Using Cloudron as an SMTP smarthost relay for other systems
- 
I'm looking into using my Cloudron server as a SMTP relay for other servers on our domain, allowing them to send notifications, password resets, etc. through credentials for a mailbox-enabled account on it. We can update our DNS records to ensure SPF/DKIM/DMARC allow this. However, there are some constraints: - I can't allow Cloudron to define itself as the domain's MX server. This is because our domain has an existing MX server which handles all incoming mail to the domain.
- Assume no 3rd party relay service is available.
- Our MX service is run by a 3rd party who do not want to provide us with a SMTP relay service
- We don't want to use a 3rd party SMTP relay service like Mailgun, Sendgrid etc. (There are reasons for that but that's outside the scope of this question.)
 
 Cloudron's option to act as a mail server is enabled, I've just not checked the box allowing Cloudron to update the DNS. This results in a warning in Cloudron's dashboard that email is incorrectly configured, and although it'd be nice to suppress that, I can live with it for the moment. The immediate problem seems to be that we can't connect to port 25 on the Cloudron server. Our ISP (Hetzner) claims they are not blocking it, so I am wondering if something else is wrong. Checking netstat -plant, something is listening on 0.0.0.0 on port 25 on the Cloudron server, but not port 465 or 587. More investigation reveals this to bepostfix, which I don't think should be installed on Cloudron servers. Removing it, there is now nothing listening on any of the above ports.Inspecting the output of iptables -LI can't see anything which explicitly allows SMTP ports, so perhaps Cloudron's SMTP service is not quite enabled fully.The question is: should I be able to get this to work if the ports are genuinely unblocked? I'm wondering if Cloudron won't support this situation for some known reason. The lack of port 465 etc. seems like a sign that it's not fully enabled the SMTP service in some way? And, beyond that, will the DKIM headers etc. be inserted correctly on relayed mail? I would expect this to be necessary to support regular mail clients which wouldn't know the correct keys to use, but I can't check that until I can get to the point of being able to send an email. Thanks! 
- 
Perhaps I should add: is there another way than enabling the mailboxes option in the dashboard? I infer that all the Cloudron hosted apps will have access to an internal SMTP relay service - so external access to that is what I'm really after, not making Cloudron think it should be an MX server. 
- 
@wu-lee we have to implement this feature. Currently, Cloudron will only accept email from external sources when incoming email (MX) is enabled. Even with incoming email enabled, it only accepts email from defined "mailboxes" . i.e as a hack you have to create a mailbox as a relay endpoint. BTW, why not just use the relay features of your MX? 
- 
@wu-lee we have to implement this feature. Currently, Cloudron will only accept email from external sources when incoming email (MX) is enabled. Even with incoming email enabled, it only accepts email from defined "mailboxes" . i.e as a hack you have to create a mailbox as a relay endpoint. BTW, why not just use the relay features of your MX? @girish Thanks for confirming this won't work. BTW, why not just use the relay features of your MX? Because our 3rd party service doesn't offer a SMTP smarthost relay service per se, just webmail and mailboxes with SMTP credentials. So I'd be forced to use that hack you mention: sending via a mailbox. And I hesitate to do that in both cases because I'm not yet confident that email relayed from another server via this mechanism will not be scored as spam downstream. (I wonder how careful about the HELO greeting recorded in the headers, for instance, and perhaps certain SPF checks) The bottom line would be to try it and see, but I wanted to know if Cloudron had a more SMTP relay I could use in this situation. 
- 
- 
J joseph has marked this topic as solved on
 

