Show pagesourceOld revisionsBacklinksBack to top × Table of Contents E-MailRelay Sections Server Proxy Plain commands Useful options Configure TLS Mail storage location Reading email with POP Open ports for internet in Firewall E-MailRelay E-MailRelay is an e-mail store-and-forward message transfer agent and proxy server. E-MailRelay does three things: it stores any incoming e-mail messages that it receives, it forwards e-mail messages on to another remote e-mail server, and it serves up stored e-mail messages to local e-mail reader programs. More technically, it acts as a SMTP storage daemon, a SMTP forwarding agent, and a POP3 server. E-MailRelay does not do routing of individual messages; it is not a routing MTA. It forwards all e-mail messages to a pre-configured SMTP server, regardless of any message addressing or DNS redirects. Package emailrelay takes up to 1.4mb space and installs following files: /usr/bin/emailrelay /usr/bin/emailrelay-filter-copy /usr/bin/emailrelay-passwd /usr/bin/emailrelay-submit /etc/config/emailrelay /etc/emailrelay.auth Its uci configuration is located in /etc/config/emailrelay. The config starts emailrelay command with options that are described in manual. You can also use plain config file /etc/emailrelay.conf. See https://sourceforge.net/p/emailrelay/code/HEAD/tree/trunk/etc/emailrelay.conf.template Sections The default emailrelay config file contains server, proxy and cmdline sections. The possible options are listed in the table below. Name Type Required Default Description enabled integer yes 0 Listen SMTP mode string yes server, proxy or cmdline Mode: –as-server or –as-proxy. The cmdline means append extra_cmdline smarthost string yes (none) For proxy mode specify the SMTP to forward emails. The option for –as-proxy <host:port> port integer yes 25 Port to listen incoming emails. remote_clients integer yes 0 To allow connections from anywhere. By default only local allowed. Check your firewall to avoid spam. See –remote-clients address_verifier string no (none) Runs the specified external program to verify a message recipient's e-mail address. See –address-verifier domain string no (none) Specifies the network name that is used in SMTP EHLO. The default is derived from a DNS lookup of the local hostname. See –domain anonymous integer no 0 Disables the server's SMTP VRFY command. See –anonymous server_tls integer no 0 For server and proxy mode. See –server-tls Doesn't work in v2.1, see fix server_auth string no (none) For server and proxy mode. See –server-auth and /etc/emailrelay.auth client_tls integer no 0 For proxy mode. See –client-tls client_auth string no (none) For proxy mode. See –client-auth and /etc/emailrelay.auth extra_cmdline string no (none) Extra command line options. See http://emailrelay.sourceforge.net/#reference_md_Reference for command line reference Server A minimal server declaration: config emailrelay 'server' option enabled '0' option mode 'server' option port '25' option remote_clients '0' Proxy A minimal proxy declaration: config emailrelay 'proxy' option enabled '0' option mode 'proxy' option smarthost '192.0.2.1:25' option port '25' option remote_clients '0' Plain commands A minimal cmdline declaration: config emailrelay 'cmdline' option enabled '0' option mode 'cmdline' # specify all arguments that should be passed to emailrelay here # see http://emailrelay.sourceforge.net/#reference_md_Reference for command line reference option extra_cmdline '--some-other --cmdline-options' Useful options Configure TLS Obtain a TLS cert Then configure server_tls option and put private key and then after a comma a fullchain. Mail storage location By default mails are stored into /var/spool/emailrelay. On the OpenWrt the entire /var/ directory is tmpfs stored in RAM memory and will be lost on a router reboot. So you need to change it to store them into some USB disk. To do this you have to create a folder e.g. /mnt/usb_disk/spool/ and configure emailrelay to use it by setting: option extra_cmdline '--spool-dir /mnt/usb_disk/spool/' In next versions of the emailrelay package you'll have a separate UCI option spool_dir Also if you are using the “POP by name” option then you need to create a subfolders for each account Reading email with POP If you are using email client (MUA) like Thunderbird, Outlook then you can fetch received mails by enabling POP protocol. option extra_cmdline '–pop –pop-auth=/etc/pop.auth'. Also you must allow an access so set option remote_clients='1'. Then you must create the /etc/pop.auth file as described in http://emailrelay.sourceforge.net/index.html#userguide_md_Running_as_a_POP_server. Please note that if you are going to read emails from internet then you have to configure TLS for security. See below how to open a port for internet. Open ports for internet in Firewall This is a very bad idea for security and don't do this unless you know what are you doing. Add to /etc/config/firewall: config rule option name 'Allow-WAN-SMTP' option target 'ACCEPT' option src 'wan' option proto 'tcp' option dest_port '25' config rule option name 'Allow-WAN-SMTP-Submission' option target 'ACCEPT' option src 'wan' option proto 'tcp' option dest_port '587' config rule option name 'Allow-WAN-POP' option target 'ACCEPT' option src 'wan' option proto 'tcp' option dest_port '110' You can add these rules with command line: uci add firewall rule uci set firewall.wan_https_turris_rule=rule uci set firewall.wan_https_turris_rule.name='Allow-WAN-SMTP' uci set firewall.wan_https_turris_rule.src='wan' uci set firewall.wan_https_turris_rule.proto='tcp' uci set firewall.wan_https_turris_rule.dest_port='25' uci set firewall.wan_https_turris_rule.target='ACCEPT' uci add firewall rule uci set firewall.wan_https_turris_rule=rule uci set firewall.wan_https_turris_rule.name='Allow-WAN-SMTP-Submission' uci set firewall.wan_https_turris_rule.src='wan' uci set firewall.wan_https_turris_rule.proto='tcp' uci set firewall.wan_https_turris_rule.dest_port='587' uci set firewall.wan_https_turris_rule.target='ACCEPT' uci add firewall rule uci set firewall.wan_https_turris_rule=rule uci set firewall.wan_https_turris_rule.name='Allow-WAN-POP' uci set firewall.wan_https_turris_rule.src='wan' uci set firewall.wan_https_turris_rule.proto='tcp' uci set firewall.wan_https_turris_rule.dest_port='110' uci set firewall.wan_https_turris_rule.target='ACCEPT' uci commit firewall service firewall restart This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2023/01/29 14:40by stokito