PIONEERS Incredible PBX Smarthost

[mainenotarynet]

I just spent some time at MXRoute site, and I'd rather have my own Mail servers, but each time I tried to add SSL to my email server(s) Outlook (on my computer NOT online) puked at it.

Maybe paying someone like MXRoute would work for me as Unlimited Domains/addresses for my projects would be worth it, but the Lifetime 10GB (combined usage limit), I'm not sure of AND I read the TOS/Policy and there is a "yellow flag" for me/(us) as they forbid SMS via email (think the Pager Number field, or even an alias table with [email protected] to send to real email address AND user's cell at once).

I like the idea, and the yellow flag is not a deal killer, but for the PBX, the SMS could be a important one.

I would like the lifetime, but maybe the $45/year to start as they do not offer refunds.

I'll have to think on it some more as I have 13 domains (not all need email addresses but the potential could come in handy) -- If all it takes is mod of DNS records on my other domains, then I could make it work.

 

[kenn10]

@wardmundy since Sendgrid allows SMTP relay by API key, why not continue to use Sendmail like we did with Google and let it log into Sendgrid instead? I'm currently trying to figure that out but have no succeeded thus far. Sendmail configuration is far outside my expertise.

 

[Samot]

In /etc/postfix/main.cf you use this line:

smtp_generic_maps = hash:/etc/postfix/generic

Then you create the generic file and add this:

[email protected] [email protected] [email protected] [email protected]

Restart postfix and test.

If you need to update the generic mappings down the road, edit the generic file and just do postmap /etc/postfix/generic

 

[AndyInNYC]

i'm running iRedMail on a VPS at flipperhost - iRedMail gives me a mail server with unlimited domains/emails; the VPS is $54/year and works perfectly for my needs (half a dozen domains and a few dozen addresses). I use the extra space (100 GB or something) as backup between another server.

I can create throwaway email addresses or host friends, etc.

The installer goes from soup to nuts including fail2ban. Manual requirements include getting MicroSoft and Google to potentially unblock your IP (which can take time) if the IP is in a range they once didn't like.

Andrew

I just spent some time at MXRoute site, and I'd rather have my own Mail servers, but each time I tried to add SSL to my email server(s) Outlook (on my computer NOT online) puked at it.

Maybe paying someone like MXRoute would work for me as Unlimited Domains/addresses for my projects would be worth it, but the Lifetime 10GB (combined usage limit), I'm not sure of AND I read the TOS/Policy and there is a "yellow flag" for me/(us) as they forbid SMS via email (think the Pager Number field, or even an alias table with [email protected] to send to real email address AND user's cell at once).

I like the idea, and the yellow flag is not a deal killer, but for the PBX, the SMS could be a important one.

I would like the lifetime, but maybe the $45/year to start as they do not offer refunds.

I'll have to think on it some more as I have 13 domains (not all need email addresses but the potential could come in handy) -- If all it takes is mod of DNS records on my other domains, then I could make it work.

 

[JFrost]

I have one. But I can't get the PBX to modify the "From" to send the confirmed sender address.

Take a look at the runbook I posted for this. Specifically the part about modifying the postfix/generic file. Allows you to rewrite sender addresses to whatever, which is what I did since my hostname was a single name and I was getting some emails from like 'asterisk@pbx'

In the end I had to rewrite 2 or 3 diff source addresses tho I don't remember all which ones rn. Probably root@, asterisk@ and smth else.

This guy explained it pretty well and is what I based on: https://blog.xga.ie/freepbx-email-notifications/

I think also it's probably possible to write a regex that would rewrite any outgoings to an address of your choosing but writing regex is bit out of my skillset and I don't have the time to trudge it out (and it looks like for now what I have works well enough.)


EDIT -
I should have refreshed. Same as what @Samot said but his post is more concise.

 

[kenn10]

In /etc/postfix/main.cf you use this line:

smtp_generic_maps = hash:/etc/postfix/generic

Then you create the generic file and add this:

[email protected] [email protected] [email protected] [email protected]

Restart postfix and test.

If you need to update the generic mappings down the road, edit the generic file and just do postmap /etc/postfix/generic

Postfix didn't like that. Here is the mail.log

Mar 24 18:31:52 <myhost> postfix/pickup[11575]: 966E8A2FA: uid=998 from=<asterisk>
Mar 24 18:31:52 <myhost> postfix/cleanup[11708]: 966E8A2FA: message-id=<Asterisk-2-1459728870-211-6400@<myhost>.<mydomain>>
Mar 24 18:31:52 <myhost> postfix/qmgr[11576]: 966E8A2FA: from=<asterisk@<myhost>.<mydomain>>, size=54795, nrcpt=2 (queue active)
Mar 24 18:31:52 <myhost> postfix/smtp[11711]: error: open database /etc/postfix/generic.db: No such file or directory
Mar 24 18:31:53 <myhost> postfix/smtp[11711]: warning: hash:/etc/postfix/generic is unavailable. open database /etc/postfix/generic.db: No such file or directory
Mar 24 18:31:53 <myhost> postfix/smtp[11711]: warning: hash:/etc/postfix/generic lookup error for "asterisk@<myhost>.<mydomain>"
Mar 24 18:31:53 <myhost> postfix/smtp[11711]: fatal: smtp_generic_maps map lookup problem for asterisk@<myhost>.<mydomain>
Mar 24 18:31:54 <myhost> postfix/qmgr[11576]: warning: private/smtp socket: malformed response
Mar 24 18:31:54 <myhost> postfix/qmgr[11576]: warning: transport smtp failure -- see a previous warning/fatal/panic logfile record for the problem description
Mar 24 18:31:54 <myhost> postfix/master[11573]: warning: process /usr/lib/postfix/sbin/smtp pid 11711 exit status 1
Mar 24 18:31:54 <myhost> postfix/master[11573]: warning: /usr/lib/postfix/sbin/smtp: bad command startup -- throttling
Mar 24 18:31:54 <myhost> postfix/error[11719]: 966E8A2FA: to=<[email protected]>, relay=none, delay=1.6, delays=0.1/1.4/0/0.02, dsn=4.3.0, status=deferred (unknown mail transport error)
Mar 24 18:31:54 <myhost> postfix/error[11719]: 966E8A2FA: to=<[email protected]>, relay=none, delay=1.6, delays=0.1/1.4/0/0.02, dsn=4.3.0, status=deferred (unknown mail transport error)

 

[Samot]

Postfix didn't like that. Here is the mail.log

Mar 24 18:31:52 <myhost> postfix/pickup[11575]: 966E8A2FA: uid=998 from=<asterisk>
Mar 24 18:31:52 <myhost> postfix/cleanup[11708]: 966E8A2FA: message-id=<Asterisk-2-1459728870-211-6400@<myhost>.<mydomain>>
Mar 24 18:31:52 <myhost> postfix/qmgr[11576]: 966E8A2FA: from=<asterisk@<myhost>.<mydomain>>, size=54795, nrcpt=2 (queue active)
Mar 24 18:31:52 <myhost> postfix/smtp[11711]: error: open database /etc/postfix/generic.db: No such file or directory
Mar 24 18:31:53 <myhost> postfix/smtp[11711]: warning: hash:/etc/postfix/generic is unavailable. open database /etc/postfix/generic.db: No such file or directory
Mar 24 18:31:53 <myhost> postfix/smtp[11711]: warning: hash:/etc/postfix/generic lookup error for "asterisk@<myhost>.<mydomain>"
Mar 24 18:31:53 <myhost> postfix/smtp[11711]: fatal: smtp_generic_maps map lookup problem for asterisk@<myhost>.<mydomain>
Mar 24 18:31:54 <myhost> postfix/qmgr[11576]: warning: private/smtp socket: malformed response
Mar 24 18:31:54 <myhost> postfix/qmgr[11576]: warning: transport smtp failure -- see a previous warning/fatal/panic logfile record for the problem description
Mar 24 18:31:54 <myhost> postfix/master[11573]: warning: process /usr/lib/postfix/sbin/smtp pid 11711 exit status 1
Mar 24 18:31:54 <myhost> postfix/master[11573]: warning: /usr/lib/postfix/sbin/smtp: bad command startup -- throttling
Mar 24 18:31:54 <myhost> postfix/error[11719]: 966E8A2FA: to=<[email protected]>, relay=none, delay=1.6, delays=0.1/1.4/0/0.02, dsn=4.3.0, status=deferred (unknown mail transport error)
Mar 24 18:31:54 <myhost> postfix/error[11719]: 966E8A2FA: to=<[email protected]>, relay=none, delay=1.6, delays=0.1/1.4/0/0.02, dsn=4.3.0, status=deferred (unknown mail transport error)

Sorry, that's on me. I forgot restart doesn't generate the db do postmap /etc/postfix/generic that is what makes/updates the genericdb.

 

[kenn10]

Success! The postmap did the trick. Thanks @Samot !

 

[kenn10]

I've created a script similar to the script @wardmundy created to enable gmail for sendmail on the PBX.

This script will change your mailer from sendmail to Postfix and use your Sendgrid credentials to set things up.
I have tested the script on IncrediblePBX2021 on Debian 10. No promises for CentOS or Rocky. This is beta and will likely have to be tailored for individual use.

There are several things you have to do before you run this script.
(1) Set up an account at https://sendgrid.com
(2) Follow Ward's instructions above to set up the smtp relay on Sendgrid. Copy your API Key to a local file and save it!
(3) On Sendgrid, go to Settings > Sender Authentication
(4) Under Single Sender Verification, enter an email address that your PBX can use. It must be an email address that you can receive email on and respond to the verification request.
(5) After you get the verification email and respond to the web link, Sendgrid will show the email as verified.

Now with a verified email address your PBX can use to send voicemail and the Sendgrid API key for your account you are ready to run the following script. The script assumes your FreePBX Settings > Voicemail Admin > Settings > Email Config will have the Email From String and the Server Email set to "Voicemail".

Log into your server as root and open a file using your favorite editor. Copy the script below into the file and save it. Then do

chmod 700 <whatever you named the file>

and run it.

#!/bin/bash

if [ -e "/etc/pbx/.sendgrid" ]; then
 echo "Sendgrid Smarthost is already installed."
 exit 1
fi
clear
echo "This script installs Postfix in place of Sendmail and"
echo "uses Sendgrid as the smarthost relay as required by most providers."
echo "When you create your Sendgrid account, be sure to create"
echo "a single sender verified email you will then use in this"
echo "script to set the email IncrediblePBX will use to send email."
echo " "
echo "This requires that you have a Sendgrid account with API key."
echo "You will need to use your API key from Sendgrid below."
echo "To set up a Sendgrid account go to: https://sendgrid.com"
echo " "
echo -n "Enter your email address to be used by IncrediblePBX: "
read astemail
echo " "
echo -n "Enter your Sendgrid API key: "
read acctpw
echo " "
echo "Email IncrediblePBX will use: $astemail"
echo "Account API key: $acctpw"
echo " "
read -p "To proceed, press ENTER or press Ctrl-C to abort."
apt-get update
clear
read -p "Select \"no configuration\" option when prompted.  Press enter to continue."
apt-get install postfix sasl2-bin -y
systemctl stop sendmail
systemctl disable sendmail
systemctl start postfix
systemctl enable postfix
sed -i 's|-c sendmail|-c postfix|' /usr/local/sbin/pbxstatus
sed -i 's|SendMail| Postfix|' /usr/local/sbin/pbxstatus
touch /etc/postfix/main.cf
touch /etc/postfix/generic
value=`cat /etc/hostname`
cat <<EOT >> /etc/postfix/generic
[email protected]  $astemail
asterisk        $astemail
asterisk@$value $astemail
[email protected] $astemail
voicemail       $astemail
voicemail@$value $astemail
*             $astemail
EOT
postmap /etc/postfix/generic
cat <<EOT >> /etc/postfix/main.cf
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587
EOT
echo "[smtp.sendgrid.net]:587 apikey:$acctpw" >> /etc/postfix/sasl_passwd
chmod 600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
systemctl restart postfix
systemctl status postfix
touch /etc/pbx/.sendgrid
echo "Done."
echo "Now send yourself a test email with the following command:"
echo "echo \"test\" | mail -r [email protected] -s testmessage [email protected]"

 

[kenn10]

@wardmundy I've attached a tar.gz file with the script in it for Debian. I'll work one up for Rocky when I have time to spin it up. The only changes I can think of would be where apt-update is used.

 

[kenn10]

@wardmundy I've attached the tar.gz for the Rocky-8 platform to set up the Sendgrid smarthost. I've eliminated the dnf update since that messes up the mysql connector.

 

[geopeterwc]

I'm using GMail as the smart relay for a small in-production Debian iPBX 2021 installation. This system was installed several months ago, before the Google threat to eliminate the "Inscure applications" feature.

As Google is removing the "less secure applications" option for GMail in favor of an 16-character Application ID in a few days, I am looking for assurance that re-running the enable-gmail-smarthost-for-sendmail script but substituting the API Key from GMail 2-factor authentication for the less secure password will not blow up this installed iPBX.

@kenn10 @wardmundy ... My question comes down to knowing if re-running the script will break currently working voicemail-to-email and other notifications from this iPBX.

/Pete./

 

[wardmundy]

@geopeterwc: This is what VirtualBox was made for. Test away and let us know.

 

[kenn10]

@kenn10 @wardmundy ... My question comes down to knowing if re-running the script will break currently working voicemail-to-email and other notifications from this iPBX.

You can't run it again unless you go to /etc/pbx/ and remove the .gmail file there. I have a feeling running it again isn't going to work out well. Unless you expect to send more the 100 emails a day, I strongly support the Postfix/Sendgrid solution for sending the voicemail to email. Installing Postfix won't affect the operation.

Check out this thread and post# 29 in particular for info.

 

[mprhilL]

I had to do things a little differently on a (relatively) new (not yet in production) Incredible PBX on a Raspberry Pi.

I tried the Debian script, thinking that might be close enough to the Raspbian 10 but apparently I failed linux lineage class, and it didn't work. Complaints about repos being oldstable now, etc.

I then tried following the text in the post https://nerdvittles.com/deploying-a...e5072c2034949bc72b95743b8a7acf#comment-180124 labeled for Raspbian. I had to do a few extra/different things.

Unfortunately, I don't remember all of the things, but they included:
- using the "Internet with SmartHost" option in dpkg-reconfigure postfix
-- going with the "No Configuration" didn't give me a default /etc/postfix/main.cf file, and certainly didn't fill in various options for me, so I used the wizard option most likely to be close
-- I took I think the defaults for everything except max mailbox size (defaults to no limit, but as a developer I've overrun more log files than I care to admit so I set something)
--- you could probably set the relay host in this wizard, but I didn't know that at the time, and deleted it later
- Follow the instructions to add the stuff at the end of the /etc/postfix/main.cf file (and then delete the relayhost entry that was already in there to avoid a warning about redefining it
- apt-get install sasl2-modules was needed (found somewhere else on a RaspberryPi forum) to get rid of the missing mechs warnings
- then a final systemcrl restart postfix to get it going and suddenly I had a bunch of test messages in my inbox.

 

[GlenC]

Today I dropped Sendgrid and moved back to GMail using an app password this time. I was having some problems with Sendgrid. Emails with voicemail attachments were not being sent (although their server accepted them) and other issues with some mails not being delivered. Anyway, it seems that everything is working fine with the GMail app password. Just thought I would pass this on in case anyone is interested.

EDIT: Forgot to mention that I also moved back to Sendmail prior to setting it up.

 

[hawk#1]

Today I dropped Sendgrid and moved back to GMail using an app password this time. I was having some problems with Sendgrid. Emails with voicemail attachments were not being sent (although their server accepted them) and other issues with some mails not being delivered. Anyway, it seems that everything is working fine with the GMail app password. Just thought I would pass this on in case anyone is interested.

Currently. but wait until they pull the plug. I prefer running my own mail server it is very easy and I'm not worried about waking up one morning and finding Google pulled the plug so now you can't get email from Gmail