Updated Email Setup on Amazon EC2

SMTP/Email Setup on Amazon EC2

Summary:
Create an Smtp server installation on Amazon EC2 that relays email to
your gmail email account. Gmail has a nice email client so this allows us to leverage gmail’s rich features. Our smtp software package is postfix.

Prerequisites:

Familiar with create and launching instances using Amazon EC2, and familiar with editing config files in linux.

Links to
documentation on Amazon EC2 and how to create and launch instances:

http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=84

1. Install Postfix

For Fedora 8: yum install
postfix

2. Setup/Install Certificate Authority for Self Signing

yum install openssl-perl

3. Create Server Certificate

cd /et/pki/tls/misc

./CA.pl -newca

4. Copy cert file to postfix folder

cp /etc/pki/CA/cacert.pem
/etc/postfix

5. Create Certificates (self signed certificates for testing
purposes)

openssl
genrsa -out enduro.key 1024
openssl
req -new -key enduro.key -out enduro.csr

openssl
req -new -x509 -key enduro.key
-out enduro.pem
-days 1095

6. Authorize Port 587

   At desktop/client command line: ec2-authorize default –p 587

7. Update Postfix Config file, master.cf

This file is located in /etc/postfix/master.cf.
You need to specify port so that service runs on port 587

Sample entry:

#
==========================================================================
#
service type private unpriv chroot wakeup
maxproc command + args
#
(yes) (yes) (yes) (never) (100)
#
==========================================================================
127.0.0.1:587
inet n -
n -
- smtpd

8. Edit 2^nd
   Postfix config file, main.cf

   
   

This file is located in /etc/postfix/main.cf

I will not detail this entire config file because the configuration
details will depend on your environment. But, in a nutshell you want
to do the following: update the relevant hostname and ips in main.cf
and add something like this to end of main.cf:

## TLS
Settings
#auth
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps
= hash:/etc/postfix/sasl_passwd

#tls
smtp_use_tls =
yes
smtp_sasl_security_options =
noanonymous
smtp_sasl_tls_security_options =
noanonymous
smtp_tls_note_starttls_offer = yes
tls_random_source
= dev:/dev/urandom
smtp_tls_scert_verifydepth =
5
smtp_tls_key_file=/etc/postfix/enduro.key
smtp_tls_cert_file=/etc/postfix/enduro.pem
smtpd_tls_ask_ccert
= yes
smtpd_tls_req_ccert =no
smtp_tls_enforce_peername = no

9. Also make sure you have this entry in main.cf

relayhost = [smtp.gmail.com]:587

10. Using vi or your favorite editor, create the follwing file,
/etc/postfix/sasl_passwd

and using this format below for its content, add your email
address and password:

#
Contents of sasl_passwd
#
[smtp.gmail.com]:587
myemail@gmail.com:pa33w0r8

11. Now test
this file by running this simple "hash" key test.

$
postmap -q [smtp.gmail.com]:587 sasl_passwd

myemail@gmail.com:pa33w0r8

12. You'll
need to protect your password so that only the postfix group and root
can read it by changing the access rights as follows:

$
chown root.postfix sasl_passwd*
$ chmod 0640 sasl_passwd*

( PostFix binary location: /usr/sbin/postfix )

13.Start
PostFix,

command line:
postfix start

14. Use sendmail
from command line to test:

Cmd line:
sendmail mytargetemail@gmail.com this is test

Next: Hit Enter ,
then type a dot, then Hit Enter

(Note: make sure
Sendmail is started (cmd line: service sendmail restart)

(Note: logs errors
to /var/log/maillog)

Alternatively Test
Sendmail using this by creating a text file (mail.txt) in the below
format)

date:
todays-date
to: user@domain.com
subject:
subject
from: your-name@domain.com

Body of
message goes here

Then call sendmail with
that file as an input:

Command
line: /usr/sbin/sendmail email-address < mail.txt

Or you can use the -t
option to to tell sendmail to read the header of the message to
figure out who to send it to.

Command
line: /usr/sbin/sendmail -t < mail.txt

This will process the
To: and CC: lines for you and send the mail to the
correct addresses.