Score:0

Null Client Mail Server

ci flag
Chr

I want to set up a null client mail server, i.e. a mail server that sends e-mails, but does not receive e-mails. I tried multiple guides relying on postfix, checked discussions on this and other sites, and consulted the official postfix website. The server still does not send e-mails. The message submitted via the following line

echo "This is the body of an encrypted email" | mail -s "This is the subject line" [email protected]

where [email protected] is an e-mail address of mine that is not related to that server does not arrive. I already tried checked multiple recipient e-mail addresses. None of them receives a message.

The content of /etc/postfix/main.cf currently is

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/example.com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/example.com/privkey.pem
smtpd_tls_security_level=may
smtp_use_tls=yes
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = someone.localdomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mydestination =
relayhost = $mydomain
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = ipv4
local_transport = error: local delivery disabled

Instead of example.com I use my actual domain.

On the DNS server, I only set an A record. Do I need a MX record? Do I need to set up a subdomain?

I configured the ufw to allow for postfix traffic: sudo ufw allow Postfix

This Ubuntu 20.04 machine also hosts a nginx web server.

What I would like to do is to send e-mails directly from the server using a shell script. I do not want to connect it to any program outside the server. The setup should be as secure as possible, blocking any incoming e-mails or attacks using the mail ports. I do not have a particular preference for postfix. It is simply the software that most guides use.

Michael Hampton avatar
cz flag
Check your logs.
Chr avatar
ci flag
Chr
Do you mean `/var/log/mail.log`? It prints the error `Host or domain name not found. Name service error for name=localdomain type=A: Host not found, try again`
Score:1
cz flag

For some reason you have set

relayhost = $mydomain

This doesn't make any sense, as you say you are trying to send outbound mail directly to its destination, rather than back to yourself. Even if you were trying to redeliver all mail locally, this wouldn't be the way to do it.

Just remove this line from your configuration entirely.

Chr avatar
ci flag
Chr
Unfortunately, I still does not work. Here is the anonymized error message: `to=<[email protected]>, relay=none, delay=90, delays=0/0.01/90/0, dsn=4.4.1, status=deferred (connect to mx05.example.com[123.456.78.999]:25: Connection timed out`
Michael Hampton avatar
cz flag
@Chr Eh? Are you doing something inappropriate like trying to run a mail server at home?
Chr avatar
ci flag
Chr
No, it is a server hosted by a large cloud computing provider.
Michael Hampton avatar
cz flag
@Chr Which one? Be specific and name the provider.
Chr avatar
ci flag
Chr
Hetzner (https://www.hetzner.com/)
Chr avatar
ci flag
Chr
That provider also hosts the domain. Are there any dns records that I need to modify?
Michael Hampton avatar
cz flag
@Chr Hetzner block SMTP by default. You can [request that they unblock it](https://docs.hetzner.com/cloud/servers/faq/#why-can-i-not-send-any-mails-from-my-server).
Chr avatar
ci flag
Chr
Oh, ok. Thanks. I did not know that. Is there a way to circumvent it? Is there something similar to smtp?
Michael Hampton avatar
cz flag
@Chr You can use a third party mail service like Sendgrid or send mail to an authenticated mail account.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.