Send E-Mail from Everywhere

Postfix on Mac OS X (and other Unix systems)

Updated: 01-August-2005

Contents



Learn more about the Hommingberger Gepardenforelle here.


Why? Send mail from everywhere with your Powerbook

In this tutorial, you will learn how to send emails that will carry your original email address, regardless of where you are.

Installation takes approximately 10-15 Minutes.

Without direct access to the mail (SMTP) server installed at their internet service provider or their company/workplace, many people are deprived from their usual means of communication: email. While they can check emails from everywhere, sending is prohibited, because of technical security measures. In tech-speak: modern SMTP servers force their users to use a specific domain part. That means, if your email address is john@nicecompany.com, chances are that you won't be able to send messages from outside NiceCompany while you're on the road. You can't use NiceCompany's e-mail service, and you can't use any other e-mail service either.

Why's that? Security measures! NiceCompany and everyone else have to keep spammers away, who would use their mail servers as a stepping stone to everybody's mailboxes. On the other hand, if you use a free mail service, such as Yahoo, Hotmail or GMX, they will probably force you to use their e-mail address. Even internet service providers that target professional and semi-professional markets may not let you send e-mails with a foreign address in their "From" field. T-Online in Germany nowadays charges you a few bucks extra a month if you want to use their relay server. Or, you're in an organization that blocks port 25, a data channel used to transport e-mails from your machine, then from one server to another.

I have two solutions for the dilemma. The very simple one is explained here. You will need an authenticating mail server that relays mail for you, operating on port 587 (submission) instead of port 25. If you have such a server available (from your ISP or web-host), this is much easier and more reliable than solution two.

This is the second solution: Simply run your own SMTP server locally on your laptop. Newer versions of Apple's Mac OS X operating system, starting with 10.3 (Panther), come with the SMTP server postfix pre-installed, set up and almost ready to go. I will show how to activate and configure it, and how you can install postfix on the older "Jaguar" system.

Oh, by the way. SMTP stands for Simple Mail Transfer Protocol. But that's not important to keep in mind. In fact, once you've set up postfix, you can almost forget about it. It does its job in the background!

There are one or two drawbacks to this approach, and these become more and more imminent. Using your own mail server from dialup connections can result in your e-mail being rejected. More here.

Caution!

Running your own Mail Transfer Agent (SMTP server) can be dangerous. The default configuration as shown below and an active firewall should keep other people such as hackers and spammers from using your machine to send content illegally and spam others. A faulty setup, however, can open up your machine to the world. The consequences would be pretty bad - your ISP could block your account; you could get blacklisted (thus not able to successfully send e-mails) or worse, you could get sued. Therefore, don't change the configuration unless you know what you are doing.

Still, I cannot guarantee the below settings to work in all cases, and to resist subsequent changes by other programs. There, you and only you are responsible for keeping your machine safe. You have been warned.

Activating Postfix on OS X 10.4 (Tiger)

I haven't tested the below instructions - they were sent to me by various people (thanks). They sounds sensible, please use with care.

Activating Postfix on OS X 10.3 (Panther)

You will need to switch on Postfix so it will be loaded at startup, and you may want to configure a few file permissions as follows.

Firewalled - if you can't send e-mail from within an intranet!

In some cases, the organization that provides internet access (your company, university or the like) will run a firewall that blocks e-mail traffic coming from your own SMTP server like postfix. Instead, they usually want you to use their own SMTP server. Doing so does make a lot of sense given all the rogue viruses and trojans on Windows machines, which often come with their own little SMTP server to send e-mail. So don't blame your system administrators!

Instead, you can simply instruct postfix to use their SMTP server if necessary, that is, if a firewall blocks direct e-mail connections. Simply add the following line to main.cf:

fallback_relay = mailsmtpserver.mydomain.com

Obviously, you need to insert the address of your company-provided SMTP server here.

Some e-mail clients such as Apple Mail let you pick a server everytime you send an e-mail. The solution via postfix is much more comfortable: configure once, enjoy everytime.

Upgrading from 10.2 Jaguar to 10.3 Panther

What happens to a postfix installation, when Panther is installed? It is replaced with Apple's postfix. The configuration files are renamed (to *.applesaved) and new configuration files are put in place.

Installing Postfix on OS X 10.2 (Jaguar)

Jaguar comes with Sendmail installed. That's an SMTP server that could do the job. However, Sendmail is a pain, even to insiders. Configuration is quite a hassle, and, in my case, it didn't handle the dialup / LAN switching well: Sometimes I use the built-in modem to get online, sometimes - at my workplace - it's the Airport. A few times, sendmail even decided to sit on my queued email for days, until I happened to restart it manually. The bottomline: sendmail was giving me quite a bit of grief...

You're much better off with an alternative, that is easier to configure: Postfix. In the following, I will give a step-by-step introduction how to install in. It's dead-easy!

Receiving Mail on your Mac with Postfix

Stopping Postfix

Troubleshooting: the configuration blues

Troubleshooting: when your e-mails bounce

Sometimes, you may see your e-mail (sent via the locally installed postfix) be returned to you, along with an error message saying that it wasn't accepted because an 'unknown' e-mail server was used, or one whose IP address doesn't resolve to the domain name. Or, it might say that e-mails from dialup accounts are not appreciated, recommending to "use your IP's smarthost instead". While the exact wording of the error messages differ, this usually means that the computer on the other end thinks that you're sending SPAM. (You can verify things by querying a list such as SORBS with your (dynamic) IP address that you use from home or from your hotel. You can find your IP address here.)

Unfortunately, there is no instant remedy for this -- except sending the e-mail again, this time via some permanently installed SMTP server provided by your ISP, your organization or your service provider.

You can try to use the fallback_relay option as described earlier, in order to use the company SMTP server when possible. Because switching back and forth is cumbersome, I recommend that you find an SMTP server that offers SMTP-AUTH to the world. That way, only trusted customers can use the server.

SMTP traffic blocked by a firewall!

For understandable security reasons (Windows worms!), my new university department rigorously blocks outgoing traffic on port 25 - which is SMTP data. So what to do?

Of course, there is a local SMTP server to be used. But that doesn't work from outside, which means, I'd have to switch servers in my mail client all the time. No good!

Ideally, one would always use an SSL-based SMTP server, which not only works in such cases, but is also more secure. In my case, I resorted to an alternative that I discovered only through a bit of investigation.

My provider (1&1) offers an authenticated SMTP not just on port 25, but also on a port 587, known as 'submission' (technical details here!). One just needs to point the local mail program to that port.

In case your e-mail is marked as spam for other reasons, it may make sense to try to use a certificate stating that your e-mail is legimitate. HABEAS is a company offering such certificates, which are recognized by widespread SPAM filters such as SpamAssassin. Their license is free for personal, non-commercial use, and for internet service providers. Wired has a story.

Disclaimer: Please send me your suggestions and comments. However, I won't be able to help you troubleshooting unless you'd like to hire me as your consultant.

Thanks to Joel Rennich, who wrote an article that shows that installing postfix is not so hard after all. Also thanks to toby Z, Stephen Evans, Mark McLaughlin and .k who all dropped me a line to make this explanation even better...