A simple guide to using authorised SMTP relay.

Discussion Room for the Synology MailStation Package
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.

A simple guide to using authorised SMTP relay.

Postby spe » Mon May 03, 2010 12:19 am

With many thanks to Mowgli who listed most of this info, and Townie who has made some very sensible suggestions : Here's a condensed guide with all the relevant bits in one place. I will continue to keep this updated from time to time as we learn more about the system.

A snapshot guide to working around using DDNS for your domain location.

Using mailstation on a home based diskstation or any other location using dynamic IP addresses has the side effect of preventing most outbound SMTP traffic. This is because dynamic IP address ranges are regarded as probable spam originators and ISPs list them at spamhaus as addresses from which to reject outbound email, so commercial mail servers will reject our outbound content.

To send mail from a mail server that is hosted on a dynamic IP address it must be sent via a registered and authenticated mail server. This is acting as a relay for your email and you will usually use the outgoing SMTP server setup by your ISP unless you pay for an account elsewhere. The relay server can be any SMTP server on which you have a valid account.


Configure the Mailstation using the GUI and confirm that incoming mail is working before proceeding.


To setup an outbound mail relay you will need:

1) The name of the SMTP server to use (probably your ISP's SMTP server such as smtp.orange.uk).
2) The user account name on that server and its password. These may well be case sensitive - so be careful.

To enable SMTP relay you need to edit two files on the Diskstation, then run two commands. Then you may need to re-boot the diskstation if it doesn't work immediately.

From the admin GUI enable telnet access to your diskstation.

From your PC or MAC telnet to the diskstation IP adress and login as "root" with the admin password. Do NOT login as "admin" or it won't work.

type cd /usr/syno/mailstation/etc

vi main.cf

Find the first line starting "#relayhost = "

delete the leading "#" and enter the name of your SMTP server to be used as the relay server.

e.g. "relayhost = smtp.orange.uk"

If you are having problems after using the entry above try putting the relay ISP inside square brackets, it prevents DNS lookups.

e.g. "relayhost = [smtp.orange.uk]"


move to the bottom of the file and add the following three lines

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/usr/syno/mailstation/etc/sasl_passwd
smtp_sasl_security_options =


Now save and close main.cf

Now create a password file as follows:-

cat > sasl_passwd
smtp.orange.uk username@orange.uk:password_for_orange_account

Press Ctrl+D to save the file.

To limit access to the password to the "root" user do the following two steps:

chown root sasl_passwd
chmod 600 sasl_passwd

Then type the following to setup the password in a useable form for the mail progran to use it

../sbin/postmap sasl_passwd

Finally re-start the server processing by entering the following command

../sbin/postfix reload

That's it!

Now the mailstation server is will send all outbound mail to the mailserver that you listed as relayhost using the login info from your sasl_password file.

Troubleshooting

If it doesn't take first time you may need to re-start the mailstation task on the diskstation from the gui, or even re-boot the diskstation if you can't find your way around the gui to the mailstation task.

If it doesn't work first time around go back and look for spelling mistakes, and depending upon your server configuration watch out for case sensitivity errors.

Note: There is a problem which can easily cause frustration in the current builds of MailStation (April/May 2010). It is so subtle in its effect that you can lose a lot of time troubleshooting the MailStation setup when there is nothing wrong at the server. Its the client configuration that is at fault:

A user name that is being used to retrieve mail using IMAP is NOT case sensitive.

The same user name, when it is being used to send mail using IMAP IS CaSe SenSiTive.

The passwords are always case sensitive.

So; if you are using a client that shares authorisation details for reading and sending mail, and you can read but not send mail, if the client reports the details correctly you may also see a login failure despite being able to read mail: The first place to look is at the user identity that is being used to login to the server - have you missed a capital letter somewhere?
Last edited by spe on Wed May 26, 2010 11:26 am, edited 1 time in total.
spe
Trainee
Trainee
 
Posts: 18
Joined: Sun Sep 27, 2009 8:41 pm

Re: A simple guide to using authorised SMTP relay.

Postby featds » Tue May 18, 2010 4:28 pm

Hi Spe

This is a very good guide. It worked perfectly and and my e-mail server on a 710+ is working as I want it to be. Many thanks!

Unfortunately I have (now) the problem that the server is no longer hibernating when the MailStation package is running...

Cheers, featds
featds
I'm New!
I'm New!
 
Posts: 1
Joined: Tue May 18, 2010 4:18 pm

Re: A simple guide to using authorised SMTP relay.

Postby Townie » Sun May 23, 2010 3:52 pm

Just to add, if having problems put the relay ISP inside square brackets, it prevents DNS lookups.

EG:
relayhost = [smtp.orange.uk]

Also, vitally important is to chown + chmod the sasl_passwd file before hashing to db file. This ensures that only root has access to the plaintext passwd in sasl_passwd. If you do it before the hashing then the db file it creates will have the same permissions too.

EG:
Now create a password file as follows:-

cat > sasl_passwd
smtp.orange.uk username@orange.uk:password_for_orange_account

Press Ctrl+D to save the file.

chown root sasl_passwd
chmod 600 sasl_passwd

Then type the following to setup the password in a useable form for the mail progran to use it

../sbin/postmap sasl_passwd



Great guide otherwise. :)
Townie
Student
Student
 
Posts: 68
Joined: Fri May 29, 2009 12:49 am

Re: A simple guide to using authorised SMTP relay.

Postby exdeath202 » Sun May 23, 2010 11:16 pm

I tried this both with gmail and with the smtp service my website domain+host provider gives me. Doesnt work for me. The problem is that before, i atleast could receive mail or send to certain emails.
my domain is a .com one and the smtp according to my provider is smtp.mydomain.com, then i found that it had an user and pass for the email directions, tried the email and the smtp user attached to it, none worked.
Can someone explain how to rever the changes? i tried uninstalling mailstation and reinstalling it but everything remained the same. I dont remember the old #relayhost = " , or the lines i need to delete. Can someone help me please? if i delete usr/syno/mailstation contents and i reinstall mailstation, will it come back to normal?
Thanks in advance

PD: Gmail is the one who seems to go further. The error is: <destinatary email here>: host smtp.gmail.com[209.85.227.109] said: 530 5.7.0
Must issue a STARTTLS command first. h22sm26817217wbh.3 (in reply to MAIL
FROM command)
exdeath202
Trainee
Trainee
 
Posts: 13
Joined: Thu Jan 07, 2010 11:11 pm

Re: A simple guide to using authorised SMTP relay.

Postby spe » Wed May 26, 2010 11:29 am

featds wrote:Hi Spe

This is a very good guide. It worked perfectly and and my e-mail server on a 710+ is working as I want it to be. Many thanks!

Unfortunately I have (now) the problem that the server is no longer hibernating when the MailStation package is running...

Cheers, featds



I'm glad it helped you. I struggled for a while to find this info and having worked my way through it I thought it was best held in one place for others to find.

There are many issues that can affect hibernation and I'm not able to help diagnose any of them so I suggest that you post a general question specifically about hibernation on the MailStation forum.
spe
Trainee
Trainee
 
Posts: 18
Joined: Sun Sep 27, 2009 8:41 pm

Re: A simple guide to using authorised SMTP relay.

Postby spe » Wed May 26, 2010 11:31 am

Townie wrote:Just to add, if having problems put the relay ISP inside square brackets, it prevents DNS lookups.

EG:
relayhost = [smtp.orange.uk]

Also, vitally important is to chown + chmod the sasl_passwd file before hashing to db file. This ensures that only root has access to the plaintext passwd in sasl_passwd. If you do it before the hashing then the db file it creates will have the same permissions too.

EG:
Now create a password file as follows:-

cat > sasl_passwd
smtp.orange.uk username@orange.uk:password_for_orange_account

Press Ctrl+D to save the file.

chown root sasl_passwd
chmod 600 sasl_passwd

Then type the following to setup the password in a useable form for the mail progran to use it

../sbin/postmap sasl_passwd



Great guide otherwise. :)


Thanks Townie, these are very useful tweaks. I have incorporated them into the guide.
spe
Trainee
Trainee
 
Posts: 18
Joined: Sun Sep 27, 2009 8:41 pm

Re: A simple guide to using authorised SMTP relay.

Postby spe » Wed May 26, 2010 11:40 am

exdeath202 wrote:I tried this both with gmail and with the smtp service my website domain+host provider gives me. Doesnt work for me. The problem is that before, i atleast could receive mail or send to certain emails.
my domain is a .com one and the smtp according to my provider is smtp.mydomain.com, then i found that it had an user and pass for the email directions, tried the email and the smtp user attached to it, none worked.
Can someone explain how to rever the changes? i tried uninstalling mailstation and reinstalling it but everything remained the same. I dont remember the old #relayhost = " , or the lines i need to delete. Can someone help me please? if i delete usr/syno/mailstation contents and i reinstall mailstation, will it come back to normal?
Thanks in advance

PD: Gmail is the one who seems to go further. The error is: <destinatary email here>: host smtp.gmail.com[209.85.227.109] said: 530 5.7.0
Must issue a STARTTLS command first. h22sm26817217wbh.3 (in reply to MAIL
FROM command)


This error is going a little off topic from the guide above. From the look of it you've managed to mix an attempt to connect to an SSL/TLS enabled endpoint with the simple sasl authorisation config setup above. Have you set the destination port to an SSL enabled port instead of using port "25"?

Can you please re-post this as a seperate question in its own topic and then everyone can see it and try to help you through. Posted in here its not going to be seen by anyone who has already got beyond the initial configuration steps, and its these people who may be able to help you.
spe
Trainee
Trainee
 
Posts: 18
Joined: Sun Sep 27, 2009 8:41 pm

Re: A simple guide to using authorised SMTP relay.

Postby chameleon » Sat Nov 20, 2010 3:27 pm

Hi not sure if this post is still active (I hope so)
I have followed the above post for changing the main.cf file so that I can relay my mail out from my domain.
After the changes everything seemed to work I am now able to send email from my domain using outlook 2010 but it never arrives at the other end. I get no error messages either it just seems to vanish? when I check the sent folder it shows as email sent so all looks ok.
Does anyone have the settings for bt internet mail? I know that the mail smtp servers are mail.btinternet.com but I have entered this into the main.cf file and now have this problem.

cheers,
chameleon
Student
Student
 
Posts: 63
Joined: Thu Oct 18, 2007 9:21 pm

Re: A simple guide to using authorised SMTP relay.

Postby shareonline » Fri Mar 04, 2011 6:22 pm

Really nice guide!! but i also needs to set this up to relay through gmail on port 587.. Therefore i'm missing some info:)
shareonline
Student
Student
 
Posts: 62
Joined: Mon Nov 23, 2009 11:12 pm

Re: A simple guide to using authorised SMTP relay.

Postby PolliSoft » Sun Mar 20, 2011 2:06 pm

shareonline wrote:Really nice guide!! but i also needs to set this up to relay through gmail on port 587.. Therefore i'm missing some info:)


Hi,

I solved this by adding the line
smtp_use_tls = yes
in main.cf. Good luck!
PolliSoft
Trainee
Trainee
 
Posts: 10
Joined: Wed Apr 14, 2010 5:47 pm

Re: A simple guide to using authorised SMTP relay.

Postby shareonline » Mon Mar 21, 2011 7:24 pm

PolliSoft wrote:
shareonline wrote:Really nice guide!! but i also needs to set this up to relay through gmail on port 587.. Therefore i'm missing some info:)


Hi,

I solved this by adding the line
smtp_use_tls = yes
in main.cf. Good luck!



Thank you very much!! nice info:)
shareonline
Student
Student
 
Posts: 62
Joined: Mon Nov 23, 2009 11:12 pm

Re: A simple guide to using authorised SMTP relay.

Postby Rancid » Sat Jul 02, 2011 11:26 am

Sticky Please
Rancid
Sharp
Sharp
 
Posts: 168
Joined: Mon Mar 28, 2011 1:32 pm

Re: A simple guide to using authorised SMTP relay.

Postby petealois » Fri Jan 13, 2012 10:01 pm

i do not know how to thank you! I have been working on this for a couple of weeks now with Synology Support and No-IP Support. This worked like a charm! Again thank you so much!
petealois
I'm New!
I'm New!
 
Posts: 2
Joined: Fri Jan 13, 2012 9:58 pm

Re: A simple guide to using authorised SMTP relay.

Postby griz » Mon Jan 23, 2012 7:02 pm

Spe,

As a total novice I've followed your guide up to the section where you need to add the password files. I edited the postfix file using the 3rd party config file editor (not a unix person and the telnet instructions did not appear to work for me with DSM 3.2 and Rouncube)). Please could you tell me (as a novice) how to complete the last few stages, after adding the code to the bottom of the config file i.e. creating the password file onwards.

Sorry to be so dim, but we all have to start somewhere!

Thanks.
griz
I'm New!
I'm New!
 
Posts: 7
Joined: Sun Jan 22, 2012 5:41 pm

Re: A simple guide to using authorised SMTP relay.

Postby griz » Wed Jan 25, 2012 6:40 pm

Anyone help?, I'm on borrowed time here with a 'neutral' google email header. If I can get this configured I can use my existing ISP's SMTP server and not get 'cut off'.
griz
I'm New!
I'm New!
 
Posts: 7
Joined: Sun Jan 22, 2012 5:41 pm

Next

Return to Mail Station

Who is online

Users browsing this forum: No registered users and 2 guests