Set up your mail server for sending

From Linuxintro
Revision as of 09:01, 18 April 2012 by imported>ThorstenStaerk (moved Set up sender verification to Set up your mail server for sending)

Overview

You have set up a mail server and do not want anyone to use it as spam-catapult. So you need sender verification in your postfix service. Only people who know their username and password shall be allowed to send mail.

Configure it

Authentication is done by saslauthd. So install saslauthd, in this case for SUSE Linux:

yast -i cyrus-sasl-saslauthd

Start the service:

/etc/init.d/saslauthd start

Make sure your authentication service is running:

/etc/init.d/saslauthd status 

has to deliver

running

Make sure the service starts on boot

chkconfig saslauthd on

In /etc/postfix/main.cf, set

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

In /etc/postfix/main.cf, add permit_sasl_authenticated to smtpd_recipient_restrictions. The resulting line may look like this:

smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination,
                               check_policy_service inet:127.0.0.1:60000

Restart Postfix

/etc/init.d/postfix restart

Test it

Start kmail, setup localhost as incoming and outgoing mail server. In kmail, change the sending account's authentication method to "LOGIN". Send a mail to testuser@localhost.

TroubleShooting

Authentication not enabled

Symptom

You get

Sending failed: Your SMTP server does not support authentication. The server responded: "5.5.1 Error: authentication not enabled"
Solution

You will need to modify /etc/postfix/main.cf, set

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

and restart postfix:

/etc/init.d/postfix restart

generic failure

Symptom

You get

Sending failed. Most likely the password is wrong. The server responded: "5.7.8 Error: authentication failed: generic failure"
Solution

You need to make sure your authentication service has been started:

/etc/init.d/saslauthd status

has to deliver

running

no authentication mechanism available

Symptom

You get

Sending failed: Your SMTP server does not support The server responded: "5.7.8 Error: authentication failed: no mechanism available"
Reson

You may have

  • plain
  • digest-md5
  • cram-md5

as authentication method in kmail.

Solution

Change this to Login.

no worthy mechanisms found

Symptom

You get

Sending failed: An error occurred during authentication: SASL(-4):no mechanism available: No worthy mechs found
Reason

You may have

  • GSSAPI

as authentication method in kmail.

Solution

Change this to Login.

no mail is sent

Symptom

Nothing happens and no mail is sent

Reason

You may have

  • NTLM

as authentication method in kmail.

Solution

Change this to Login.

See also