RSS / Atom

netbsd, postfix, relaying and sasl

2011-02-28 , ,

One more thing I don’t do often enough to remember, setting up SASL-based email relaying to

  1. stop the existing postfix: /etc/rc.d/postfix stop
  2. update the POSTFIX.options += sasl tls
  3. install mail/postfix from pkgsrc: cd mail/postfix && make install
  4. update the postfix configuration: /usr/pkg/sbin/post
  5. update /etc/rc.d.conf/postfix
  6. Postfix installs security/cyrus-sasl as a dependency, but doesn’t include any authentication methods, so install:
    • security/cy2-plain
      Strictly speaking you can stop installing here but I also include two more in case I later want to authenticate to some other service:
    • security/cy2-crammd5
    • security/cy2-digestmd5
  7. Add the following to the /usr/pkg/etc/postfix/
    relayhost = []:26
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/usr/pkg/etc/postfix/smtp_passwd
    smtp_sasl_security_options = noanonymous
    smtp_sasl_tls_security_options = noanonymous
    smtp_tls_loglevel = 1
    smtp_tls_security_level = encrypt
  8. Create the file /usr/pkg/etc/postfix/smtp_passwd:
    []:26$SW0r> # Create the map for postfix: /usr/pkg/sbin/postmap hash:smtp_passwd@

See and for reference. Also think about Dovecot’s SASL,



Commenting is closed for this article.