MoinMoin Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • Start
  • Sitemap
Revision 12 as of 2021-05-25 12:10:34
  • Postfix

Postfix

Postfix is a very popular open source Mail Transfer Agent (MTA).

Steps for Ubuntu Ubuntu 14.04 LTS

  • apt-get update / apt-get install mailutils
  • apt-get install postfix
  • Choose ok, Internet Site
  • System mail name: bitarus.allowed.org
  • nano /etc/postfix/main.cf 

mydomain=bitarus.allowed.org
myhostname = mail.bitarus.allowed.org
smtpd_recipient_restrictions=permit_sasl_authenticated , reject_unauth_destination
relay_domains=
smtpd_sasl_auth_enable=yes
smtpd_sasl_security_options=noanonymous
smtpd_sasl_local_domain=$myhostname
broken_sasl_auth_clients=yes
smtpd_relay_restrictions=permit_sasl_authenticated
home_mailbox=Mailbox
mail_spool_directory=/var/mail
  • service --status-all
  • service postfix restart

User mail spool

  • touch /var/mail/userx
  • chown vitor:mail /var/mail/userx
  • chmod o-r /var/mail/userx
  • chmod g+rw /var/mail/userx

SASL

  • apt-get install libsasl2-2 sasl2-bin libsasl2-modules
  • nano /etc/default/saslauthd # change START=yes 

START=yes
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="shadow"
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
  • dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd

  • echo 'pwcheck_method: saslauthd' > /etc/postfix/sasl/smtpd.conf

  • usermod -a -G sasl postfix
  • service saslauthd start

Test starttls

  • openssl s_client -connect 127.0.0.1:25 -starttls smtp

Remove CRAM-MD5 authentication mechanism

  • Go to folder /usr/lib/x86_64-linux-gnu/sasl2
  • service postfix stop
  • mv *crammd5* /root
  • service postfix start

In python 2.7 the CRAM-MD5 is a preferred authentication method for login in smtplib. The current postfix advertises CRAM-MD5 but does not accept it if smtplib tries to authenticate with it. So CRAM-MD5 authentication mechanism was removed.

AWS restrictions to send outbound emails - port 25

  • https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/ 

AWS blocks outbound traffic on port 25 (SMTP) of all EC2 instances and Lambda functions by default. If you want to send outbound traffic on port 25, you can request for this restriction to be remove

  • https://docs.amazonaws.cn/en_us/AWSEC2/latest/UserGuide/ec2-resource-limits.html#port-25-throttle 

On all instances, Amazon EC2 restricts traffic on port 25 by default. You can request that this restriction be removed. For more information, see How do I remove the restriction on port 25 from my EC2 instance? in the AWS Knowledge Center.
  • MoinMoin Powered
  • Python Powered
  • GPL licensed
  • Valid HTML 4.01