You are here

HomeBlogsWesley Render's blog

Email relaying with FreePBX

Submitted by Wesley Render on Mar 19th, 2012 - 1:38pm

Getting voicemail to email working properly in FreePBX is a bit of a pain. Most home ISP companies block outbound port 25 so you may find your FreePBX server will not send voicemail to email properly if you are running a home based FreePBX server. A work around to this is to configure your FreePBX server to send outbound mail through port 465 with SSL. Port 465 is now commonly being used by a lot of email providers and most ISPs are not blocking it. Here is my guide to configuring FreePBX to route voicemail out through port 465 with SSL.

1. Connect into your FreePBX shell using SSH.

2. Type the following command to install stunnel. Stunnel is going to be used to configure the SSL tunnel to your email server:

yum install stunnel

3. Create a new stunnel configuration file. For example using the following command:

vi /etc/stunnel/stunnel.conf

4. Enter in the following inside the stunnel.conf file and then save it: (Change the smtp.youremailserver.com to your actual email server address)

[smtp-tls-wrapper]

accept = 11125

client = yes

connect = smtp.youremailserver.com:465

5. In the Centos that FreePBX comes with, there seems to be code missing for stunnel services. Create a new file /etc/init.d/stunnel. Inside of that file put the following script code (below). Also, make sure to set appropriate permissions ont he service file so it can execute. Example "chmod 777 /etc/init.d/stunnel".

#!/bin/sh
#
# stunnel Start/Stop the stunnel daemons
#
# description: stunnel is a script that runs stunnel daemons
# version 1.00
#
# chkconfig: 345 40 60
#
# processname: stunnel 
# pidfile: /var/run/stunnel/stunnel.pid
#

# Source function library.
. /etc/rc.d/init.d/functions
 
servicename=stunnel
processname=stunnel
pidfile=/var/run/stunnel/stunnel.pid

RETVAL=0

start() {

 echo -n "Starting stunnel services: "
 daemon --check $servicename '/usr/sbin/stunnel /etc/stunnel/stunnel.conf &>/dev/null'
 RETVAL=$?
 echo
 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$servicename

}

stop() {

 echo -n "Stopping stunnel services: "
 killproc -p $pidfile $servicename
 RETVAL=$?
 echo
 [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$servicename

}

# See how we were called.
case "$1" in
 start)
 start
 ;;
 stop)
 stop
 ;;
 status)
 status -p $pidfile $processname
 RETVAL=$?
 ;;
 restart)
 stop
 start
 ;;
 condrestart)
 if [ -f /var/lock/subsys/$servicename ]; then
 stop
 start
 fi
 ;;
 *)
 echo $"Usage: $0 {start|stop|status|restart|condrestart}"
 RETVAL=1
 ;;
esac
 
exit $RETVAL

6a. Type vi /etc/hosts.allow and add the following line:
smtp-tls-wrapper: 127.0.0.1

6. You should be able to now issue a "service stunnel restart" to get stunnel started. Also do a "chkconfig stunnel on" to make sure stunnel will restart when you reboot. Once stunnel is started you can test to see if it has connected to your mailserver by this command "telnet localhost 11125". If it has connected to your mailserver on port 465 properly you should see your email servers Email Greeting Message.

7. Now that we can connect to port 465 using SSL/stunnel we can move on to configuring Postfix. Postfix is the default emailer that comes with FreePBX.

8. At your FreePBX console download and install webmin. Webmin is a great web based utility to help configure Linux servers. You might have to get the latest download link for webmin off of their website:

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.570-1.noarch.rpm
rpm -Uvh webmin-1.570-1.noarch.rpm

9. You should now be able to connect to webmin on your FreePBX server by going to https://ipoffreepbxserver:10000, or http://ipoffreepbxserver:10000. Login with your root user.

10. Go to "Servers" -> "Postfix Mail Server".

11. Click "Edit Config Files", and edit your main.cf file. Scroll down to the bottom and put the following lines in. Substitute the domain information for what yours actually is.

myhostname = asterisk.mydomainname.com
mydomain = mydomainname.com
myorigin = mydomainname.com
masquerade_domains = mydomainname.com
smtp_generic_maps = hash:/etc/postfix/generic

relayhost = [127.0.0.1]:11125

smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = no
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = 
smtp_use_tls = yes
smtp_cname_overrides_servername = no

12. Now we need to configure the smtp email mappings to make sure your email is sending out properly. Type in the following:

vi /etc/postfix/generic

* At the bottom of this file add the following lines (changing for your actual hostname and domain name. also, there should be a space between the hostname email, and domain email) I am not sure if this step is actually neeeded:
voicemail_at_yourasteriskhostname voicemail_at_yourdomainname

*These lines should be configured to match the hostname and your actual email address.
Now type in "postmap /etc/postfix/generic". This will write your changes to the /etc/postfix/generic.db file.

13. Yes. It's not over yet. We now need to configure the authentication for your mail server. Type in the following:

vi /etc/postfix/sasl_password

*Put a line in similar to this example which authenticates to your email server

[127.0.0.1]:11125 emailaddress:youremailpassword

*Save this file and close it. Now type:
"postmap /etc/postfix/sasl_password" This will write your changes to the /etc/postfix/sasl_password.db file.

14. Do a "service postfix restart" to make sure changes are applied.
15. I would recommend you try leaving some test voicemails that will trigger an email to go out. You will want to make sure the email being sent out from asterisk matches that of your email account you are relaying to. To watch what emails are being sent from your server you can do a "tail -f /var/log/maillog". On my server it is sending out emails as asterisk@mydomain

Blogs: 
Technical