So I set up my Univention Corporate Server as Mail server (Dovecot, postfix) .. which worked just fine, but a few things to take note of:
1) if you have the internal host name not DNS resolvable publically then you need to set the HELO name used by postfix:
The Error one would see in mail.log would contain this:
Helo command rejected: Host not found (in reply to RCPT TO command)"}]}
# ucr search helo
If this option is activated, it is required that a remote SMTP client introduces itself with the HELO or EHLO command
before sending the MAIL command or other commands that require EHLO negotiation (Default: "no").
This variable allows the configuration of the hostname the server used for identification as part of the SMTP protocol
(EHLO/HELO). If the variable is unset, the fully qualified hostname is used.
so we need to change this either in the Web interface under System - Univention Configuration Registry or on the command line
# ucr set mail/smtp/helo/name=<your public facing FQDN here>
and now the mails send just fine - I gave them a push with
postqueue -fand they were sent immediately
2) make sure your ISP sets a PTR record for the IP(s) you are sending from otherwise you get these (not so fun) errors:
status=deferred (host ........... said: 421 Refused. You have no reverse DNS entry. See: https://www.domaintechnik.at/mailpolicy#DENIED_RDNS_MISSING (in reply to RCPT TO command))
status=deferred (host ........... refused to talk to me: 550 No reverse dns for IP 18.104.22.168. Help at/Hilfe unter www.mfaq.info)
status=deferred (host ........... refused to talk to me: 451 Reverse DNS lookup failed for host 22.214.171.124 (no-ptr))
after the reverse DNS (PTR) entries are added all my mails were sent as expected.
3) set your mynetworks so that your local machines (including servers) can send without authentification (if you want that that is) the UCR variable is called
mail/postfix/mynetworks (refer to point 1 on how to set these)