This is the 4th post in a series about setting up an outbound SMTP server with DKIM signing and smart host forwarding. Here you will learn how to configure an existing Haraka server to forward all outgoing mail to another SMTP server. In this update, I will explain a simplified built-in method that is available thanks to bug fixes published after I wrote the old post for v2.8.
I must admit my Ubuntu skills felt weak in this area because I couldn’t figure out how to do this without rebooting the whole computer. This set of commands did work though.
systemctl stop haraka systemctl disable haraka npm update -g Haraka npm install -g Haraka reboot
Take note that both
npm commands are case sensitive. There are two packages named
haraka. If you get the casing wrong it does strange things. Also, if you omit the
-g token then you will end up with two different versions installed in two different places. I found the whole procedure surprisingly fragile and error prone. After the computer starts, verify results.
haraka -v /usr/local/bin/haraka -v /usr/bin/haraka -v
If you have more than one version installed, stop here and sort that out first.
If you find a more efficient way of doing this, please let me know in the comments.
Undoing the v2.8 Config
If you followed my previous posts about how to configure Haraka v2.8, then you will need to disable the custom plugin that was required for that version. Simply edit the file
/etc/haraka/config/plugins and place a hash mark in front of the plugin name.
# CUSTOM #dnsmadeeasy
New Config for v3.0
In this version, we can use the built-in
smtp_foward plugin and skip the extra files. Start by editing the file
/etc/haraka/config/smtp_forward.ini so that it looks like this.
enable_outbound=true host=hostname.dnsmadeeasy.com port=2525 enable_tls=true auth_type=login auth_user=smtpusername auth_pass=passwordgoeshere
The host details are fully customizable. I found that Haraka auto-negotiated encryption for me, which appears to be STARTTLS. If you try to use a TLS-only port instead, it will not connect at all. This is specified in the documentation, “This plugin does not work with SMTP over TLS.”
Next, go back to
/etc/haraka/config/plugins and enable this built-in plugin by removing the hash mark near the bottom of the file under
Lastly, check the correctness of the
ExecStart path in your
/etc/systemd/system/haraka.service file. After the headache of sorting out 2 different copies of Haraka, I had to update mine like this:
ExecStart=/usr/local/bin/haraka -c /etc/haraka
If you have any difficulty with the systemd service, check the messages stored in the log file at
That’s it! Just restart Haraka for the changes to take effect.
systemctl daemon-reload systemctl enable haraka systemctl restart haraka
The next time you send an email, the application will lookup the IP address of the forward host instead of the destination MX.