LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Want steps to enable smtp authentication in postfix (https://www.linuxquestions.org/questions/linux-newbie-8/want-steps-to-enable-smtp-authentication-in-postfix-774594/)

bittus 12-09-2009 07:43 PM
Want steps to enable smtp authentication in postfix
 
1 Attachment(s)
  1. Now my users are able to use mail clients to send mails only from "mynetworks". As you can see in my main.cf(attached), the smtpd_recipient_restrictions entries are resisting them. However they are able to receive mails from anywhere. I want to enable smtp authentication, so that whenever the users try to send a mail, they will be prompted for username and password. Thus I can remove the sending restrictions and all my users will be able to send mails from anywhere. I am not able to successfully complete the task of enabling smtp authentication yet.

    Can I get a step by step procedure to enable smtp authentication on a postfix server ? Or please suggest me a good e-book on this.
  1. I would like to resist the size of attachments sent/recieved thru my server to 5MB. Mails with attachments above 5MB should be rejected back to the sender.

Please note that the domain name, hostname and IPs are masked

version of postfix : 2.5.5

rweaver 12-10-2009 12:26 PM
Code:
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_recipient_domain,reject_non_fqdn_recipient
smtpd_tls_auth_only = no
smtp_use_tls = no
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_sessions_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
tls_daemon_random_source = dev:/dev/urandom
smtpd_sasl_authenticated_header = yes
smtpd_tls_session_cache_timeout = 3600s
Adding something along these lines will get you working with smtp-auth. Remember you must have saslauthd running also. If you want tls only smtp auth you'll need that line changed of course. You *really* should have tls setup and in use if you're doing smtp auth.


All times are GMT -5. The time now is 10:01 AM.