Postfix from Behind Comcast’s Big Dumb Head

Comcast residential accounts are quite restricted, but it’s still possible to run a personal mail server.

Running a server and hosting this site gives me the warm fuzzies, but I’m not about to pay $70/month for a static IP address and unlocked ports 25, 587, 80, 22 etc.[1] Most of that isn’t actually relevant, but the only way to get email out without a business account is via proxy through Comcast’s servers. Port 25 isn’t supported at all, which is common practice and probably a good idea (port 25 doesn’t require authentication and is a common destination for spammers).

So, to use Postfix from a residential Comcast account, set Comcast as the relay host in the Postfix config. By default, Postfix attempts to send mail directly to the destination, but Comcast doesn’t allow that, so it instead needs to be configured to route deliveries through Comcast.[2]

/etc/postfix/main.cf

relayhost = [smtp.comcast.net]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
smtp_sasl_security_options =

Now dig up those dusty Comcast credentials and add them to the file set for “smtp_sasl_password_maps”.

/etc/postfix/sasl/passwd

smtp.comcast.net        [email protected]:password

Set the permissions on the “passwd” file to 600, tell postmap about it, reload Postfix and all should be happy. Huge thanks to the article at Just a Theory, it almost solely got me through the setup.[3]

References:

Leave a Comment