As mentioned here, my internet service provider (ISP, Eniig) has announced that they will not provide a SMTP relay host (outgoing Simple Mail Transfer Protocol relay), and on top of that they earlier stated that they will not even setup reverse DNS on my fixed IP. They recommended smtp.dk and it has worked flawlessly since I configured it at described here!
Unfortunately (for them) smtp.dk seems to have raised their prices for their low quantity “Emails To Go”-subscription, and that makes one wonder if one can get it cheaper than DKK 0.02 per e-mail :-).
It seems that if you create a Microsoft Azure account (which is free as long as you don’t use services you need to pay for – well, in fact it is even cheaper than free – they give you some introduction credits you can test their paid services with 🙂 ), you can create a free SendGrid.com account with 25,000 free e-mails a month! (even if you need more, they are still way cheaper than smtp.dk).
Just like smtp.dk, SendGrid.com requires you to use the SMTP submit port (587) and authentication. But we already solved that for smtp.dk as described here, so that should not cause too much hassle :-).
I just did it like this:
Add a API Key on SendGrid.com using menu “API Keys” after logging in.
Give it a good name so you know what it is for.
Optional: Create it with “Restricted access” and only grant it permission for “Mail Send” / “Mail Send”.
Make a note of the “API Key” as it will only be shown during creation (you cannot get it afterwards).
Create /etc/mail/access with this contents (terminate it with a line break):
Create /etc/mail/authinfo with one line (terminate it with a line break):
AuthInfo:smtp.sendgrid.net "U:root" "I:apikey" "<You SendGrid API Key>" "M:LOGIN"
…replacing values in < > with the API Key you made a note of above.
Hint: You can leave other logins in here for safekeeping if you want to (like your smtp.dk details).
I feel most secure by making this file rw for root only
Run makemap of the two fils to create access.db and authinfo.db-files:
makemap hash access < access
makemap hash authinfo < authinfo
Correct your sendmail.mc-file (whatever it is called on your system). Add these lines:
define(`SMART_HOST',`[smtp.sendgrid.net]')dnl define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl FEATURE(`authinfo',`hash /etc/mail/authinfo')dnl
Note: You should change this for the sendmail queue runner process, not a SMTP submit service etc.
Compile your sendmail.mc file into a sendmail.cf file. This is easily done on FreeBSD 🙂
Restart sendmail. Again – this is easy on FreeBSD
Also: remember to correct your SPF and similar setups on your domains according to SendGrids documentation. You’ll find SendGrids SPF documentation here!
2 Replies to “Sendmail/smart host – this time with Microsoft Azure and SendGrid.com”
If you’re up for trying something new, you should really give OpenSMTPD (ports: mail/opensmtpd) a try.
It’s a relatively new MTA made by the OpenBSD people, which is much simpler to configure and has sane and secure defaults optimized for current day e-mail and security norms. It’s controlled by a single config file with a syntax similar to the PF firewall.
I personally never considered replacing Sendmail (or any other part of the FreeBSD base system, for that matter) until I discovered OpenSMTPD. 🙂
Thanks for you suggestion.
Unfortunately I don’t have much time to mess around with my FreeBSD server these days. I mostly keep it running to maintain the skillset I got when I worked with an Internet Service Provider.
My daily work nowadays is developing solutions for Microsoft Dynamics 365 Business Central – so not much room for open source. Unfortunately…
But if I get the time in the future, I’ll for sure try out your suggestion.