public:mail:postfix
This is an old revision of the document!
Table of Contents
Postfix
SMTP over TLS
Configuring TLS on daemon side
This Postfix configuration option enable TLS support on SMTP connections.
smtpd_tls_security_level=may smtpd_tls_cert_file=/path/to/certificate_cert.pem smtpd_tls_key_file=/path/to/certificate_private.pem smtpd_tls_CAfile=/path/to/certificate_ca_cert.pem
Configuring TLS on client side
This Postfix configuration options enable TLS support on client. Client is used by Postfix server when relaying mail to another server using SMTP.
smtp_tls_security_level=may
It's also possible to enable TLS only on specific relay host.
Configuring SMTP authentication
smtpd_sasl_auth_enable=yes broken_sasl_auth_clients=yes smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_authenticated_header=yes
Saslauthd service can be used to check password on LDAP.
Postfix is chrooted by default, 2 solutions can be used to allow Postfix/saslauthd :
- disabling Postfix chroot : easy but sad…
- moving saslauthd unix socket into Postfix chroot :
rm -rf /var/spool/postfix/var/run/saslauthd mkdir -p /var/spool/postfix/var/run/saslauthd chown root:sasl /var/spool/postfix/var/run/saslauthd chmod 710 /var/spool/postfix/var/run/saslauthd ln -s /var/spool/postfix/var/run/saslauthd /var/run
public/mail/postfix.1331746148.txt.gz · Last modified: 2012/03/14 17:29 by toony