LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-21-2008, 05:01 AM   #1
rutgerw
Member
 
Registered: Jun 2004
Location: Leiden, The Netherlands
Distribution: Slackware 10.2, SmoothWall Express v3, Kubuntu 7.04, Mac OS X.4
Posts: 69

Rep: Reputation: 15
postfix relayhost configuration (SMTPS)


Hi Everybody,

I'm trying to setup my postfix configuartion to send email via my ISP.

I've understand that you should use the "relayhost=" in postfix.cf
However my ISP uses SMTP-AUTH on port 465 (with SSL)

I've read that i should add the following lines and create the sasl_passwd file:
relayhost = [smtps.isp.com]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes

However I've also read that my passwords are send in plain text on port 25.

How do I setup postfix so that my passwords are sent encrypted (SSL/TLS?!) over port 465 (this is the port my ISP uses)?
 
Old 02-21-2008, 09:59 PM   #2
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
have a look at smtp_sasl_tls_security_options at http://www.postfix.org/postconf.5.ht...curity_options
 
Old 02-22-2008, 04:07 PM   #3
rutgerw
Member
 
Registered: Jun 2004
Location: Leiden, The Netherlands
Distribution: Slackware 10.2, SmoothWall Express v3, Kubuntu 7.04, Mac OS X.4
Posts: 69

Original Poster
Rep: Reputation: 15
Thnx,

I think the noplaintext option was just what is was looking for.

Last edited by rutgerw; 02-22-2008 at 04:08 PM. Reason: typo
 
Old 02-19-2011, 02:02 AM   #4
Milan Knizek
LQ Newbie
 
Registered: Sep 2006
Posts: 1

Rep: Reputation: 0
I know that this thread is a bit old, but it popped up in google while I was trying to setup relaying local email to my external SMTP server (SSL encryption on port 465, plain text authentification).

Postfix version 2.8.0 does not support SMTP client mode on SSL port 465. Instead, one has to use a separate daemon stunnel (refer elsewhere how to set it up and run) to wrap the communication into ssl. Do not forget to check /etc/hosts.allow to allow connections to stunnel ("stunneld: ALL")

Once setup, add this to your stunnel.conf:

Code:
[smtp-tls-wrapper]
 accept = 11125
 client = yes
 connect = your.smtp.server.com:465
and test by running "telnet localhost 11125" - you should be redirected to your.smtp.server.com and get its greetings. Type "quit" to exit.
If you get error with libwrap (check /var/log/...), try adding "libwrap = no" to stunnel.conf and restart stunnel service.

The /etc/postfix/main.cf configuration is similar as above, just the relay host is local:

Code:
relayhost = [127.0.0.1]:11125
smtp_sasl_type = cyrus
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_auth_enable = yes
   # optional: necessary if email provider
   # requires passwords sent in clear text
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = plain, login
  # optional: necessary if email provider uses load balancing and
  # forwards emails to another smtp server
  # for delivery (ie: smtp.yahoo.com --> smtp.phx.1.yahoo.com)
smtp_cname_overrides_servername = no
Also do not forget to create the credentials file /etc/postfix/sasl_passwd (set chmod go-rwx to protect it from non-root users):
Code:
# The server info must exactly match the value
# for "relayhost" in /etc/postfix/main.cf
[127.0.0.1]:11125 my_login:my_password
and rebuild the password hash by typing "postmap hash:/etc/postfix/sasl_passwd".

Then restart postfix and try "telnet localhost 25" and type

Code:
EHLO localhost
MAIL FROM: <from-email>
RCPT TO: <recipient-email>
DATA
Type message here.
. <Enter>
=>
The last line leaves DATA mode and email should be relayed by postfix. Watch /var/log files to see if it goes okay.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Configuration namit Linux - Server 1 02-18-2007 01:55 PM
postfix relayhost gabsik Linux - Networking 1 02-08-2007 02:51 AM
PostFix configuration jscedunn Linux - Enterprise 6 01-31-2007 11:49 AM
Do I need a relayhost? gubak Linux - Networking 1 08-23-2004 07:52 AM
postfix configuration argh2005 Linux - Networking 0 08-30-2003 10:35 PM


All times are GMT -5. The time now is 10:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration