Deploy Postfix mail system (d) Set up SMTP authentication and alias mechanism

Source: Internet
Author: User
Tags mail

The common form of SMTP letter authentication is as follows: When a user sends a message to an external mail domain through the SMTP protocol, the server asks the user to provide a user account and password to authenticate, and only successful authenticated users are allowed to send messages externally, or they will reject the letter request.

In the Postfix messaging system, you can use the Cyrus SASL software to implement the basic SMTP authentication mechanism. Postfix to check the system account and password by calling CYRUSSASL's function library and using the authentication service SASLAUTHD provided by Cyrus SASL.

1, set up Cyrus SASL function library, and start SASLAUTHD service

[Root@localhost/] #vim/usr/lib/sasl2/smtpd.conf

PWCHECK_METHOD:SASLAUTHD//Set up to use SASLAUTHD service as authentication method

[Root@localhost/]#/ETC/INIT.D/SASLAUTHD Start//Open SASLAUTHD Service

[Root@localhost/] #chkconfig--level SASLAUTHD on//set level 35 do not boot

2, modify MAIN.CF configuration file, add SMTP authentication configuration, and overload service

In the above configuration parameters, the following lines of SMTP authentication are defined as follows:

Mynetworks: Used to control the network address or IP address that can be sent out via the server.

Smtpd_recipient_restrictions: Set the recipient address filtering rules, the matching policy is "from top to bottom" order, if there is a meeting policy, and immediately stop. A few common values are described below:

Permit_mynetworks: Allow IP addresses for Mynetworks customers to use this mail system to send mail.

Permit_sasl_authenticated: Allows users who are authenticated by SMTP to send outgoing messages.

Reject_unauth_destination: When the recipient address is not included in the Postfix's authorized network, the message is refused to be sent. (The authorized network includes domains and subdomains specified by configuration parameters such as Inet_interfaces, Mydestination, Relay_domain, and so on)

3. Verify SMTP Letter Authentication

Use the Telnet command to do a letter test, and the test is not an SMTP authentication condition.

To use SMTP letter authentication, you should change to "EHLO" (instead of helo) in the Telnet command to declare the native address, and log on by "Auth login" before you can send the message normally. User name, password string default using Base64 encoding format, using the OpenSSL tool can be generated.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.