Configure Postfix Send-Only Mail for Nextcloud AIO

ā„¹ļø Support šŸ“¦ Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1

Hi! Iā€™ve been trying to configure Postfix so it would only be able to send e-mails and Iā€™d like to use that for the Nextcloud E-mail server. (Nextcloud runs flawless)

Iā€™ve been searching the web for quit some days now and I did found some interesting articles (for example from the Nextcloud Forum itself: Docker: how to use postfix from host - #6 by wouterve , How to configure Postfix relayhost to send email using an external SMTPS server on port 465 , How To Install and Configure Postfix as a Send-Only SMTP Server on Ubuntu 20.04 | DigitalOcean ) Iā€™ve looked into quit the sources, I think.

However, I am a complete newbie to anything related to mail servers. I would only use the email server to send password recoveryā€™s and Nextcloud Info-mails.

Part of my postfix/main.cf:

smtpd_tls_cert_file=/etc/letsencrypt/live/domain.tld/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/domain.tld/privkey.pem
smtpd_tls_security_level=may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = domain.tld
mydomain = domain.tld
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $myhostname
mydestination =  localhost.$mydomain, $myhostname, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.18.0.7/16
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = 172.17.0.1
inet_protocols = all

172.18.0.7 = IP of Nextcloud Container
172.17.0.1 = IP of docker0

My questions are:

  1. Is it possible to only use a PostFix Send-Only SMTP Server for Nextcloud AIO? (Or do I need to connect it to another SMTP server?)
  2. How do I setup Postfix accordingly (Config File)?
  3. Which Info should I input in the Basic Settings Email Server? (See screenshot)
    image
    image1222Ɨ332 27.2 KB
  4. Should I change any DNS settings for this? (I didnā€™t setup any MX or other records, since that might not be needed?)

Ofc I opened port 25. Iā€™m also able to send e-mails from the command line (e.g. echo "This is the body of the email" | mail -s "This is the subject line" kars@email.tld ). I use Nginx as a reverse proxy and I also use Cloudflare.

PS: Iā€™m unsure if I posted this into the right category, pardon me for that, if so.

If someone could help me out, give some advice or tutorial, it would be very much appreciated :slight_smile:

2

1- you say youā€™re able to send mails using command line. Do you use an external smtp service (gmail, sendgridā€¦) or do you set up your own mailserver (if so, you would indeed need to change dns)
2-at first sight your postfix seems ok. I would however change the ip for mynetworks = ā€¦ 172.18.0.1/16
3-change security from login to no login - you donā€™t need any security
4-see answer for 1

I would check if port 25 is reachable from within your docker container:
nc 172.17.0.1 25 -vvv

1 Like
3

Hi, thanks for your reply =D

  1. Yes, I was able to send e-mails to myself from the cmd of my server (not in any containers). I didnā€™t setted up my own mailserver except postfix (neither in a container) since I would only be wanting to send emails. I thought that should be possible without any other smtp service, however this might be wrong? (I donā€™t know that much about mailservers, Iā€™m a hobbyist)

  2. To what should I change the ā€œmynetworksā€ to?

  3. Somehow I simply couldnā€™t click to change the ā€œLoginā€ settings in settings menu so I editted config.php manually to:

  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_from_address' => 'kars', #I don't know if this is right
  'mail_domain' => 'domain.tld', #Neither about this
  'mail_smtphost' => '172.17.0.1',
  'mail_smtpport' => '25',
  'mail_smtpsecure' => 'ssl',
  'mail_smtpauth'     => false,
  'mail_smtpname'     => "",
  'mail_smtppassword' => "",
  'mail_smtpdebug' => true,

What should I fill in the account settings?

(5.) To check if the container is reachable:

I type the follow in my terminal:
sudo docker exec -it nextcloud-aio-nextcloud /usr/bin/nc 172.17.0.1 25 -v

And got this as output:
220 domain.tld ESMTP Postfix (Ubuntu) - Does this mean the connection is established?

These are the logs from /var/log/mail.log after hitting the ā€œSend emailā€ from the configuration (multiple times).

Jun 22 13:39:17 vmi998791 postfix/anvil[758143]: statistics: max connection rate 4/60s for (smtp:172.18.0.7) at Jun 22 13:35:57
Jun 22 13:39:17 vmi998791 postfix/anvil[758143]: statistics: max connection count 1 for (smtp:172.18.0.7) at Jun 22 13:35:07
Jun 22 13:39:17 <name>  postfix/anvil[758143]: statistics: max cache size 1 at Jun 22 13:35:07
Jun 22 14:01:01 <name>  postfix/pickup[755605]: EDF9CAE26F3: uid=33 from=<www-data>
Jun 22 14:01:01 <name>  postfix/cleanup[771198]: EDF9CAE26F3: message-id=<20230622120101.EDF9CAE26F3@domain.tld>
Jun 22 14:01:01 <name>  postfix/qmgr[755606]: EDF9CAE26F3: from=<www-data@domain.tld>, size=685, nrcpt=1 (queue active)
Jun 22 14:01:02 <name>  postfix/local[771200]: EDF9CAE26F3: to=<www-data@domain.tld>, orig_to=<www-data>, relay=local, delay=0.09, delays=0.05/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Jun 22 14:01:02 <name>  postfix/qmgr[755606]: EDF9CAE26F3: removed
Jun 22 14:07:43 <name>  postfix/smtpd[775064]: connect from unknown[172.18.0.7]
Jun 22 14:07:43 <name>  postfix/smtpd[775064]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:07:43 <name>  postfix/smtpd[775064]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:07:43 <name>  postfix/smtpd[775064]: lost connection after UNKNOWN from unknown[172.18.0.7]
Jun 22 14:07:43 <name>  postfix/smtpd[775064]: disconnect from unknown[172.18.0.7] unknown=0/1 commands=0/1
Jun 22 14:09:35 <name>  postfix/smtpd[776015]: connect from unknown[172.18.0.7]
Jun 22 14:09:35 <name>  postfix/smtpd[776015]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:09:35 <name>  postfix/smtpd[776015]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:09:35 <name>  postfix/smtpd[776015]: lost connection after UNKNOWN from unknown[172.18.0.7]
Jun 22 14:09:35 <name>  postfix/smtpd[776015]: disconnect from unknown[172.18.0.7] unknown=0/1 commands=0/1
Jun 22 14:10:49 <name>  postfix/smtpd[776015]: connect from unknown[172.18.0.7]
Jun 22 14:10:49 <name>  postfix/smtpd[776015]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:10:49 <name>  postfix/smtpd[776015]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:10:49 <name>  postfix/smtpd[776015]: lost connection after UNKNOWN from unknown[172.18.0.7]
Jun 22 14:10:49 <name>  postfix/smtpd[776015]: disconnect from unknown[172.18.0.7] unknown=0/1 commands=0/1
Jun 22 14:10:50 <name>  postfix/smtpd[776015]: connect from unknown[172.18.0.7]
Jun 22 14:10:50 <name>  postfix/smtpd[776015]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:10:50 <name>  postfix/smtpd[776015]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "172.18.0.7/16", perhaps you should use "172.18.0.0/16" instead
Jun 22 14:10:50 <name>  postfix/smtpd[776015]: lost connection after UNKNOWN from unknown[172.18.0.7]
Jun 22 14:10:50 <name> postfix/smtpd[776015]: disconnect from unknown[172.18.0.7] unknown=0/1 commands=0/1
4

Hi, did you already review the docs btw?
https://docs.nextcloud.com/server/26/admin_manual/configuration_server/email_configuration.html?highlight=starttls#configuring-an-smtp-server

5

Hi! Thanks for replying, yes I did read the docs but now Iā€™m wondering, since I only want to Send Emails, should I setup my server to use Sendmail? If so, would there be any sources that could give me some guidance?

6

no you dont if you only want to send mails. you can use a public mail server for that.

7
  1. You need to elaborate a bit on this. You donā€™t use any smtp service nor did you set up your own mail server? How are you able to send mails? Did you actually receive the test mails from the command line in your mailbox, or did you just looked in /var/mail/ to see your mails? Youā€™ll need one of those to be able to send mail. If I look in your postfix main.cf config, I donā€™t see any real domain configured. I havenā€™t setup postfix as smtp relay myself, but I figure out youā€™ll need a lot more configuration than it is atm.
    If you have your own domain, I would recommend a service like sendgrid or mailjet. Iā€™ve recently switched to the latter and mails are a lot smoother now in Nextcloud. You could however also use a free mail service like yahoo if you donā€™t own a domein
  2. I typed my previous answer with my smartphone :-). You need to change this in postfix/main.cf
    From:

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.18.0.7/16
TO
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.18.0.1/16

as also indicated by your error log from postfix

  1. The UI is a bit strange, if you donā€™t have checked ā€˜authentication requiredā€™ itā€™s OK

  2. it looks ok. Maybe first open a bash shell (sudo docker exec -it nextcloud-aio-nextcloud bash) and then execute the nc command. Youā€™ll see more output lines (e.g. connection to 172.17.0.1 succeeded)

If you want to use postfix for outgoing mail, I would first make sure that postfix is set up right. Then see whether you are able to send mail from within your docker container through cli and if that works, check the config for nextcloud

ps: Iā€™am also an hobbyist but through doing this kind of stuff, one learns a lot :slight_smile:

1 Like
8

Hi, thanks again for both replying! I will try my best to figure it out.

For me it was a bit confusing, because I can send emails to myself using the setup from this tutorial: How To Install and Configure Postfix as a Send-Only SMTP Server on Ubuntu 20.04 | DigitalOcean

I thought I could then use it likewise for Nextcloud, however I think thats wrong then?

9

Of it works to send mails from your host, you should also be able to send from your docker container using the settings from my post youā€™ve linked to.

Do you use any firewall (iptables, ufw)? This could hinder your ability to send from your host.

Try to send a mail from command line within your nextcloud container. Youā€™ll need to manually provide the ip from your docker interface (172.17.0.1), i donā€™t know the command by hart but google will help :slightly_smiling_face:.

If that works, youā€™ll know wether itā€™s due to nextcloud config.

Keep in mind that running your own mail service is nog easy task (i.e. not being seen as a spammer). You could also rely on a service like sendgrind, mailjet ā€¦ Except if you want to build up experience Running your mailserver

10

Hi @wouterve ,

I know understand way more about the concept and itā€™s pretty obvious that my setup wouldnā€™t work since my DNS wasnā€™t configured properly (which I learned after indeed browsing the web quit the day :slight_smile: ) I did rethink my plan about having an e-mail server and since I might extend the use case of it later I decided to go with docker-mailserver (Home - Docker Mailserver ) They have a forward-only setup (incl. tutorial), which is now running like a charm (as far as all the tests went)

It wasnā€™t indeed not that easy but it works now, and I think it has met the requirements (DMARC, DKIM, SPF, ofc SSL and since its forward only, it doesnā€™t actually receive anything)

I especially didnā€™t wanted to use another service so Iā€™m glad it runs now. Iā€™d like to thank you for your help, I really appreciate it! Also thanks @szaimen for your replyā€™s and work in the team =)

1 Like
11

Hi,

Glad youā€™ve solved it. I was in doubt whether youā€™r mail server configuration was really working as you stated you hadnā€™t change your DNS.

I initially also took a look to docker mail server, but time constraints did me use an external SMTP service.
I do want to implement this in the future so here a few questions on my own :smile:.
-could you provide me a direct link to the tutorial youā€™ve used
-are you using server at your home or in the cloud? As Iā€™ve read most home ISPā€™s are blocking the ports needed for a mailserver

Kr

12

Hi,

I didnā€™t use any specific tutorial, all the information was supplied by the docs of docker-mailserver. I really recommend reading everything trough. (Minus googling how certain commands would work ofc).

I am indeed using a cloud server, I figured that would be an easier option to host everything, however I really wouldā€™ve liked to host everything at home on my raspberry pi, thats sadly not possible. (ISPā€™s restrictions and so on indeed)

FYI: I was thinking about writing a tutorial of what I did, however 80% is mentioned in their docs :slight_smile:

Greetings!