This is the 4th post in a series about setting up an outbound SMTP server with DKIM signing and smart host forwarding. Here you will learn how to configure an existing Haraka server to forward all outgoing mail to another SMTP server. In this update, I will explain a simplified built-in method that is available thanks to bug fixes published after I wrote the old post for v2.8.
Updating Haraka
I must admit my Ubuntu skills felt weak in this area because I couldn’t figure out how to do this without rebooting the whole computer. This set of commands did work though.
systemctl stop haraka
systemctl disable haraka
npm update -g Haraka
npm install -g Haraka
rebootTake note that both npm commands are case sensitive. There are two packages named Haraka and haraka. If you get the casing wrong it does strange things. Also, if you omit the -g token then you will end up with two different versions installed in two different places. I found the whole procedure surprisingly fragile and error prone. After the computer starts, verify results.
haraka -v
/usr/local/bin/haraka -v
/usr/bin/haraka -vIf you have more than one version installed, stop here and sort that out first.
If you find a more efficient way of doing this, please let me know in the comments.
Undoing the v2.8 Config
If you followed my previous posts about how to configure Haraka v2.8, then you will need to disable the custom plugin that was required for that version. Simply edit the file /etc/haraka/config/plugins and place a hash mark in front of the plugin name.
# CUSTOM
#dnsmadeeasyNew Config for v3.0
In this version, we can use the built-in smtp_foward plugin and skip the extra files. Start by editing the file /etc/haraka/config/smtp_forward.ini so that it looks like this.
enable_outbound=true
host=hostname.dnsmadeeasy.com
port=2525
enable_tls=true
auth_type=login
auth_user=smtpusername
auth_pass=passwordgoeshereThe host details are fully customizable. I found that Haraka auto-negotiated encryption for me, which appears to be STARTTLS. If you try to use a TLS-only port instead, it will not connect at all. This is specified in the documentation, “This plugin does not work with SMTP over TLS.”
Next, go back to /etc/haraka/config/plugins and enable this built-in plugin by removing the hash mark near the bottom of the file under QUEUE .
queue/smtp_forwardLastly, check the correctness of the ExecStart path in your /etc/systemd/system/haraka.service file. After the headache of sorting out 2 different copies of Haraka, I had to update mine like this:
ExecStart=/usr/local/bin/haraka -c /etc/haraka
If you have any difficulty with the systemd service, check the messages stored in the log file at /var/log/syslog
That’s it! Just restart Haraka for the changes to take effect.
systemctl daemon-reload
systemctl enable haraka
systemctl restart harakaThe next time you send an email, the application will lookup the IP address of the forward host instead of the destination MX.