Tuesday, August 04, 2015

postfix - How to configure SMTP AUTH

A quick and dirty guide :)

Assume you alrady have postfix installed and running and want to configure SMTP AUTH in postfix.

Install SASL:
# yum install cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5

Update /etc/postfix/main.cf
# vim /etc/postfix/main.cf
Add the following:
# enable SASL authentication
smtpd_sasl_auth_enable = yes
# disallow methods that allow anonymous authentication.
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
# recipient restrictions
smtpd_recipient_restrictions = permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_rbl_client opm.blitzed.org,
        reject_rbl_client list.dsbl.org,
        reject_rbl_client sbl.spamhaus.org,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client dul.dnsbl.sorbs.net 

Add IPs into mynetworks:
mynetworks = 127.0.0.0/8,IP,[::1]/128


Restart postfix
# service postfix restart

Add users into sasl database:
# saslpasswd2 -c -u $hostname $user
# chown postfix:postfix /etc/sasldb2
# chmod 660 /etc/sasldb2

Configure sasl daemon itself:
# cat /etc/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5

You can use the following python script to test:
#!/usr/bin/python

SMTPserver = 'mail.stmp.com'
sender = 'support@smtp.com'
destination = ['tony@lixu.ca']

USERNAME = 'support@smtp.com'
PASSWORD = 'passwd'

# typical values for text_subtype are plain, html, xml
text_subtype = 'plain'

content="""\
This is a reminder that your accout is tony@lixu.ca
"""

subject="Account infor reminder"

import sys
import os
import re
from smtplib import SMTP
from email.MIMEText import MIMEText

try:
    msg = MIMEText(content, text_subtype)
    msg['Subject']=       subject
    msg['From']   = sender # some SMTP servers will do this automatically, not all

    conn = SMTP(SMTPserver)
    conn.set_debuglevel(False)
    conn.login(USERNAME, PASSWORD)

    try:
        conn.sendmail(sender, destination, msg.as_string())
    finally:
        conn.close()

except Exception, exc:
    sys.exit( "mail failed; %s" % str(exc) ) # give a error message

No comments: