Introduction
Email delivery is a critical component in cloud environments for alerts, notifications, and application workflows. In Oracle Cloud Infrastructure, the Email Delivery service provides a reliable SMTP-based solution.
This guide demonstrates how to configure a Linux server to send emails using OCI SMTP with a secure and production-ready setup
Architecture
Linux Server
β
Postfix (SMTP client)
β
OCI Email Delivery (SMTP)
β
Recipient Email
Prerequisites
*OCI Setup
*
Go to:
π OCI Console β Email Delivery
*β Create Approved Sender
*
Generate SMTP Credentials
Copy:
SMTP Username
SMTP Password
Network Requirements
From Server:
Allow outbound port 587 or 25 (recommended)
Test connectivity:
telnet smtp.email.ap-mumbai-1.oci.oraclecloud.com 587
Install Required Packages
yum install postfix s-nail cyrus-sasl-plain -y
Verify mail command
which mail
Expected: /usr/bin/mail
Configure Postfix
Edit config file
vi /etc/postfix/main.cf
Add configuration
OCI SMTP relay (use port 587 )
relayhost = [smtp.email.ap-mumbai-1.oci.oraclecloud.com]:587
SMTP Authentication
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
TLS Configuration
smtp_use_tls = yes
smtp_tls_security_level = encrypt
Optional (avoid size issues)
mailbox_size_limit = 0
message_size_limit = 52428800
Configure SMTP Credentials
vi /etc/postfix/sasl_passwd
Add EXACT line
[smtp.email.ap-mumbai-1.oci.oraclecloud.com]:587 SMTP_USERNAME:SMTP_PASSWORD
π΄ Important rules
β Single line only
β Include [ ]
β Include :587
β No extra spaces
Secure and Apply Credentials
chmod 600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
Verify mapping
postmap -q "[smtp.email.ap-mumbai-1.oci.oraclecloud.com]:587" hash:/etc/postfix/sasl_passwd
Expected : SMTP_USERNAME:SMTP_PASSWORD
Configure Approved Sender Mapping
Force all emails to use approved sender :
postconf -e "sender_canonical_maps = alerts@gmail.com"
Why this is required
OCI accepts only approved sender.
So:
root@hostname β alerts@gmail.com
Start and Enable Postfix
- systemctl enable postfix
- systemctl restart postfix
Test Email
echo "OCI SMTP TEST FROM AWS" | mail -s "TEST MAIL" your_email@example.com
Verify Logs
tail -f /var/log/maillog
expected output : status = 200(ok)
Automation Example
Simple test
echo "Alert test" | mail -s "Test Alert" your_email@example.com
Troubleshooting
Issue 1: Connection Timeout
Cause:
Port 25 blocked (OCI default)
Fix:
Use port 587 or 465
Issue 2: Authentication Failed
Cause:
Wrong SMTP credentials
Fix:
Verify username/password
Debug Logs (ADVANCED)
Check logs:
sudo tail -f /var/log/maillog
Example:
status=sent
status=bounced
authentication failed
Security Best Practices
β Use TLS encryption
β Restrict access to credential file
β Rotate SMTP credentials
β Avoid hardcoding credentials
Real Use Case
Use OCI SMTP to send:
β Monitoring alerts
β Application notifications
β we can setup password expiry notification for users in linux
Conclusion
OCI Email Delivery offers a secure and scalable way to send emails using authenticated SMTP with TLS. Combined with Postfix, a reliable and lightweight MTA, it becomes a simple yet powerful production-ready solution.
This setup also highlights cross-cloud flexibilityβapplications running on AWS can seamlessly use OCI for email delivery, enabling a cost-effective and hybrid architecture.
Overall, Postfix with OCI SMTP is a practical, secure, and efficient approach for real-world email delivery needs.
Top comments (0)