๐ Compatibility: BlueMind (all versions)
Objective
Instead of sending emails directly to the Internet, this procedure allows you to route all outbound messages from your organization through the e-securemail antispam gateways using a secure SMTP relay.
๐ Important Information
SMTP relay server to configure:smtp.security-mail.net
This is the address you must configure to route your outbound mail flow through the e-securemail filtering gateways.
๐ Security Recommendation
For optimal protection of your BlueMind infrastructure, restrict inbound connections by allowing only the IP addresses of the e-securemail servers in your Postfix configuration.
๐ฅ View the list of e-securemail IP ranges
๐ Configuration Procedure
Configure Outbound SMTP Routing
Method 1: Using the BlueMind Administration Interface (GUI)
Step 1: Access Mail Server Settings
- Sign in to the BlueMind Administration Console
- Go to:
System Management > Mail Servers - Select your mail server
- Click the Mail Server tab
Step 2: Configure the SMTP Relay
- Locate the Outbound SMTP Relay or Smarthost section
- In the Relay Host field, enter:
smtp.security-mail.net- Set the port to:
25- Click Save
Step 3: Apply the Configuration
- Click Apply Configuration to apply the changes
- The Postfix service will restart automatically
Method 2: Using the Command Line (CLI)
Step 1: Connect via SSH
Connect to your BlueMind server via SSH as the root user.
Step 2: Edit the Postfix Configuration
Open the main Postfix configuration file:
nano /etc/postfix/main.cfStep 3: Add the Relay Host
Add or modify the following line:
relayhost = [smtp.security-mail.net]:25โ ๏ธ Note: The square brackets [ ] prevent MX lookup and force a direct connection to the relay server.
Save the file (Ctrl+O, then Ctrl+X).
Step 4: Restart Postfix
systemctl restart postfixStep 5: Verify the Configuration
postconf relayhostThe output should display:
relayhost = [smtp.security-mail.net]:25๐ง Advanced Configuration (Optional)
SMTP Authentication (If Required)
If e-securemail requires SMTP authentication:
Create the Password File
nano /etc/postfix/sasl_passwdAdd the Credentials
[smtp.security-mail.net]:25 username:passwordSecure and Index the File
chmod 600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwdConfigure Postfix Authentication
Edit the Postfix configuration:
nano /etc/postfix/main.cfAdd the following lines:
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymousRestart Postfix
systemctl restart postfixEnable TLS Encryption
Add or modify the following settings in /etc/postfix/main.cf:
smtp_tls_security_level = may
smtp_tls_loglevel = 1Then restart Postfix:
systemctl restart postfixRestrict Inbound Connections by IP
Edit Postfix Restrictions
nano /etc/postfix/main.cfConfigure Restrictions
smtpd_recipient_restrictions =
permit_mynetworks,
check_client_access hash:/etc/postfix/client_access,
reject_unauth_destinationCreate the Allowed Access File
nano /etc/postfix/client_accessAdd e-securemail IP Addresses
192.0.2.10 OK
192.0.2.11 OKIndex and Restart
postmap /etc/postfix/client_access
systemctl restart postfixโ Verify the Configuration
To confirm that your emails are routed through e-securemail:
Send a Test Email
echo "e-securemail relay test" | mail -s "SMTP Test" recipient@example.comMonitor Postfix Logs in Real Time
tail -f /var/log/mail.log | grep smtp.security-mail.netor
journalctl -u postfix -f | grep smtp.security-mail.netVerify Email Headers
Inspect the headers of the received message and confirm that smtp.security-mail.net appears in the routing path.
Test the Postfix Configuration
postfix check๐ Troubleshooting
Verify That the Relay Is Configured
postconf | grep relayhostTest Connectivity to the Relay
telnet smtp.security-mail.net 25Review Error Logs
grep error /var/log/mail.logโน๏ธ Additional Help
For more details about BlueMind and Postfix configuration, refer to: