay VM":
#!/bin/bash
DOMAIN=domain.com
forwardemail=domain@gmail.com
cat << 'EOL' >/etc/postfix/main.cf
#
#PostFixConfig
##Modify Below [HOSTNAME] & [DOMAIN]##
######################################
myhostname = [HOSTNAME]
mydomain = [DOMAIN]
relayhost = smtp.$mydomain
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtp_header_checks = regexp:/etc/postfix/header_checks
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
myorigin = $mydomain
mydestination = $myhostname $myhostname.$mydomain localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = all
EOL
cat << EOL >/etc/aliases
postmaster: root
root: $forwardemail
trash: /tmp/mail.trash
EOL
newaliases
cat << EOL >/etc/postfix/header_checks
/^From:[[:space:]]+(.*)/ REPLACE From: "$HOSTNAME" <$forwardemail >
EOL
postmap /etc/postfix/header_checks
cat << EOL >/etc/postfix/canonical
root $forwardemail
EOL
postmap /etc/postfix/canonical
chown root:root /etc/postfix/ -R && service postfix restart
echo "PostFix Setup For $HOSTNAME" | mail -s "PostFix has forwarded roots e-mail on $HOSTNAME to this e-mail" root
echo ""
echo "Main.CF"
cat /etc/postfix/main.cf
echo ""
echo "header_checks"
cat /etc/postfix/header_checks
echo ""
echo "Aliases"
cat /etc/aliases
echo ""
echo "Canonical"
cat /etc/postfix/canonical
echo ""
echo "MailName"
cat /etc/mailname
echo ""
echo "MailLog"
tail /var/log/maillog
tail /var/log/mail.log