Tag: Postfix

Categories
Knowledge Base

Setting up Postfix to use Office 365 mail

FreePBX uses centos 7 and postfix fom its mail delivery, normally this is fine unless the customer is using Office 365 mail then there can be delivery issues.

Firstly you will need to set up a user in Office 365 for the system.

Postfix’s main configuration file is main.cf and that is where we make the required change as follow:

[root@localhost ~]# vi /etc/postfix/main.cf

Append the following lines

masquerade_domains = domainname
myhostname = USERNAME.domainname
mydomain = USERNAME.domainname
myorigin = USERNAME@domainname
relayhost = [smtp.office365.com]:587

mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
smtp_use_tls = yes
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_generic_maps = hash:/etc/postfix/generic 
# smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Save and exit from the file.
Next we need to edit the configuration for the postfix SASL credentials:

[root@localhost ~]# vi /etc/postfix/sasl_passwd

Add a line below

[smtp.office365.com]:587 user@domainname:password

Replacing user@domainname:password with your sender account details

Save and exit from file

A Postfix lookup table must now be generated from the sasl_passwd text file by running the following command.

[root@localhost ~]# postmap /etc/postfix/sasl_passwd

Now change permission for this file

[root@localhost ~]# chown root:postfix /etc/postfix/sasl_passwd

[root@localhost ~]# chmod 640 /etc/postfix/sasl_passwd

Next, we need to configure generic file in order to be able to send emails as a valid user (this is required for Office365).

[root@localhost ~]# vi /etc/postfix/generic

Go the end of file and append following lines.

root@localhost.localdomain UserName@Domain.com

Again replacing localhost.localdomain and UserName@Domain.com with your service hostname and the email user are using

Save and exit from file.

Next let’s correct the file permission.

[root@localhost ~]# chown root:root /etc/postfix/generic

[root@localhost ~]# chmod 0600 /etc/postfix/generic

[root@localhost ~]# postmap /etc/postfix/generic

Now restart Postfix service.

[root@localhost ~]# systemctl restart postfix

Now try to send a test email using the command below:
FOR Centos:

echo "This is the body of the email"| mail -r"Sender-Display-Name<sender@domain.com>" -s "This is the subject(E-Mail from SMTP Relay) line" recipeat@gmail.com

In FreePBX under Voicemail admin you must change the senders address to match your account as well as the sender for notifications such as backups etc. otherwise you can get errors and mail wont be delivered.

Categories
Asterisk Support Elastix Support FreePBX Knowledge Base

Using Gmail to send Voicemail emails

We have seen more and more ISPs blocking Port 25.  This means that sending emails natively from FreePBX or any Asterisk based IPBX for things such as voicemail notification can time out or be rejected.

To get round this you can send your email notifications via Gmail.

Firstly you need a Gmail account, once you have this jot down the user and password, you will need this later.

You now need to connect to your server via ssh as you have a couple of files to edit.

Firstly you need to enter the account details in sasl_passwd

vi /etc/postfix/sasl_passwd

and add

smtp.gmail.com:587 yourmailaddress@gmail.com:password

Save it, then edit main.cf

vi  /etc/postfix/main.cf

Then add at the end:

masquerade_domains = yourdomain.com
# The servers hostname below
myhostname = Asterisk.yourdomain.com
mydomain = Asterisk.yourdomain.com
# The email account its being sent from below
myorigin = voicemail@yourdomain.com

relayhost = smtp.gmail.com:587
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
smtp_use_tls = yes
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_generic_maps = hash:/etc/postfix/generic 
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

Then enter the following commands at teh command line

postmap hash:/etc/postfix/sasl_passwd
/etc/init.d/postfix restart

Finally you need to make a change to your gmail account to “Allow users to manage their access to less secure apps” which is in the security section of the Gmail ‘Domain’ account setting if its a GSuite account then make sure “Less secure app access” is set to yes in the accounts ‘security section’ if you don’t do this you will see:

535-5.7.8 Username and Password not 
accepted. Learn more at?535 5.7.8 https://support.google.com/mail/?p=BadCredentials  

or 

530-5.7.0 Authentication Required. Learn more at 530 5.7.0 h
ttps://support.google.com/mail/?p=WantAuthError

Most likely the 535 error if ‘Less secure app access’ is not enabled.

You should now be able to send email via the gmail account.

It’s worth making a couple of changes to the gmail account, firstly set and out of office sayings it’s only a sending mailbox and another to delete messages in the inbox.