How to Set up Postfix SMTP Relay with Mailjet on Ubuntu

This tutorial is going to show you how to set up Postfix SMTP relay with Mailjet on Ubuntu. Postfix is a popular open-source SMTP server. Previously I wrote an article how to easily set up a full-blown email server on Ubuntu with iRedMail, which helped a lot of readers run their own email server.

However, some readers told me that port 25 is blocked by hosting provider or ISP as a way to control email spam, so they couldn’t send email. I recommended Vultr VPS in the previous article, because they would unblock port 25 if you ask them to. Some other hosting providers or ISPs like DigitalOcean would refuse to unblock port 25.

SMTP Relay To The Rescue

You can bypass port 25 and send email to outside world with SMTP relay because it uses port 587. With SMTP relay, your own email server doesn’t directly send email to the destination email address. Instead, there’s an intermediate mail server, otherwise known as smart host or relay host , that sends email on your behalf. Your email server communicates with smart host on port 587, then the smart host talks with the recipient’s mail server on port 25.

SMTP relay can also help you get around anti-spam blacklists, if your IP address is blacklisted for whatever reason. The recipient’s mail server checks the smart host’s IP address against public anti-spam blacklists, instead of your server IP address and because SMTP relay services maintain good IP reputation, so your emails can get through IP blacklists.

Using Mailjet To Send 200 Emails Per Day For Free

There are several email service providers (ESP) that can act as smart host. Some charge a little fee, some offer free quotas every month. In this article, I’d like to show you how to use Mailjet, which is an email service providers that allows you to send 200 emails per day for free.

The nice thing about Mailjet is that it doesn’t require you to enter your credit card details when you use the free SMTP relay service. There are other ESPs that offer free quota every month but requires you to enter credit card details. (I know how frustrated it can be when you don’t have a credit card.) Mailjet is also easier to set up, compared to other ESPs.

Create an account at Then on the dashboard, you can see the 3 things that you need to do.

  • Setting up SMTP
  • Managing sender addresses
  • setting up domain authentication (SPF and DKIM)

postfix smtp relay

Step 1: Setting up Postfix SMTP Relay on Ubuntu

First, let’s install Postfix SMTP server on Ubuntu with the following command. If Postfix is already running on your server, then skip installing Postfix, but you still need to install the libsasl2-modules package.

sudo apt install postfix libsasl2-modules

When you see the following message, press the Tab key and press Enter.

postfix relayhost authentication

Then choose the second option: Internet Site.

postfix relayhost configuration

Next, set the system mail name. For example, I enter my domain name

postfix smarthost ubuntu

After Postfix is installed, open the configuration file.

sudo nano /etc/postfix/

Find the following line.

relayhost =

By default, its value is not set. You need to get this value from your mailjet account. In mailjet dashboard, click setup my SMTP.

set up postfix smtp relay with mailjet

You will see the SMTP server address and SMTP credentials.

postfix bypass port 25

In the Postfix config file, set the value of relayhost to

relayhost =

Then add the following lines to the end of this file.

# outbound relay configurations
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = may
header_size_limit = 4096000

Save and close the file. Then create the /etc/postfix/sasl_passwd file.

sudo nano /etc/postfix/sasl_passwd

Add the SMTP relay host and SMTP credentials to this file like below. Replace api-key and secret-key with your real Mailjet API key and secret key.  api-key:secret-key

Save and close the file. Then create the corresponding hash db file with postmap.

sudo postmap /etc/postfix/sasl_passwd

Now you should have a file /etc/postfix/sasl_passwd.db. Restart Postfix for the changes to take effect.

sudo systemctl restart postfix

By default, sasl_passwd and sasl_passwd.db file can be read by any user on the server.  Change the permission to 600 so only root can read and write to these two files.

sudo chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

From now on, Postfix will send emails via mailjet.

Step 2: Adding Sender Addresses

You need to add sender domain or sender address in order to send email via mailjet. In mailjet dashboard, click manage sender addresses. You can validate your entire domain or specific email addresses.

validate sender domain or sender address

Step 3: Setting up Domain Authentication

In this step, we need to set up SPF and DKIM record, which is strongly recommended if you want your emails to land in recipient’s inbox rather than spam folder.

  • SPF: Sender Policy Framework. This is a DNS record that specifies what IP addresses are allowed to send email from your domain.
  • DKIM: DomainKeys Identified Mail. Mailjet will digitally sign your emails with a private key. The DKIM record contains a public key that allows recipient’s email server to verify the signature.

In mailjet dashboard, click setup domain authentication. By default, SPF status and DKIM status are both in error. Click manage button and follow the instructions to add SPF and DKIM records.

smtp relay set up SPF and DKIM

After SPF and DKIM records are created, wait a few moments and refresh the mailjet web page. Your new DNS records can take some time to propagate on the Internet, depending on your DNS hosting service. If SPF and DKIM records are set up correctly and propagation is complete, mailjet would tell you that SPF and DKIM record are good.

mailjet spf dkim

Sending Test Email

Now we can send a test email with mailx command like below.

sudo apt install bsd-mailx

echo "this is a test email." | mailx -r from-address -s hello to-address

You can also send a test email from your webmail client or desktop mail client. It is also a good idea to test your email score at As you can see, I got a perfect score.

spam test result

Wrapping Up

That’s it! I hope this tutorial helped you set up Postfix SMTP relay on Ubuntu to bypass port 25 or IP blacklists. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care.

Rate this tutorial
[Total: 3 Average: 5]

16 Responses to “How to Set up Postfix SMTP Relay with Mailjet on Ubuntu

  • PhilMDev
    1 year ago

    I just wanted to comment on Digital Ocean. I used your wonderful (and very complete) tutorial on iRedMail on a DO droplet. I had no problems sending and receiving emails. And, in fact, it’s still running today.

    Thank you for continuing this great series!


  • Philip Miller
    1 year ago

    iRedMail is a great program. But not for the faint of heart. It is not easy to install or maintain. But it allows you to have total control of your own private server. The only program that supports true POP3, SMTP. Every other server or ISP or service is subject to hacking and theft. Google is watching you.

    That latest version closes port 25. Why does that matter when you can program only port 465 and 587? All email should be secure to the extent that is possible.

    • In my humble opinion, using iRedMail is a lot easier than manually setting up email server from scratch. It takes care of the heavy lifting so you don’t need to learn all the ins and outs of email server.

  • Philip Miller
    1 year ago

    There is no doubt that setting up a private email server is extremely complex. And that iRedMail is probably the best choice. But be under no illusion that it is easy. Some will say it is easy others such as myself have found it very successful. But only after multiple attempts. And updating is not an easy, straightforward task.

    There is nothing like a private email server, as you control everything. No one is stealing your mail. If carefully constructed his hack proof.

    • Often times, someone says something is easy because he/she expects others to already know something. I guess I need to improve on explaining technologies.

  • JStargazer
    1 year ago

    I think running your own private email server is a great way of keeping your email more private. And iRedmain is great for that. But I have found one small problem when you are self-hosting (at home) and that is when your server goes down, or you have a power outage, or you lose your Internet connection (using ADSL).

    I have heard that you can host a small email server in the cloud (say on AWS for example) and when your self-hosted email server comes back on-line it will download any email sitting in your cloud server. The cloud server is acting like a temporary email holding server.
    How would you do this with iRedMail as your self-hosted email server?

  • Hello,
    Thank you for your great tutorial,
    I have a question what if I want to rollback and want to not use relay,
    and use the normal or previous setting before doing relay.
    Many Thanks

  • Boudewijn
    8 months ago

    Hi Linuxbabe,

    Thank you for your clear howto’s, I read some with interest over the months.

    Could you give me a pointer? I am not quite sure what I need to install/configure.

    The situation:
    * At home I run some servers. My ISP offers multiple fixed IPv4’s, besides a range of IPv6. No ports are blocked, so I can run a mailserver with no problem.
    * I configure homeservers (Yunohost) for the friends of my children. Their ISP’s often block port 25, so they can not have a fully functional mailserver.
    * Third party smarthosts could enable their mailserver, but I don’t like to force some (commercial) 3rd party on those families.

    I guess I can configure my own mailserver as relay/smarthost for their mailservers. In case of postfix, should I accomplish that via the ‘mynetworks = …’ configuration, and enter their domain names there? So that, if my domain is, and their domain is, I would configure my postfix with ‘,’ ?

    In that case, does the mailserver at have the same role as mailjet in your tutorial? I probably have to tell my DNS the same as well, so that mail from being sent through got DKIM signed?

    Thanks in advance, keep up the nice tutorials!


    • In your Postfix SMTP server, you can add the IP address or hostname of the friends of your children to the mynetworks parameter. Then on their mail server, add relayhost = Restart Postfix and your mail server will be able to relay emails.

      They should configure their SPF record to allow your mail server to send mail on their behalf. DKIM signing can be done on their mail server.

    • Never mind my previous answer. It’s for email relay via port 25.

      To relay email via port 587, you need to create a dedicated email account on your mail server. Then on the friends of your children’s mail server, add the relayhost parameter in Postifx like in this article. Replace  api-key:secret-key

      with the hostname of your mail server and the username and password of the dedicated email account.

      They should configure their SPF record to allow your mail server to send mail on their behalf. If DKIM signing has already been set up on their mail server, you do not need to do anything about DKIM on your mail server.

      • Boudewijn
        7 months ago

        Hi Guo An,

        Sorry for not checking back earlier!

        Thank you for your detailed reply and clarification. I will let you know once it is running!

        Best regards,


Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community ( for questions unrelated to this article.
  • If you ask me more than 5 questions, I expect you to make a donation, or I would stop answering your questions.