Skip to main content

Documentation Index

Fetch the complete documentation index at: https://jetemail.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

This guide will walk you through configuring Postfix to use JetEmail as your smarthost for improved email deliverability and authentication.

Prerequisites

  • Root access to your server
  • Postfix mail server installed and running
  • JetEmail SMTP credentials from your dashboard

Configuration Steps

1

Generate SMTP Credentials

Create a smarthost (or use an existing one) in your JetEmail dashboard.
2

Configure SMTP Authentication

Create or edit /etc/postfix/sasl_passwd to include your JetEmail credentials:
relay.jetsmtp.net:25 your_username:your_password
Replace your_username and your_password with your actual JetEmail SMTP credentials.Secure the file and create the hash database:
chmod 600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
3

Update Postfix Main Configuration

Add the following lines to /etc/postfix/main.cf:
# JetEmail Smarthost Configuration
relayhost = relay.jetsmtp.net:25
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes
smtp_tls_security_level = encrypt
smtp_tls_note_starttls_offer = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

# Header customization for authentication
smtp_header_checks = regexp:/etc/postfix/smtp_header_checks
4

Configure Header Authentication

Create /etc/postfix/smtp_header_checks to add authentication headers:
/^(.*)/ REPLACE X-AuthUser: your_username
Replace your_username with your actual JetEmail SMTP username.Create the hash database:
postmap /etc/postfix/smtp_header_checks
5

Optional: Configure Sender Canonical Maps

If you need to rewrite sender addresses, create /etc/postfix/sender_canonical:
# Rewrite local users to use your domain
root@localhost.localdomain    noreply@yourdomain.com
www-data@localhost.localdomain noreply@yourdomain.com
Add to /etc/postfix/main.cf:
sender_canonical_maps = hash:/etc/postfix/sender_canonical
Create the hash database:
postmap /etc/postfix/sender_canonical
6

Test Configuration and Restart Postfix

Test your configuration and restart Postfix:
postfix check  # Test configuration syntax
systemctl restart postfix

Alternative Port Configuration

If port 25 is blocked, you can use port 587: 
# Use port 587 instead of 25
relayhost = relay.jetsmtp.net:587
smtp_tls_wrappermode = no
smtp_tls_security_level = encrypt

Additional Configuration

SPF Records

Don’t forget to update your SPF records to include JetEmail’s servers: 
v=spf1 include:spf.jetsmtp.net ~all
Learn more about email authentication.

Domain Authentication

For enhanced security and deliverability:
  • Configure Domain Lockdown to prevent domain spoofing
  • Set up DMARC for email authentication
  • Ensure proper DKIM signing is configured

Testing Your Configuration

After configuration, test your setup:
  1. Send a test email to an external address: 
    echo "Test message body" | mail -s "Test Subject" test@example.com
  2. Check the mail queue: 
    postqueue -p
  3. Monitor Postfix logs: 
    tail -f /var/log/mail.log
# OR
tail -f /var/log/maillog
  4. Verify authentication in email headers
  5. Monitor delivery in your JetEmail dashboard

Troubleshooting

Authentication Failures

  • Verify your SMTP credentials in /etc/postfix/sasl_passwd
  • Ensure the password database was created: postmap /etc/postfix/sasl_passwd
  • Check that your JetEmail account is active and in good standing

Connection Issues

  • Verify ports 25 or 587 are open in your firewall: 
    telnet relay.jetsmtp.net 25
# OR
telnet relay.jetsmtp.net 587
  • Check TLS configuration and certificate paths
  • Ensure SASL authentication modules are installed: 
    # Debian/Ubuntu
apt-get install libsasl2-modules

# CentOS/RHEL
yum install cyrus-sasl-plain

Configuration Errors

  • Check Postfix logs for detailed error messages: 
    grep postfix /var/log/mail.log
  • Test configuration syntax: postfix check
  • Verify file permissions on configuration files

Common Error Messages

“SASL authentication failed”
  • Check username/password in /etc/postfix/sasl_passwd
  • Verify the password database exists and is readable
“TLS is required”
  • Ensure smtp_use_tls = yes is set
  • Check TLS certificate configuration
“Connection refused”
  • Verify network connectivity to JetEmail servers
  • Check firewall settings

Advanced Configuration

Multiple Domains with Different Credentials

If you need different SMTP credentials for different domains:
  1. Create /etc/postfix/sender_dependent_relayhost_maps: 
    @domain1.com    relay.jetsmtp.net:25
@domain2.com    relay.jetsmtp.net:25
  2. Create /etc/postfix/sender_dependent_sasl_passwd_maps: 
    @domain1.com    username1:password1
@domain2.com    username2:password2
  3. Add to /etc/postfix/main.cf: 
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_dependent_relayhost_maps
smtp_sender_dependent_authentication = yes
smtp_sasl_password_maps = hash:/etc/postfix/sender_dependent_sasl_passwd_maps
  4. Create hash databases: 
    postmap /etc/postfix/sender_dependent_relayhost_maps
postmap /etc/postfix/sender_dependent_sasl_passwd_maps

Security Considerations

  • Keep your SMTP credentials secure with proper file permissions
  • Regularly rotate your JetEmail SMTP passwords
  • Monitor your email logs for suspicious activity
  • Consider implementing rate limiting if needed
For additional support, contact our team or visit our Discord community.