Smart Host Config for Haraka

This is the 2nd post in a series about setting up an outbound SMTP server with DKIM signing and smart host forwarding. Here you will learn how to configure an existing Haraka server to forward all outgoing mail to another SMTP server.

Part of the credit for this solution goes to Matt’s Hacking Blog which got me pointed in the right direction after a morning of futile config file editing. It just needed some updates, tweaks, and longer explanations of how to make it work.

The core trick here is a custom plugin. I already had an SMTP service account with DNS Made Easy, so I used that as an example for my forward smart host. I created a file named /etc/haraka/plugins/dnsmadeeasy.js

var external_smtp = {
    auth_user: 'smtpusername',
    auth_pass: 'passwordgoeshere',
    priority: 0,
    exchange: '',
    port: 2525,

exports.hook_get_mx = function (next, hmail, domain) {
    return next(OK, external_smtp);

The filename and the host details are fully customizable. I found that Haraka auto-negotiated encryption for me, which appears to be STARTTLS. If you try to use a TLS-only port instead, it might not connect at all.

Next, I went back to /etc/haraka/config/plugins file and added the name of the new plugin at the end of the list:


That’s it! Just restart Haraka for the changes to take effect. The next time you send an email, the application will lookup the IP address of the forward host instead of the destination MX.

In the next post, I will describe how to add the signing header to all outgoing mail.

Leave a Reply

Your email address will not be published.