LAN device to SMTP Relay - without direct internet exposure

lewiss

New Member
Joined
Jan 20, 2020
Messages
13
Reaction score
5
Credits
50
Hi all,

I've got some devices on my LAN that I have blocked access to the Internet, but would like to let them send emails via Gmail or another email service

I've spent hours faffing with Postfix and EXIM4, but have not managed to get anything working.
I got closest with EXIM4, but it was complaining as it was unable to resolve my domain name. ( I do have a domain, but I do not want to expose my server to the internet directly for this purpose and it's already being served by a mail server)

I am looking for a solution that will:
  • Receive emails from my LAN devices
  • Send them to my public/internet email address via SMTP
  • Run via Docker if possible, otherwise Debian 12

Am I looking for something impossible?

Thanks in advance!
 


I got closest with EXIM4, but it was complaining as it was unable to resolve my domain name.
Without knowing all the details it sounds like your system didn't have dns configured correctly.
If you want to run it in Docker you could use something like this.
 
Last edited:
Without knowing all the details it sounds like your system didn't have dns configured correctly.
If you want to run it in Docker you could use something like this.
The way I understood the error, which I regretfully did not snip, Is that it was looking for a valid MX record.

I spent the majority of my time with the Bokysan image, and copy-mod various configurations from various websites with no success, but maybe I need to sit down fresh for a third time(!).

I will have a look at the Ix-ai image and report back, thanks for your reply!
 
Is that it was looking for a valid MX record.

While I haven't much experience with this, I do believe you can set multiple MX records and use different priorities. That might be worth exploring.
 
The way I understood the error, which I regretfully did not snip, Is that it was looking for a valid MX record.
That means Postfix or Exim wasn't sending mail through your Gmail account but directly to some receiving mail server of the receiving domain because receiving mail servers reject mail from a domain that doesn't have an MX or A record setup. If you look at the Linode link I linked in my first reply you will see how you could setup Postfix to send mail through your Gmail account, when you do it correctly the mail will connect to Gmail smtp servers with your Gmail account and then send the mail from your Gmail account with your Gmail account as sender.
 
While I haven't much experience with this, I do believe you can set multiple MX records and use different priorities. That might be worth exploring.
Would the MX record work if the address was pointed at the server's LAN address?
I don't see why not, though downside is that it does expose my internal network layout publicly.
 
That means Postfix or Exim wasn't sending mail through your Gmail account but directly to some receiving mailserver because receiving mail servers reject mail from a domain that doesn't have MX or A records setup. If you look at the Linode link I linked in my first reply you will see how you could setup Postfix to send mail through your Gmail account, when you do it correctly the mail will connect to Gmail smtp servers with your Gmail account and then send the mail from your Gmail account with your Gmail account as sender.
Thanks for explaining, much appreciated. Am reviewing that now.
 
Would the MX record work if the address was pointed at the server's LAN address?

AFAIK, it should. It's intended for things like a failover/backup. Well, it'd have to be pointed at your local IP address and then forwarded through your router. It'd expose your public IP address - but your public IP address is just that - public.
 
Hey everyone,

Many thanks again for the help!
The Linode tutorial helped greatly and now it is working!
I will copy-mod and try to wedge it into the bokysan image, and will report back for others.

Cheers!
 
It turns out I only needed very small inspiration from the Linode tutorial while using the bokysan image (mainly the encryption setting!)

I was able to piece it together mostly using the image docs.
I think coming back to it almost a month later probably helped too :)

Please see my working handywork
Cheers!

postfix: image: boky/postfix container_name: postfix ports: - "9925:25" environment: TZ: Europe/London POSTFIX_myhostname: smtp-relay RELAYHOST: smtp.gmail.com:587 RELAYHOST_USERNAME: [email protected] RELAYHOST_PASSWORD: ... POSTFIX_message_size_limit: 26214400 ALLOWED_SENDER_DOMAINS: relay.server.lan MASQUERADED_DOMAINS: relay.server.lan POSTFIX_smtp_tls_security_level: encrypt
 
We use Postfix as an internal mail relay on our network for our servers. They all just forward mail to it, and it sends it securely. It's very simple, though it's a server now but we are looking to containerize and toss it on our kubernetes cluster very soon.

Glad to hear you're good to go though.
 

Staff online

Members online


Top