Make these changes to your Postfix configuration, either by editing /etc/postfix/main.cf or using "postconf -e":
relayhost = [smtp.dl.nibble.bz]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes
The given password map file will need to be created and it is in the format of:
mailserver.example.com username:password
The name of the mail server must match your "relayhost" above, and the username and password are the credentials of some user with permission to relay mail. You can use your own credentials or create an account on the server to specifically allow mail relaying.
Once you have created the password map file, run:
postmap /etc/postfix/sasl_passwd
This should create a corresponding "sasl_passwd.db" file. Since both these files contain the above password in plaintext, you should protect them as much as possible:
chmod 600 /etc/postfix/sasl_passwd
chmod 640 /etc/postfix/sasl_passwd.db
chgrp mail /etc/postfix/sasl_passwd.db
Once you have edited your Postfix configuration and created the password map, just restart or reload postfix (just run "postfix reload") and you're done!
Optionally, you can enable SSMTP (on port 465) in addition to TLS on the standard SMTP port (25) which is useful for users who are connecting from sites which block outbound SMTP. It's trivial, un-comment these lines in master.conf and do "postfix reload" again:
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
Props to the following resources:
http://www.postfix.org/postconf.5.html#smtp_use_tls
http://wiki.zimbra.com/index.php?title=Outgoing_SMTP_Authentication
http://ben.franske.com/blogs/bensbits.php/2005/09/06/postfix_smtp_auth_support_for_relayhost
http://dl.nibble.bz/~archangel/archive.php?news=219
No comments:
Post a Comment