Postfix SASL authentication with SMTP port 465:

 

By default postfix SMTP works on 25 port.  You can check this by following command with the output below:

#netstat -nat

tcp        0      0 0.0.0.0:25             0.0.0.0:*               LISTEN   


Here we will change the port to 465 with SASL authentication. It is useful technique to fight against spam. Users those travel here and there with their laptops need not to change their e-mail client software settings also.

Here is how we can do it.

 

Step 1. Edit the file /etc/dovecot.conf and make sure your auth default section has the lines below.

auth default {
socket listen {
  client {
  path = /var/spool/postfix/private/auth
  mode = 0660
  user = postfix
  group = postfix
    }
  }
  mechanisms = plain login
}


Step 2. Edit /etc/postfix/main.cf, find the keys below and change its values as follows or add it at the bottom of the file if the key (the word before the = sign) cannot be found.

mynetworks = 127.0.0.0/8
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =  permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = permit_sasl_authenticated

 

Step 3. Edit /etc/postfix/master.cf

Put hash before the following line.

#smtp      inet  n       -       -       -       -       smtpd

Remove hash from the following lines.

smtps     inet  n       -       -       -       -       smtpd
-o smtpd_sasl_auth_enable=yes

-o smtpd_client_restrictions=permit_sasl_authenticated,reject

Step 4. /etc/init.d/postfix restart

 

Step 5. /etc/init.d/dovecot restart

Now check the port again with the command:

#netstat -nat

tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN

 

Check more with telnet:

 

#telnet localhost 465