Mark Little wrote: : Although I am not sure if Rogers block outgoing port 25 for customers to : everything except for their SMTP servers; some ISPs do this to avoid open : relays on their network. Unfortunately, I'm pretty sure Rogers blocks outbound SMTP. At least, I had to change my relayhost to TCP port 587 in order for it to work. As far as using them as a permanent relayhost, you want these in your main.cf at a minimum: ----- relayhost = mail.rogers.com # I'm guessing at the domain here smtp_sasl_auth_enable = yes # Enable SASL authentication smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd # Password maps are held in here ----- And these, so long as the Rogers SMTP servers support TLS: ----- smtp_use_tls = yes # Tell the SMTP client to use TLS smtp_enforce_tls = yes # Tell it to *require* TLS (this is important, if you're on untrusted networks) ----- And you may need this line as well, in certain circumstances. It tells the SASL client to not permit anonymous connections (i.e. require authentication). This overrides the SASL default of 'noanonymous noplaintext', to permit plaintext logins, as some SMTP servers do not speak a compatible SASL authentication mechanism. You should check the available mechs on mail.rogers.com before enabling this line. ----- smtp_sasl_security_options = noanonymous ----- Then just create /etc/postfix/sasl_passwd as such: ----- mail.rogers.com smtp_username:smtp_password ----- Note that the key (mail.rogers.com) *must* match your relayhost from main.cf, so Postfix knows to use this username/password pair for that relayhost. That should get it going! Note that this does *not* address things like certificate validation, so it is (theoretically) possible for someone to steal your mail username and password. If you want to do certification validation, you'll need to look through the smtp_sasl_* options, and make sure you have a proper root certificate bundle installed on your system (and Postfix knows where to find it, of course). This is especially important if you set the 'noanonymous' line above, as your username/password will be passed plaintext over the SSL connection. - Damian