LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Fedora (https://www.linuxquestions.org/questions/fedora-35/)
-   -   Postfix 2.X SMTP AUTH Success Story (https://www.linuxquestions.org/questions/fedora-35/postfix-2-x-smtp-auth-success-story-137965/)

ckmehta 01-23-2004 07:28 PM
Postfix 2.X SMTP AUTH Success Story
 
Hi All...given all the help I have found here in general, just wanted to pass this along cuz the documentation was scattered all around.

On my new Fedora Core1 box, to enable successful SMTP AUTH for postfix functionality, here is what I did.

1. I had and/or added the following RPM packages:
cyrus-sasl-2.1.15-6
cyrus-sasl-devel-2.1.15-6
cyrus-sasl-gssapi-2.1.15-6
cyrus-sasl-md5-2.1.15-6
cyrus-sasl-plain-2.1.15-6
postfix-2.0.11-5

2. Added the following lines to the end of my /etc/postfix/main.cf file:
#BEGIN SASL config for SMTP AUTH
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#next line looks stupid to keep as a NULL value,
#but is apparently important for sasl to work properly from
#my research. LOADS of stock documentation in /usr/share/doc/postfix/*
#and other websites incorrectly suggest (for this version of
#postfix atleast):smtpd_sasl_local_domain =$myhostname
smtpd_sasl_local_domain =
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains

#END SASL config for SMTP AUTH

3. Goto /etc/pam.d and created a cyrus file from a copy of my imap file with the following text:
#%PAM-1.0 Sasl for Postfix SMTP AUTH
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth

4. Restarted the Postfix and saslauthd daemons:
/etc/init.d/saslauthd restart
/etc/init.d/postfix restart

5. Review the fairly detailed documentation from the following site to test if your authentication works, specifically Section 12.4:
http://postfix.state-of-mind.de/patr...ilclients.html

FYI: use the perl command below instead of the printf statement to get your base64 encoding
perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");'

6. Review other documentation of website in #5 for some other config tweaks and how to setup mail clients like Outlook Express to authenticate using SMTP AUTH.

Hope this Helps,

Cyrus (Yes, real name, not the server!!)

P.S. Here is the output from a "postconf -n" to see all non-default settings in my main.cf file incase it matters

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
inet_interfaces = all
mail_owner = postfix
mailbox_command = /usr/bin/procmail
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
max_use = 10
mydestination = $myhostname, localhost.$mydomain
myhostname = YOURDOMAIN.COM
mynetworks = 192.168.0.0/24, 127.0.0.0/8
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.0.11/README_FILES
sample_directory = /usr/share/doc/postfix-2.0.11/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 450


All times are GMT -5. The time now is 03:05 AM.