Options
Auth SMTP on Linux
Here is a quick howto I made up just the other day. This project has taken me about a week and a half, between work and school, to get working correctly. I have Microsoft certs and training so I would like to run it past some people with Linux experience to see if there's anything I could do better or easier. Some parts of it I did about a week ago so it might be missing some things. I also know there are howtos like this already on the Internet, but I tried to follow some and different ones didn't cover all the steps. The culmination of this is from about 5 different howtos.
Postfix, sasl2, and courier-imap, and courier-pop
1. Packages to get for authenticated smtp using GNU/Debian.
apt-get install postfix courier-authdaemon courier-imap courier-pop postfix-tls libsasl2 libsasl2-modules openssl procmail
2. Create a tls certificate:
openssl req –new –outform PEM –out smtpd.cert –newkey rsa:2048 –nodes –keyout smtpd.key –keyform PEM –days 3650 –x509
3. The postfix config file, it’s at /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
mydomain = example.local
myorigin = $myhostname
myhostname = fs01.example.local
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = smtp.example.local, fs01, localhost.$mydomain, localhost, example.local, $myhostname
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = /usr/bin/procmail -a $EXTENSION
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_use_tls = yes
smptd_sasl_local_domain =
smtpd_sasl_application_name = smtpd
4. For the imap and pop make sure your maildir is specified correctly.
MAILDIRPATH=Maildir/
Add to the /etc/skel/
and any users already made
maildirmake Maildir
maildirmake –f Drafts /Maildir
maildirmake –f Junkmail /Maildir
maildirmake –f Templates /Maildir
maildirmake –f Sent /Maildir
5. Make sure there is a file /etc/procmailrc. The contents should be MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR
6. Couple of directories and files to create: /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: plain login
Next dir: /var/spool/postfix/var/run/saslauthd. #postfix is chrooted
7.saslauthd –a pam –m /var/spool/postfix/var/run/saslauthd
8. postfix reload
should work!
imap and pop should have correct ip addresses, and ports list in the respective config files.
Postfix, sasl2, and courier-imap, and courier-pop
1. Packages to get for authenticated smtp using GNU/Debian.
apt-get install postfix courier-authdaemon courier-imap courier-pop postfix-tls libsasl2 libsasl2-modules openssl procmail
2. Create a tls certificate:
openssl req –new –outform PEM –out smtpd.cert –newkey rsa:2048 –nodes –keyout smtpd.key –keyform PEM –days 3650 –x509
3. The postfix config file, it’s at /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
mydomain = example.local
myorigin = $myhostname
myhostname = fs01.example.local
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = smtp.example.local, fs01, localhost.$mydomain, localhost, example.local, $myhostname
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = /usr/bin/procmail -a $EXTENSION
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_use_tls = yes
smptd_sasl_local_domain =
smtpd_sasl_application_name = smtpd
4. For the imap and pop make sure your maildir is specified correctly.
MAILDIRPATH=Maildir/
Add to the /etc/skel/
and any users already made
maildirmake Maildir
maildirmake –f Drafts /Maildir
maildirmake –f Junkmail /Maildir
maildirmake –f Templates /Maildir
maildirmake –f Sent /Maildir
5. Make sure there is a file /etc/procmailrc. The contents should be MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR
6. Couple of directories and files to create: /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: plain login
Next dir: /var/spool/postfix/var/run/saslauthd. #postfix is chrooted
7.saslauthd –a pam –m /var/spool/postfix/var/run/saslauthd
8. postfix reload
should work!
imap and pop should have correct ip addresses, and ports list in the respective config files.