Setting up email forward using Amazon SES

This is a set of instructions to setup email forwarding on your servers without having to configure a mail server.

Well, actually, you will have to configure a mail server. But, you won't be sending email directly from that mail server. The one we are going to setup is called postfix.

You can install it on debian based system:

$ sudo apt install postfix

Then, we are going to use an external SMTP server to send email. In this instruction, I am going to use Amazon's SES service, but you can use any. Even Gmail should work fine.

sudo postconf -e "relayhost = [email-smtp.us-west-2.amazonaws.com]:587" \
"smtp_sasl_auth_enable = yes" \
"smtp_sasl_security_options = noanonymous" \
"smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" \
"smtp_use_tls = yes" \
"smtp_tls_security_level = encrypt" \
"smtp_tls_note_starttls_offer = yes"

Note the important thing that you need to change in the above command is relayhost configuration to match the host and port that you are going use.

Even if you are using Amazon SES, that URL changes based on the region. Make sure you have the right one mentioned there. If you do end up writing the wrong one, you can go edit that value in /etc/postfix/main.cf.

Now, we need to configure our SMTP credentials to talk to the remote server:

Create a new file /etc/postfix/sasl_password:

# /etc/postfix/sasl_password
[email-smtp.us-west-2.amazonaws.com]:587 SMTPUSERNAME:SMTPPASSWORD

Make sure to replace the SMTPUSERNAME:SMTPPASSWORD with your username and password.

Finally, you need to create a hash table of the file above by running:

$ sudo postmap hash:/etc/postfix/sasl_password

This will create a /etc/postfix/sasl_password.db file, which is what posfix will read. Note that if you skip the last step, postfix won't be able to get your credentials. You will also have to run that command everytime you update /etc/postfix/sasl_password file.

You can test that your setup is working by sending a mail:

$ mail -s 'Testing Setup' user@addres.com
Hello World

You can press Ctrl+D after you done writing the actual message above to exit out the edit mode to send the email.

You can also check the logs at /var/log/mail.log to see if there are any errors.