Using Postfix and free Mandrill email service for SMTP on Ubuntu Linux server

Update: This blog post is out-of-date. Mandrill recently changed their policy with changes that some of the service users may not approve. See alternatives.

OLD BLOG POST GOES HERE:

This blog posts discuss using Postfix mail server software and Mandrill SMTP service to send email out from your Linux server and web applications.

Getting a good outgoing email service for your self-hosted small business web application is difficult. Mandrill service addresses this issue; Mandrill is outgoing email service provided by Mailchimp email newsletter service – so they have all the money, skill and interest keep their SMTP server working and spam blacklist free.

In this blog post we discuss how to use Mandrill with Postfix SMTP daemon on Ubuntu Linux. Please note that this blog considers only Ubuntu Linux software stack where you have full control. If you run crippled deployment environment where you cannot install software, like Google AppEngine or Heroku, Mandrill offers HTTP API for sending email.

You may also want to see earlier blog posts Using Nullmailer and Mandrill app for sending email on Ubuntu servers and Sendmail using GMail and Nullmailer. However, approach described here is superior and recommended over the former alternatives. Specifically Exim4 and Sendmail are inhuman difficult to configure, MSMTP and Nullmailer do not offer localhost SMTP server.

1. About Mandrill

Screen Shot 2013-03-25 at 12.24.32 PM

Mandrill is

  • Real SMTP server with SMTP and HTTP APIs
  • 12k free emails per month – very generous from them
  • The owner has clear interest keeping it spam blacklist free (Mailchimp, their main product, is a newsletter service)
  • The web admin interface is easy and powerful
  • Mandrill supports converting all links in emails automatically trackable

Sidenote: when dealing with setting From: address in email make sure the domain records of the from email address whitelist the outgoing email server IP addresses via SPF records.

2. Setting up Postfix with Mandrill

The benefits of using Postfix include

  • Relative easy configuration
  • Local email queue on the server
  • SMTP service at localhost port 25. If you are hosting multiple web applications, like Plone CMS, they have configuration panel where to set SMTP server details. Postfix handles centralized SMTP upstream credential management and local queue for your outgoing emails. Postfix approach is more easier to migrate if you change SMTP servers: you change your ourgoing email service credentials just in one place
  • Some older web applications cannot do SMTP SSL/TLS authentication out of the box and thus cannot negotiate with Mandrill server (e.g. Plone 3.x, WordPress). Postfix acts as middleman  for them.

Screen Shot 2013-03-26 at 4.25.04 PM

Install Postfix on Ubuntu 12.04 LTS:

sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules

You may or may not popped up for Postfix setup wizard in this point. If it doesn’t happen manually run dpkg-reconfigure postfix after apt-get. When the setup wizard asks any questions choose

  • Internet site
  • Add fully qualified hostname for your server (e.g. if your host is foobar, FQDN is foobar.example.com)
  • Otherwise use the default settings

Screen Shot 2013-03-26 at 4.26.27 PM

Then add the following lines to file /etc/postfix/main.cf:

relayhost = [smtp.mandrillapp.com]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes

# Make sure Postfix listens to localhost only
inet_interfaces = 127.0.0.1

Set up your Mandrill credentials for Postfix:

echo "[smtp.mandrillapp.com]    MANDRILL_USERNAME:MANDRILL_API_KEY" > /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd

You can create your API key on Settings page on Mandrill website.

Install SSL certificates, so Postfix trusts smtp.mandrillapp.com (might not be supplied on Ubuntu server by default):

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

Restart Postfix

service postfix reload && service postfix restart

3. Testing email out

Below is the command line to send some mail to yourself:

echo "This is a test message from ${USER}@${HOSTNAME} at $(date)" \
  | sendmail mikko@example.com

Check the system mail queue:

mailq  # Should be empty

You can see Postfix logs for possible detailed error reports:

tail -f /var/log/mail.log

See that Postfix answers in localhost port 25:

telnet localhost 25  # Write crap to the SMTP port until Postfix terminates the connection

Also check Outbound > Activity logs in Mandrill web interface.

4. More information

 

\"\" Subscribe to RSS feed Follow me on Twitter Follow me on Facebook Follow me Google+

8 thoughts on “Using Postfix and free Mandrill email service for SMTP on Ubuntu Linux server

  1. Pingback: Debug SMTP server one-liner

  2. so how can i implement this server to work along with my web site in a local network that using mysql database .. ?

  3. Awesome-Simple-Beautiful-Clean-Crisp article!
    Thank you very much.
    One small correction, I had to do to make it work was.. the port number:
    echo “[smtp.mandrillapp.com] MANDRILL_USERNAME:MANDRILL_API_KEY” > /etc/postfix/sasl_passwd

    to

    echo “[smtp.mandrillapp.com]:587 MANDRILL_USERNAME:MANDRILL_API_KEY” > /etc/postfix/sasl_passwd

    and

    relayhost = [smtp.mandrillapp.com]

    to

    relayhost = [smtp.mandrillapp.com]:587

    Thanks once again 🙂

  4. Hey, great article! It seems to work for me but I have a trouble. I did the test mail but I cant read it from my user. Also I can’t see any mail sent in the activity panel from Mandrill. Anyone knows how can I do it?

    Thanks.
    Alejandro

  5. For anyone unaware there have been significant Mandrill Policy Changes as of yesterday (Feb. 24, 2016) that require a paid Mailchimp account in order to use Mandrill any longer. There is chaos stirring on the internet regarding this very bold decision by Mandrill. Additionally, they gave everyone a very short time frame to get moved to another provider before your account will be terminated for non-compliance.

Leave a Reply

Your email address will not be published. Required fields are marked *