Skip to Content
Technical Articles
Author's profile photo Ragavendiran Kulothungan Shakila

Sendgrid SMTP Relay Configuration Using Postfix in SAP S/4HANA

Overview

In this blog post I have explained about how to use / configure Sendgrid as SMTP relay in SAP S/4HANA using postfix mail package in Redhat linux.

Environment Details :

Linux Version : Red Hat Enterprise Linux Server 7.6

SAP S/4HANA 1909 FPS 00

HANA 2.0 SP04

Install Postfix in Redhat Linux

Check Postfix is installed

# rpm -qa | grep postfix

Install Postfix

# yum install -y postfix

# systemctl start postfix

# systemctl enable postfix

# systemctl status postfix

Postfix status should be active (running)

Steps to be carried in Linux server:

Take backup of below files from /etc/postfix

  1. main.cf
  2. sasl_passwd (If already available)

# cd etc/postfix

# cp main.cf main_bkp.cf

# cp sasl_passwd sasl_passwd_bkp

Add below lines in main.cf file

# cd etc/postfix

# vi main.cf

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_sasl_security_options = noanonymous

smtp_sasl_tls_security_options = noanonymous

smtp_tls_security_level = encrypt

header_size_limit = 4096000

relayhost = [smtp.sendgrid.net]:587

— Save —

Edit sasl_passwd

Note: You should have sendgrid account details to proceed further.

# vi sasl_passwd

[smtp.sendgrid.net]:587 sendgridUsername:SendgridPassword

Note: Sendgrid login account details is username & password.

# sudo chmod 600 /etc/postfix/sasl_passwd

# sudo postmap /etc/postfix/sasl_passwd

# sudo systemctl restart postfix

Check postfix status,

# sudo systemctl status postfix

Test Using Unix Command:

Create file

# vi /tmp/test.txt

— Type any content in the text file —

Example :

SMTP Mail Configuration Using Sendgrid Completed Successfully !

— Save —

mail -s “Sendgrid Configuration Mail” example@gmail.com < /tmp/test.txt

You should receive mail as below,

You can also test send mail using telnet command.

SMTP Configuration in SAP:

  1. Create SMTP_USER (Service User) in all working clients with

          Profiles: SAP_ALL & S_A.SCON

      2. Create JOBUSER (Service User) in all working clients with (optional step)

          Profile : SAP_ALL

SCOT Configurations: (In all working clients)

1.SCOT

Setting -> Default Domain

Note :

If the default domain is SAP.COM and the user name TESTUSER, the mail address would be TESTUSER@SAP.COM. Accordingly decide what is your default domain.

2. Create SMTP Node

Click on “Node in use” -> Save

3. Click on Settings “SMTP Configuration”

Type Sendgrid Login details: (Username & Password)

Save

4.Click on Set “Internet”

Save

Once Saved, we should see SCOT screen as below,

5. Click on Settings on left pane, modify as below screenshot


Save

6. Click on Settings “Inbound Messages”, modify as below

7. To Create Background Job to Trigger mail once in 10 Minutes (All Clients)

JobName :  Z_SAPCONNECT_<Client> (Any job name)

Background User : JOBUSER

Release the job.

8. T-Code : SICF

Double click on SAPCONNECT

Under logon data tab, mention user as “SMTP_USER” & Password

 

11. Activate the SAPCONNECT Service from SICF T-Code, right click on the service & activate.

How to Test?

T-Code : SCOT

Check in SOST (After 10 Minutes), Once the Z_SAP_CONNECT_100 job completes status should turn from waiting to sent

I hope above blog post is useful and I have described best to my knowledge on how to configure Sendgrid as SMTP relay service in SAP S/4HANA.

Comments & Suggestions are always welcome 🙂

Keep Supporting !

Regards,
Ragav

Assigned Tags

      4 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Jean Clappier
      Jean Clappier

      hi Ragav,

      Great post, thanks for sharing! On question about part "SMTP Configuration in SAP" point 2 "Create SMTP Node".

      Shouldn't we put "localhost" on port 25 instead of "smtp.sendgrid.com" on port 587, to force SAP to use the local postfix config you've described in the first part ?

      Thanks Ragav and Baptiste Vandaele for your help on this.

      Author's profile photo Marc Bernard
      Marc Bernard

      Thanks for the detailed. blog. A few comments...

      1. Neither STMP_USER nor JOBUSER should have SAP_ALL
      2. The setup should use "Mandatory TLS" or your emails will be in plain text over the Internet
      3. The user ID "apikey" in the SMTP node must be lower case (see https://gist.github.com/mbtools/dae6501b773b48cc4983ab30a0d16e15)

       

      Author's profile photo Brian Mc Quillan
      Brian Mc Quillan

      Hello,

      Regarding Marc's comment on the SAP_ALL point, is there a lesser profile that can be assigned rather than SAP_ALL ?. Our security tool ( SecurityBridge ) will flag this as a security & compliance event.

      I'm using this blog as the foundation for one of our Linux VM systems running SAP NW 750 ABAP on MS Azure Cloud. The SAP_ALL assignment has been challenged by our security team so I'm looking for an alternative way to get the SCOT/SMTP part of the config completed not using SAP_ALL.

      Does the "Mandatory TLS" usage alter the blog procedure that should be followed for a secure config ?.

      Author's profile photo Brian Mc Quillan
      Brian Mc Quillan

      Hello,

      I think the SMTP_USER & SICF SAPConnect parts of the process detailed are specific for the "inbound" emails and not needed for just an "outbound" only setup.

      https://launchpad.support.sap.com/#/notes/2148070

      https://launchpad.support.sap.com/#/notes/2203325