I want to setup an outgoing only SMTP server on Debian, so my Web-applications will be able to send e-mails via it. I don't want to use another hosts because of security and customizability of my own setup.

I wish to install Postfix and configure it only in the outgoing mode (I don't want it to be a relay). So I want to ask an advice how to do it in the best way. There's no need in users, virtual users, endpoints and other options Postfix provides. I suppose I should only attach Postfix to some hostname, so my IP address can resolve to it.

I also think Postfix can be a bit complicated solution for this task. If you know much simpler tool for it, let me know.


To setup Postfix on Debian for outgoing mail only:

  • dpkg-reconfigure postfix (Select internet site when prompted)
  • postconf -e 'inet_interfaces = 127.0.0.1'
  • /etc/init.d/postfix restart

inet_interfaces = 127.0.0.1 in /etc/postfix/main.cf will bind Postfix to localhost only, so your machine won't accept incoming email.


Personally I prefer Exim, though Postfix should work.

I can give you a quick set of instructions about how to setup Exim for Outgoing only.

  • Make sure the hostname is setup correctly
  • Install apt-get install exim4 exim4-daemon-light
  • At the configuration step answer the questions this way
    • Type of mail configuration: Internet site
    • System name: the fqdn for your server
    • IP-Address to listen on: 127.0.0.1 (with this address incoming mail is not possible)
    • Other destinations which is accepted: empty
    • Domains to relay for: empty
    • machines to relay for: empty
    • Keep DNS minimal: yes
    • Delivery method for local mail: Maildir
    • Yes Split configs

Once exim is already configured you can run though this setup again by using the command dpkg-reconfigure exim4-config

If you are really paranoid you can also setup a quick iptables firewall on your mail server and simply not allow incoming connections to port 25.


Regardless of which mail server you choose, if you block incoming connections to ports 25 and 587, outside users will not be able to relay through it.

The SMTP server needs to make outbound connections to port 25 but does not need to accept inbound connections from other hosts.

You may want to accept port 25 connections from localhost, which is convenient for any web apps running locally; and, as an additional security measure ensure that the server is bound only to the lo1 or localhost interface (see James's answer).


two words: apt-get install ssmtp

(hum... was that three words?)