How configure postfix correctly in debian 12

Hi @tsukon this procedure is to configure postfix with a Gmail account, isn’t it?

Hi ​@Laurent  yes ! but i can do the same with gmail account no? 

Or this is maybe better to don’t use an Relayhost like gmail?

We can’t send any email from localhost debian VM to an external email than outlook or anythink?

Hello ​@tsuko have you tried with an app password?

https://security.google.com/settings/security/apppasswords

hi ​@ponchoh ! that work when i use an gmail account but i don’t wnt to use an relayhost. My responsable prefer my Server Centreon send directly the notification (lik email from user@centreon-srv.net or user@localhost ) did you understand ! sorry if my not precise ^^

Hello ​@tsuko,

• do you have an email server setup?
• smtp?
• config with your allowed network?
• what have you tried?

Hi ​@ponchoh !

 yes my company has its own domain which is  hosted by an external service provider. But we can access to manage it if we want.

​@tsuko 

can you use your provider for smtp? what have you tried?

​@ponchoh hi !

i’m retrying to use email nofication with postfix. But i don’t use gmail as relayhost .

I try to use my provider smtp server in my config but that doesn’t work .

When i try to do “a echo test” that don’t work and send an respond in my local user of centreon (like root or centreon-engine) in var/mail

The response is: 

From MAILER-DAEMON  Sun Jan 12 17:46:42 2025
Return-Path: <>
X-Original-To: root@srv-centreon.xxxx.lan
Delivered-To: root@srv-centreon.xxxx.lan
Received: by srv-centreon.xxxx.lan (Postfix)
    id 4661611FC55; Sun, 12 Jan 2025 17:46:42 +0100 (CET)
Date: Sun, 12 Jan 2025 17:46:42 +0100 (CET)
From: Mail Delivery System <MAILER-DAEMON@srv-centreon.xxxx.lan>
Subject: Undelivered Mail Returned to Sender
To: root@srv-centreon.xxxx.lan
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
    boundary="2826111FC50.1736700402/srv-centreon.xxxx.lan"
Content-Transfer-Encoding: 8bit
Message-Id: <20250112164642.4661611FC55@srv-centreon.xxxx.lan>

This is a MIME-encapsulated message.

--2826111FC50.1736700402/srv-centreon.ch-hvsm.lan
Content-Description: Notification
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit

This is the mail system at host srv-centreon.xxxx.lan.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<centreon@xxxx.fr>: host smtp.xxxx.fr[xx.xx.xx.xx] said: 530 5.7.0 Must
    issue a STARTTLS command first (in reply to MAIL FROM command)

--2826111FC50.1736700402/srv-centreon.xxxx.lan
Content-Description: Delivery report
Content-Type: message/delivery-status

Reporting-MTA: dns; srv-centreon.xxxx.lan
X-Postfix-Queue-ID: 2826111FC50
X-Postfix-Sender: rfc822; root@srv-centreon.xxxx.lan
Arrival-Date: Sun, 12 Jan 2025 17:46:42 +0100 (CET)

Final-Recipient: rfc822; centreon@xxxx.fr
Original-Recipient: rfc822;centreon@xxxx.fr
Action: failed
Status: 5.7.0
Remote-MTA: dns; smtp.xxxx.fr
Diagnostic-Code: smtp; 530 5.7.0 Must issue a STARTTLS command first

--2826111FC50.1736700402/srv-centreon.xxxx.lan
Content-Description: Undelivered Message
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit

Return-Path: <root@srv-centreon.xxxx.lan>
Received: by srv-centreon.xxxx.lan (Postfix, from userid 0)
    id 2826111FC50; Sun, 12 Jan 2025 17:46:42 +0100 (CET)

​@ponchoh and that is my main.cf configuration:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
# fresh installs.
compatibility_level = 3.6

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/srv-centreon.crt
smtpd_tls_key_file=/etc/ssl/private/srv-centreon.key
smtpd_tls_security_level=may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = srv-centreon.xxxx.lan
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, xxxx.lan, srv-centreon.xxxx.lan, localhost.xxxx.lan, localhost
relayhost = [smtp.xxxx.fr]:587 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes
 

thank you, have you tried

smtp_tls_security_level = encrypt

then restart

sudo systemctl restart postfix

🤞🥁

hi ​@ponchoh that doesn’t work !

I can receveid a notification from centreon into my localhost centreon:

domain.lan

but not send anything to

External-domain.FR

but i continue to receveid a good notification for “centreon-engine@xxxx.lan” into /var/mail/centreon-engine in localhost system as you can see:

check the SPF on the receiving end?

Hi ​@ponchoh all is working ! i decided to don’t use some relayhost and that work i receveid directly the notification in our mailbox .

But can i change the sender notification?

Why this is Centreon-engine?

I’ve create a new user and add him into the sender email notification but that doesn’t work :( :

The command look like very strange :

🐝🌻

and

🎁

./centreon_notification_email.pl --plugin=notification::email::plugin --mode=alert --help

🤞