Proxmox has a notication system, which includes sendmail and SMTP. The latter supports authenticated SMTP servers, but does not support retires. This solution instead configures the system MTA to use an authenticated SMTP smarthost and therefore gets the best of both worlds.

Since proxmox is based on Debian, this should also work on any Debian based system running postfix.

Install Packages:

1
apt-get install -y  install libsasl2-modules

/etc/postfix/sasl_passwd:

1
[email-smtp.eu-west-1.amazonaws.com]:587  *******

/etc/postfix/header_check:

1
/From:.*/ REPLACE From: Zaphod <system@zem.org.uk>

/etc/postfix/sender_conanical:

1
/.+/  system@zem.org.uk

/etc/postfix/main.cf:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

myhostname=zaphod.zem.org.uk

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
recipient_delimiter = +

compatibility_level = 2

relayhost = [email-smtp.eu-west-1.amazonaws.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

#mydestination = $myhostname, localhost.$mydomain, localhost

sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = regexp:/etc/postfix/sender_canonical
smtp_header_checks = regexp:/etc/postfix/header_check

Restart services:

1
systemctl restart postfix@-