Beruflich Dokumente
Kultur Dokumente
SMTP authentication
Postfix is a free and open source mail transfer agent (MTA). It is intended as a fast,
easy-to-administer, and secure alternative to the widely-used Sendmail MTA.
# Create user and allow him to read from the mail database
GRANT SELECT ON mail.* TO '{username}'@'localhost' IDENTIFIED BY
'{password}';
FLUSH PRIVILEGES;
user = {username}
password = {password}
dbname = mail
table = domains
select_field = 'virtual'
where_field = domain
hosts = 127.0.0.1
user = {username}
password = {password}
dbname = mail
table = forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1
user = {username}
password = {password}
dbname = mail
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-
1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = 127.0.0.1
user = {username}
password = {password}
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1
user = {username}
password = {password}
dbname = mail
table = transport
select_field = transport
where_field = domain
hosts = 127.0.0.1
user = {username}
password = {password}
dbname = mail
table = transport
select_field = domain
where_field = domain
hosts = 127.0.0.1
{username} = The username you selected for the new MySql user
{password} = The password you selected for the new MySql user
Make sure they aren't readable by any user because the password is included
7. Configure Postfix
mkdir -p /var/spool/postfix/var/run/saslauthd
START=yes
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
11. Configure SASL to use the new PID file location (pico /etc/init.d/saslauthd)
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
Make sure you replace all PIDFILE definations in the file. This is set on a few places.
12. Configure PAM to use MySql backend for authentication (pico /etc/pam.d/smtp)
{username} = The username you selected for the new MySql user
{password} = The password you selected for the new MySql user
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: {username}
sql_passwd: {password}
sql_database: mail
sql_select: select password from users where email = '%u'
{username} = The username you selected for the new MySql user
{password} = The password you selected for the new MySql user
/etc/init.d/saslauthd restart
/etc/init.d/postfix restart
1. Handle mail for a domain. This must be done if you will create mailboxes or
forwards handled on this server.
2. Create user/mailbox. Users will be able to receive mail and send mails using this
server
It's assumed that you have already installed and configured Postfix according to this
tutorial: Installing Postfix with MySql backend and SASL for SMTP authentication
authmodulelist="authmysql"
MYSQL_SERVER 127.0.0.1
MYSQL_USERNAME {username}
MYSQL_PASSWORD {password}
MYSQL_PORT 0
MYSQL_DATABASE {database}
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-
1),'/',SUBSTRING_INDEX(email,'@',1),'/')
MYSQL_QUOTA_FIELD quota
/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart