Sending Postfix Mail Via Comcast SMTP

I recently had need of mail output from a cron job in a zone on my SmartOS server at home. My connection is via Comcast cable, and unfortunately they seem to block outbound SMTP (port 25). As it happens, they have an SMTP relay host that you can use from Comcast IPs, but unfortunately that service requires authentication.

First you must discover your Comcast username; something you have probably used at most once, ever. You can do this with the Comcast UID Lookup Tool. They list a few fictional street addresses, and hopefully your actual address. You should get something back of the form username@comcast.net. You will also need your password, which is obviously beyond the scope of this post.

Configuring Postfix is relatively straightforward. I'm using a SmartOS machine, with a base 13.1.0 zone dataset. This is the newest base dataset, but the instructions will likely apply with only minor variations to older (and hopefully future) datasets.

Create the password file for Postfix to use:

# touch /opt/local/etc/postfix/smtp_passwd
# chmod 0600 /opt/local/etc/postfix/smtp_passwd
# echo "smtp.comcast.net     username@comcast.net:password" \
          > /opt/local/etc/postfix/smtp_passwd
# postmap hash:/opt/local/etc/postfix/smtp_passwd

Create a canonical sender map file to rewrite all From: addresses to a valid e-mail address. This must be done, or else the Comcast SMTP server will reject your mail as coming from an invalid domain.

# echo '/^([^@]*)@.*$/    $1@yourdomain.com' \
    > /opt/local/etc/postfix/sender_rewrite

Edit the Postfix configuration file, /opt/local/etc/postfix/main.cf, and add these lines:

## -- Comcast SMTP Relay
relayhost = [smtp.comcast.net]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps =
        hash:/opt/local/etc/postfix/smtp_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

## -- Rewrite all sender addresses:
sender_canonical_maps =
        regexp:/opt/local/etc/postfix/sender_rewrite

Now, install the SASL Authentication plugins and start up Postfix:

# pkgin -y in cy2-plain cy2-login cy2-digestmd5
# svcadm enable postfix

If you send mail at this point, you should see evidence of success (or failure) in /var/log/maillog (or, in older zone datasets, /var/log/postfix.log). You should also receive the mail! If you want an easy way to send a test e-mail, try mailx:

# date | mailx -s "test email #1" your@email.com