netbsd, postfix, relaying and sasl
Feb 28, 2011One more thing I don’t do often enough to remember, setting up SASL-based email relaying to pobox.com:
-
stop the existing postfix:
/etc/rc.d/postfix stop
-
update the POSTFIX.options += sasl tls
-
install mail/postfix from pkgsrc:
cd mail/postfix && make install
-
update the postfix configuration:
/usr/pkg/sbin/post
-
update /etc/rc.d.conf/postfix
-
Postfix installs
security/cyrus-sasl
as a dependency, but doesn’t include any authentication methods, so install:
*#security/cy2-plain
Strictly speaking you can stop installing here but I also include two more in case I later want to authenticate to some other service:
*#security/cy2-crammd5
*#security/cy2-digestmd5
-
Add the following to the
/usr/pkg/etc/postfix/main.cf
:relayhost = [smtp.pobox.com]:26 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/usr/pkg/etc/postfix/smtp_passwd smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_tls_loglevel = 1 smtp_tls_security_level = encrypt
-
Create the file
/usr/pkg/etc/postfix/smtp_passwd
:
[smtp.pobox.com]:26 username``pobox.com:S0M3pa$SW0r>
-
Create the map for postfix:
/usr/pkg/sbin/postmap hash:smtp_passwd
See http://www.postfix.org/SASL_README.html and http://pobox.com/help/article/name/postfix for reference. Also think about Dovecot’s SASL, http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL