How to configure postfix for per-sender SASL authentication

Posted by Marwan on Server Fault See other posts from Server Fault or by Marwan
Published on 2012-09-11T02:13:56Z Indexed on 2012/09/11 3:39 UTC
Read the original article Hit count: 657

Filed under:
|
|
|
|

I have two gmail accounts, and I want to configure my local postfix server as a client which does SASL authentication with smtp.gmail.com:587 with credentials that depend on the sender address.

So, let's say that my gmail accounts are: [email protected] and [email protected]. If I sent a mail with [email protected] in the FROM header field, then postfix should use the credentials: [email protected]:psswd1 to do SASL authentication with gmail SMTP server. Similarly with [email protected], it should use [email protected]:passwd2. Sounds fairly simple.

Well, I followed the postfix official documentation at http://www.postfix.org/SASL_README.html, and I ended up with the following relevant configurations:

/etc/postfix/main.cf

    smtp_sasl_auth_enable = yes
    smtp_sasl_security_options = noanonymous
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay

    smtp_tls_security_level = secure
    smtp_tls_CAfile = /etc/ssl/certs/Equifax_Secure_CA.pem
    smtp_tls_CApath = /etc/ssl/certs
    smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
    smtp_tls_session_cache_timeout = 3600s
    smtp_tls_loglevel = 1
    tls_random_source = dev:/dev/urandom

    relayhost = smtp.gmail.com:587

/etc/postfix/sasl_passwd

    [email protected]      [email protected]:passwd1
    [email protected]      [email protected]:passwd2

    smtp.gmail.com:587  [email protected]:passwd1

/etc/postfix/sender_relay

    [email protected]      smtp.gmail.com:587
    [email protected]      smtp.gmail.com:587

After I'm done with the configurations I did:

    $ postmap /etc/postfix/sasl_passwd
    $ postmap /etc/postfix/sender_relay
    $ /etc/init.d/postfix restart

The problem is that when I send a mail from [email protected], the message ends up in the destination with sender address [email protected] and NOT [email protected], which means that postfix always ignores the per-sender configurations and send the mail using the default credentials (the third line in /etc/postfix/sasl_passwd above). I checked the configurations multiple times and even compared them to those in various blog posts addressing the same issue but found them to be more or less the same as mine. So, can anyone point me in the right direction, in case I'm missing something?

Many thanks.

© Server Fault or respective owner

Related posts about linux

Related posts about email