diff --git a/setup/mail-postfix.sh b/setup/mail-postfix.sh index 5787e8c9..35d611f2 100755 --- a/setup/mail-postfix.sh +++ b/setup/mail-postfix.sh @@ -296,6 +296,24 @@ ufw_allow smtp ufw_allow smtps ufw_allow submission +# Configure SMTP Relay + +if [[ -n "${SMTP_RELAY_ENDPOINT:-}" && -n "${SMTP_RELAY_PORT:-}" && \ + -n "${SMTP_RELAY_USER:-}" && -n "${SMTP_RELAY_PASSWORD:-}" ]]; then + postconf -e "relayhost = [$SMTP_RELAY_ENDPOINT]:$SMTP_RELAY_PORT" \ + "smtp_sasl_auth_enable = yes" \ + "smtp_sasl_security_options = noanonymous" \ + "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" \ + "smtp_use_tls = yes" \ + "smtp_tls_security_level = encrypt" \ + "smtp_tls_note_starttls_offer = yes" + echo "[$SMTP_RELAY_ENDPOINT]:$SMTP_RELAY_PORT $SMTP_RELAY_USER:$SMTP_RELAY_PASSWORD" >> /etc/postfix/sasl_passwd + postmap hash:/etc/postfix/sasl_passwd + chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db + chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db + postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt' +fi + # Restart services restart_service postfix