I have LAN VM's which are blocked from WAN access but I want to be able to receive e-mail notifications from them. I setup a WAN facing PostFix server and configured it to be able to send e-mails via my original post on setting up PostFix. But, I had some issues when setting up the VM's to utilize the PostFix relay server which I will cover in this post.
First do the above (get WAN facing PostFix VM Server up and running and able to send e-mails) by following this post → PostFix - Ubuntu - CentOS.
Now you'll need to make two adjustments to enable postfix to allow e-mails from your LAN and to enable it to listen on the "submission" port.
Allow e-mails from your LAN: (Add your network to "mynetworks" in main.cf)
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24
Enable PostFix to listen on the "submission" port: (Uncomment "submission" in master.cf)
submission inet n - y - - smtpd
Testing:
From Postfix Server:
root@smtp:~# netstat -tlanp | grep 587 tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 2301/master tcp6 0 0 :::587 :::* LISTEN 2301/master
From Remote Server:
telnet smtp.domain.com 587
Note: To exit Telnet use "CTRL + ]" and then type "Close"
Setting Up PostFix on LAN side to utilize "PostFix Relay VM":
#!/bin/bash DOMAIN=domain.com forwardemail=domain@gmail.com cat << 'EOL' >/etc/postfix/main.cf # #PostFixConfig ##Modify Below [HOSTNAME] & [DOMAIN]## ###################################### myhostname = [HOSTNAME] mydomain = [DOMAIN] relayhost = smtp.$mydomain biff = no append_dot_mydomain = no readme_directory = no smtpd_banner = $myhostname ESMTP $mail_name smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtp_header_checks = regexp:/etc/postfix/header_checks alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases canonical_maps = hash:/etc/postfix/canonical myorigin = $mydomain mydestination = $myhostname $myhostname.$mydomain localhost mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only inet_protocols = all EOL cat << EOL >/etc/aliases postmaster: root root: $forwardemail trash: /tmp/mail.trash EOL newaliases cat << EOL >/etc/postfix/header_checks /^From:[[:space:]]+(.*)/ REPLACE From: "$HOSTNAME" <$forwardemail > EOL postmap /etc/postfix/header_checks cat << EOL >/etc/postfix/canonical root $forwardemail EOL postmap /etc/postfix/canonical chown root:root /etc/postfix/ -R && service postfix restart echo "PostFix Setup For $HOSTNAME" | mail -s "PostFix has forwarded roots e-mail on $HOSTNAME to this e-mail" root echo "" echo "Main.CF" cat /etc/postfix/main.cf echo "" echo "header_checks" cat /etc/postfix/header_checks echo "" echo "Aliases" cat /etc/aliases echo "" echo "Canonical" cat /etc/postfix/canonical echo "" echo "MailName" cat /etc/mailname echo "" echo "MailLog" tail /var/log/maillog tail /var/log/mail.log