Home

Setup Postfix with SMTP Auth

Submitted by hkai on Sat, 06/26/2010 - 21:26
  1. Install Postfix and SASL 
    apt-get install postfix sasl2-bin
  2. edit /etc/default/saslauthd, change the following:
    START=yes
     
  3. Start saslauthd:
    /etc/init.d/saslauthd start
  4. test if saslauthd is working:
    testsaslauthd -u username -p password
  5. Stop saslauthd:
    /etc/init.d/saslauthd stop
  6. Create file /etc/postfix/sasl/smtpd.conf:
    pwcheck_method: saslauthd
     
  7. edit /etc/postfix/main.cf :
    mtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes

    smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination
     

  8. Now the tricky part, I'd spent hours on this. Postfix does a chroot, so it cant communicate with saslauthd, you need to run the following:
    rm -r /var/run/saslauthd/
    mkdir -p /var/spool/postfix/var/run/saslauthd
    ln -s /var/spool/postfix/var/run/saslauthd /var/run
    chgrp sasl /var/spool/postfix/var/run/saslauthd
    adduser postfix sasl
     
  9. I also did the following, don't know if it affect it or not:
    chmod o+r /etc/sasldb2
  10. Restart postfix and saslauthd:
    /etc/init.d/postfix restart
    /etc/init.d/saslauthd start
  11. I also changed the password for the test account, so it may updated saslauthd
    passwd username
  12. Now generate the base64 string for testing:
    perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password")'
  13. Let's test the SMTP auth now:
    telnet localhost 25
    auth plain dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=
  14. Here's the following output as example:
    Trying 127.0.0.1...
    Connected to localhost.localdomain.
    Escape character is '^]'.
    auth plain dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=
    235 2.7.0 Authentication successful

     

 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer