Ubuntu PHP / Postfix Virtual Hosting Multiple Relay Host via Gmail

Date: Mar 18 2013

LAMP server vertial host Postfix relayhost map

When dealing with virtual hosting with a PHP lamp server the old way of just sending email via Sendmail right from your server can lead to bad things down the road spam-wise resulting in people not getting key emails from your LAMP hosted applications. I knew how I wanted to do it but did not know the technical way to make it happen. All of my domains email is hosted with google apps so I wanted to have each domain send all mail from my server to gmail smtp server (authenticated). However there are 5 domains all with their own username and passwords hosted at gmail. Here is how I accomplished it…

This how-to is geared toward Ubuntu 12.10 because that is what we are using. Minus the package install commands this should work on any distro. It also assumes you have a fully functioning LAMP environment.

Install Postfix (if you don’t already have it instal)

sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules​

I chose the “mail relay option” and entered smtp.gmail.com however this doesn’t to much matter because we will be change the config.

After everything is installed let configure postfix to use the sender_dependent_relayhost_maps directive. Which means we are mapping each user or domain “from” that goes through postfix to use a specific relay map we define.

sudo nano /etc/postfix/main.cf

note: some of these lines will no be present and some will need replaced so pay attention

mydestination = localhost
 #Default Relay Host if not Found in relayhost_map
 relayhost = [smtp.gmail.com]:587
 smtp_use_tls = yes
 smtp_sasl_auth_enable = yes
 #Per user or domain auth map
 smtp_sender_dependent_authentication = yes
 sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
 #SMTP login info file
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 smtp_sasl_security_options = noanonymous
 # list of CAs to trust when verifying server certificate
 smtp_tls_CAfile = /etc/postfix/cacert.pem
 # eliminates default security options which are imcompatible with gmail
 smtp_sasl_security_options =
 #SMTP Debug

Validating the certificate for postfix SMTP connection

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem​

Setting up the relayhost_map for each of our domains

nano /etc/postfix/relayhost_map

Per Domain wildcard – covers any from address coming from specified domain

@mydomain1.com [smtp.gmail.com]:587
@mydomain2.com [smtp.gmail.com]:587

Setup sasl_passwd file for each domain. This file contains the username and passwords for your gmail accounts that you want each domain to send from.

nano /etc/postfix/sasl_passwd
# Per-sender authentication
@domain1.com user@domain1.com:xxxxx
@domain2.com user@domain2.com:xxxxx
# Login for the default relayhost - Default SMTP - recommended
[smtp.gmail.com]:587    user@domain1.com:xxxxx

Convert your files to postmap hash db

postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/relayhost_map

Secure your password so they can not be view by anyone other than root

sudo chown root:root /etc/postfix/sasl_passwd
sudo chmod 600 /etc/postfix/sasl_passwd

Forcing PHP mail function to send from one email address

At this point postfix is configured but before we reload the new config we have to force each virtual host in apache to have the php mail command send outbound mail from one specific account so that postfix relayhost_map catches it.
Pick one of your apache hosted virtual hosts confs located in: /etc/apache2/sites-available/ and add the following line in your VirtualHost section

php_admin_value sendmail_path “/usr/sbin/sendmail -fuser@domain1.com -t -i”
A basic virtual host would look something like this:

        ServerName domain1.com
        ServerAdmin info@domain1.com
        DocumentRoot /home/user1/public_html
        php_admin_value sendmail_path "/usr/sbin/sendmail -fuser@domain1.com -t -i"

                AllowOverride All

Follow this for all your domains you want to use the postfix relayhost_map anyone’s that you do not force, will use the default SMTP account to send you setup in sasl_passwd.

Everything is all finished up and you can restart / reload postfix and restart apache.

/etc/init.d/postfix restart
/etc/init.d/apache2 restart

Testing PHP Mail command and Log watching

Make sure you test your php scripts to ensure they are working and forwarding to gmail correctly. Watch your mail.log to see what postfix is doing when you run your mail test

sudo tail -f /var/log/mail.log

When you use your mail command you should see a line similar to this with your specific information and user accounts.

Mar 18 09:40:46 myhostname postfix/qmgr[10316]: 7D9961200CC: from=, size=2198, nrcpt=1 (queue active)
Mar 18 09:40:48 myhostname postfix/smtp[10322]: 7D9961200CC: to=, relay=smtp.gmail.com[]:587, delay=1.9, delays=0.12/0.06/0.61/1.1, dsn=2.0.0, status=sent (250 2.0.0 OK 1363614106 px9sm9523394igc.0 - gsmtp)
Be Sociable, Share!

facebook comments:

Leave a Reply