How to configure postfix for per-sender SASL authentication
Posted
by
Marwan
on Server Fault
See other posts from Server Fault
or by Marwan
Published on 2012-09-11T02:13:56Z
Indexed on
2012/09/11
3:39 UTC
Read the original article
Hit count: 660
I have two gmail accounts, and I want to configure my local postfix server as a client which does SASL authentication with smtp.gmail.com:587 with credentials that depend on the sender address.
So, let's say that my gmail accounts are: [email protected]
and [email protected]
. If I sent a mail with [email protected]
in the FROM
header field, then postfix should use the credentials: [email protected]:psswd1
to do SASL authentication with gmail SMTP server. Similarly with [email protected]
, it should use [email protected]:passwd2
. Sounds fairly simple.
Well, I followed the postfix official documentation at http://www.postfix.org/SASL_README.html, and I ended up with the following relevant configurations:
/etc/postfix/main.cf
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
smtp_tls_security_level = secure
smtp_tls_CAfile = /etc/ssl/certs/Equifax_Secure_CA.pem
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
smtp_tls_session_cache_timeout = 3600s
smtp_tls_loglevel = 1
tls_random_source = dev:/dev/urandom
relayhost = smtp.gmail.com:587
/etc/postfix/sasl_passwd
[email protected] [email protected]:passwd1
[email protected] [email protected]:passwd2
smtp.gmail.com:587 [email protected]:passwd1
/etc/postfix/sender_relay
[email protected] smtp.gmail.com:587
[email protected] smtp.gmail.com:587
After I'm done with the configurations I did:
$ postmap /etc/postfix/sasl_passwd
$ postmap /etc/postfix/sender_relay
$ /etc/init.d/postfix restart
The problem is that when I send a mail from [email protected]
, the message ends up in the destination with sender address [email protected]
and NOT [email protected]
, which means that postfix always ignores the per-sender configurations and send the mail using the default credentials (the third line in /etc/postfix/sasl_passwd
above). I checked the configurations multiple times and even compared them to those in various blog posts addressing the same issue but found them to be more or less the same as mine. So, can anyone point me in the right direction, in case I'm missing something?
Many thanks.
© Server Fault or respective owner