Friday, July 26, 2013

Configuring Amazon SES with Postfix

First thing, we need to be subscribed to their services and validate some email addresses. You can find about this process at their website.

Let's install postfix in our server:

    $ sudo apt-get install postfix
Following the debconf interface, set the host as to use relay host: 

set the right system mail name (i.e. mydomain.com):

specify the relay host as email-smtp.us-east-1.amazonaws.com (or the one we have subscribed to):


and if comes up remove the internet domain from my_destionations table:

now, add these lines to the /etc/postfix/main.cf file:

myhostname = mydomain.comsmtp_generic_maps = hash:/etc/postfix/genericsmtp_sasl_auth_enable = yessmtp_sasl_password_maps = hash:/etc/postfix/sesaccountsmtp_sasl_security_options = noanonymoussmtp_use_tls = yessmtp_tls_security_level = maysmtp_tls_note_starttls_offer = no
smtp_generic_maps will masquerade your local addresses as the external address you shall have validated with amazon. For this example, it is no.reply@mydomain.com and the /etc/postfix/generic would look like this:
www-data@mydomain.com      no.reply@mydomain.com
ubuntu@mydomain.com   no.reply@mydomain.com
After editing the file we need to generade the hash:

    $ sudo postmap /etc/postfix/generic

The smtp_sasl_password_maps enables the authentication with Amazon SES, basically we need to define our AWS keys in the format <server> <access key>:<secret key> :

email-smtp.us-east-1.amazonaws.com:25 AXXXXX:AXXXXXXXXXXXXXXXXXXXXX

Same, we generate the hash:

    $ sudo postmap /etc/postfix/sesaccount

Now issue a postfix reload to get the settings active.

    $ sudo postfix reload

To test the settings I like to use the package bsd-mailx, we install the package:
    $ sudo apt-get install bsd-mailx
    $ mail andres.martin@mydomain.com
    Subject: test
   
    .
    Cc:
    Null message body; hope that's ok

If everything went good, an email should have arrived.