Comments on Postfix SMTP Authentication - On The Secure Port Only
Postfix SMTP Authentication - On The Secure Port Only So let's say your users are going away for holidays but need to use your mailserver to relay mail from outside the organisation... Let's set up SMTP authentication for the secure port only and allow access to this from outside your network.
8 Comment(s)
Comments
This was the easiest, fastest way I managed to get this working so don't ask me, I just wrote the thing;)
I have spent 3 days trying to get smtp on postfix to work. This simple guide has made it work in under 5 minutes, thank you!
Hello,
Thank you for wrapping this up.
I was wondering why you pass options to smtpd in the master.cf file rather than using the same options in main.cf.
Also, I wanted to point to a related article that describes how to setup GSSAPI authentication for Postfix.
chkconfig --levels 235 saslauthd on
should be
chkconfig --level 235 saslauthd on
without the s on levels
So I setup a full email server using postfix. I found this tutorial so that I could allow my server to send outgoing through my smtp.
Here is the problem, everything is connecting now and I can see its connected properly, however it times out while sending the message. I get this message.
Sending of message failed.
The message could not be sent because the connection to SMTP server rooomies.com timed out. Try again or contact your network administrator.
Using Thunderbird
should you add smtpd_sasl_security_options = noanonymous
as by default it will try to fallback to other authetication methods if tls fails, essentially allowing other unauthenticated servers to relay?
does this actually use SSL/TLS? Looks like the authentication only uses plain text login.
I ran through these instructions and they didn't work. There are no dates anywhere (how bad is that?) so I suspect they are out of date.
The section of commands to generate the keys in postfix/ssl, there is a frequent (not documented here) demand for a passphrase. I just used the same on throughout. I have no idea if that was right.
When I try to send an email to 465 I get 'timed out' and the log tells me there was a SASL authentication failure. Who knows ....