Difference between revisions of "PostFix Howto With SASL"

From ArchWiki
Jump to: navigation, search
(quick update; rm contributor notes, this is a wiki w/ history)
Line 25: Line 25:
  
 
or add it to your <code>/etc/rc.conf</code> file so Postfix starts each reboot.
 
or add it to your <code>/etc/rc.conf</code> file so Postfix starts each reboot.
 +
 +
SASL can use different authentication methods. The default one is PAM (as configured in <code>/etc/conf.d/saslauthd</code>), but to set it up properly you have to create <code>/usr/lib/sasl2/smtpd.conf</code>:
 +
 +
<pre>
 +
pwcheck_method: saslauthd
 +
saslauthd_path: /var/run/saslauthd/mux
 +
mech_list: plain login
 +
log_level: 7
 +
</pre>
 +
 +
To read about other authentication methods please refer to http://www.postfix.org/SASL_README.html
  
 
Hopefully you should be able to telnet to your Postfix server with :
 
Hopefully you should be able to telnet to your Postfix server with :

Revision as of 14:43, 7 September 2007

The postfix package in [extra] is compiled with sasl support:

pacman -Sy postfix

An example line for the /etc/postfix/main.cf file to enable the SASL is below.

mydestination = $myhostname, localhost.$mydomain, $mydomain
myorigin = $mydomain
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_tls_auth_only = no
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,permit
broken_sasl_auth_clients = yes
relay_domains = *

You might want to change various options to suit your needs though. Setup Postfix as you normally would and start it with :

/etc/rc.d/postfix start

or add it to your /etc/rc.conf file so Postfix starts each reboot.

SASL can use different authentication methods. The default one is PAM (as configured in /etc/conf.d/saslauthd), but to set it up properly you have to create /usr/lib/sasl2/smtpd.conf:

pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: plain login
log_level: 7

To read about other authentication methods please refer to http://www.postfix.org/SASL_README.html

Hopefully you should be able to telnet to your Postfix server with :

telnet localhost 25

You should then type :

EHLO test.com

This is roughly what you should see :

Trying 127.0.0.1...

Connected to localhost.localdomain
Escape character is '^]'

220 justin ESMTP Postfix
EHLO test.com
250-justin
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN OTP DIGEST-MD5 CRAM-MD5
250-AUTH=PLAIN OTP DIGEST-MD5 CRAM-MD5
250 8BITMIME