How to Configure a Send-Only Email Service in CentOS/RHEL 7
In this post, we will outline steps to configure a CentOS/RHEL 7 server to transmit all emails through an unauthenticated SMTP gateway.
Email Archtecture And Null Client
In today’s corporate environments, email is a common method of communication. End-users may use dedicated mail clients such as Evolution and mutt to read and send email, or the organization may have a web-based interface for its mail service.
However, Linux servers also send an email, usually for automatic purposes or to report errors to an administrator. They generally use, directly or indirectly, a standard program called /usr/sbin/sendmail (provided in CentOS/RHEL 7 by Postﬁx) to send these messages. In practice, most servers are monitored and send out mails when incidents occur. This often requires a conﬁgured /usr/sbin/sendmail to send emails to notify the responsible system administrators by using the corporate SMTP server to transmit the messages.
A null client is a client machine that runs a local mail server that forwards all emails to an outbound mail relay for delivery. A null client does not accept local delivery for any messages, it can only send them to the outbound mail relay. Users may run mail clients on the null client to read and send emails. This section will look at how to conﬁgure a CentOS/RHEL 7 server as a Postﬁx null client, which will use sendmail and the SMTP protocol to transmit mail messages to the outside world through an existing outgoing mail server.
Transmission Of An Email Message
To send an email, in most cases the mail client communicates with an outgoing mail server, which will help relay that message to its ﬁnal destination. The mail client transmits messages to the mail server using the Simple Mail Transfer Protocol (SMTP).
The outgoing mail relay may require no authentication from internal clients, in which case the server listens on port 25/TCP. In that case, the relay will restrict which hosts can relay through IP address-based restrictions or ﬁrewall rules.
The outgoing mail relay then uses DNS to look up the MX record identifying the mail server that accepts delivery for messages sent to the recipient’s domain. The relay then uses SMTP on port 25/TCP to transmit the email to that server.
The recipient’s mail service may provide a POP3 or IMAP servers, such as Dovecot or Cyrus, to allow a dedicated mail client to download their messages. Frequently, the mail service provides a web-based interface, allowing clients to use a web browser as a mail client.
The following image illustrates how an email client retrieves incoming mail from an IMAP server and sends outgoing mail through an SMTP server. The mail client on serverX.example.com fetches incoming mails from the IMAP server imapX.example.com. Outgoing mails are sent to smtpX.example.com. An MX DNS record deﬁnes smtpX.example.com as the responsible mail server for the desktopX.example.com domain.