SMTP relay/proxy

Hi everyone,

Not sure if this is the correct forum for this, but I am looking for some advice on the SMTP relay/proxy.

I have a VPS server that runs latest LTS Ubuntu, domain name and a Synology server at home that can host an email server. My residential connection is usually very stable, however it does have a dynamic IP that may change once a year or whenever I change my wan mac address.

What I want is to basically use my VPS as a proxy or a relay for my home email server. Also, I would like my VPS to be able to store emails in case they are not delivered to my email server.

Is there anything that is super lightweight that can do what I need? I would prefer not to host the whole email server on the VPS.

Thanks.

If you want to use the vps as a fail over mail server the you pretty much need to set it up the same as your local mail server, in which case just do it on the vps.

If your mail server is turned off you won't lose the email so long as it's available within 3 days or a week or whatever the standard retry time is. So you will be fine on a residential connection.

You should be able to configure postfix as a relay or you could set up a vpn and route your email server through that so that the static ip of your vps appears as the address for the mail server even though it's running at home.

3 Likes

Does it matter if I sent mail from my home IP, but receive it on the VPS IP? VPN seems like a bit too heavy of a solution. Also, I am not sure if it will even work on my VPS.(IIRC I need a special VM for that.) But its good that it attempts to deliver messages for couple of days. I am thinking maybe I could do the iptables trick on the VPS to simply redirect all packets coming to 25,456,587 to my home connection. And then on a router restrict port forwarding to my VPS's IP.

if you have working, let me know man.

already try this in my country but my ISP doesnt permit reverse DNS to dynamic dns and the mayor email providers detect the header of the email as spammy.

YourIP= 0.0.0.0 #I use the internal nic IP of my VPS here. External IP might work too
YourPort=587
TargetIP=0.0.0.0
TargetPort=587

iptables -t nat -A PREROUTING --dst $YourIP -p tcp --dport $YourPort -j DNAT \
--to-destination $TargetIP:$TargetPort
iptables -t nat -A POSTROUTING -p tcp --dst $TargetIP --dport $TargetPort -j SNAT \
--to-source $YourIP
iptables -t nat -A OUTPUT --dst $YourIP -p tcp --dport $YourPort -j DNAT \
--to-destination $TargetIP:$TargetPort

But this is only for receiving mail. I send my mail through my ISP's SMTP relay. Seems to work fine. The only problem with using iptables like that is that everything will appear as if your VPS is sending you mail or trying to brute force into your email server. My email server already automatically banned my VPS for trying to brute force into. I had to add the IP to whitelist. So, I am thinking about setting up some rules to control the rate of incoming packets and auto generated ban list on the VPS itself.

have a look at XEAMS. you can set up a smtp proxy pretty easily.

2 Likes

Setup postfix as a rely/proxy. I would also look at having the smtp proxy doing some spam filtering as well, I used spamassassin for this, but that was a long time ago... I would have to look at the docs and do some testing. If you have enough RAM on the VPS you could also run the mail through an antivirus plugin... you need at least 1GB+ of RAM for most clamav builds if I remember correctly

postfix dovecot and avamis would be the best solution but they are a pain in the ass to set up securely.

This isn't what you asked for, but ....

I use no-ip for my needs
https://www.noip.com/managed-mail#self-hosted
I don't quite know why the prices total up to $120/yr ... I didn't pay that initially and I haven't recently on renewal.

For me it works out quite a lot cheaper than a vps and has the reliability I need. The Backup MX service means that if my server is down I don't miss any emails and the Alternate-port SMTP gets around the fact that some mail servers are prejudiced against dynamic IPs.

Back to what you asked for - I agree with @Dexter_Kane and then some; just do it on the vps. Why bother setting up the same thing twice? You're paying for the vps so use it as the mail server and just have backups run to your NAS (I presume the synology is a NAS).