Difference between revisions of "Set up your mail server for sending"

From Linuxintro
imported>ThorstenStaerk
imported>ThorstenStaerk
Line 1: Line 1:
 
= Overview =
 
= Overview =
You have [[set up a mail server]] and do not want anyone to use it as spam-catapult. So you need ''sender verification'' in your postfix service. Only people who know their username and password shall be allowed to send mail.
+
When you have [[set up a mail server]] you can by default send mails within your own domain (e.g. linuxintro.org) but not to the outside. What you probably want is that internet users can connect via a mail client, e.g. Thunderbird to your mail server. If they know a valid username and password, they are allowed to read and send mails.
  
 
= Configure it =
 
= Configure it =

Revision as of 09:07, 18 April 2012

Overview

When you have set up a mail server you can by default send mails within your own domain (e.g. linuxintro.org) but not to the outside. What you probably want is that internet users can connect via a mail client, e.g. Thunderbird to your mail server. If they know a valid username and password, they are allowed to read and send mails.

Configure it

Authentication is done by saslauthd. So install saslauthd, in this case for SUSE Linux: 

yast -i cyrus-sasl-saslauthd

Start the service: 

/etc/init.d/saslauthd start

Make sure your authentication service is running: 

/etc/init.d/saslauthd status

has to deliver 

running

Make sure the service starts on boot 

chkconfig saslauthd on

In /etc/postfix/main.cf, set 

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

In /etc/postfix/main.cf, add permit_sasl_authenticated to smtpd_recipient_restrictions. The resulting line may look like this: 

smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination,
                               check_policy_service inet:127.0.0.1:60000

Restart Postfix 

/etc/init.d/postfix restart

Test it

Start kmail, setup localhost as incoming and outgoing mail server. In kmail, change the sending account's authentication method to "LOGIN". Send a mail to testuser@localhost.

TroubleShooting

Authentication not enabled

Symptom

You get 

Sending failed: Your SMTP server does not support authentication. The server responded: "5.5.1 Error: authentication not enabled"
Solution

You will need to modify /etc/postfix/main.cf, set 

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

and restart postfix: 

/etc/init.d/postfix restart

generic failure

Symptom

You get 

Sending failed. Most likely the password is wrong. The server responded: "5.7.8 Error: authentication failed: generic failure"
Solution

You need to make sure your authentication service has been started: 

/etc/init.d/saslauthd status

has to deliver 

running

no authentication mechanism available

Symptom

You get 

Sending failed: Your SMTP server does not support The server responded: "5.7.8 Error: authentication failed: no mechanism available"
Reson

You may have

  • plain
  • digest-md5
  • cram-md5

as authentication method in kmail.

Solution

Change this to Login.

no worthy mechanisms found

Symptom

You get 

Sending failed: An error occurred during authentication: SASL(-4):no mechanism available: No worthy mechs found
Reason

You may have

  • GSSAPI

as authentication method in kmail.

Solution

Change this to Login.

no mail is sent

Symptom

Nothing happens and no mail is sent

Reason

You may have

  • NTLM

as authentication method in kmail.

Solution

Change this to Login.

See also

Retrieved from "http://linuxintro.org/index.php?title=Set_up_your_mail_server_for_sending&oldid=895"