Postfix SASL authentication with TLS

Some time we are facing problem to send mail using Email Client Software (Like Outlook)form different ISP/Network. To avoid this kind of inconvenience need to configure authentication from server. 


Step: 1

Ø  #vim /etc/dovecot/conf.d/10-master.conf        [ in older dovecot vim /etc/dovecot/dovecot.conf ]           

[Edit / Add the following Lines]


  # Postfix smtp-auth
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix
    group = postfix
  }


 Ø  #vim /etc/dovecot/conf.d/10-ssl.conf


Edit / Add the following Lines

# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>

ssl = yes



Step: 2
#vim /etc/postfix/main.cf


# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes

########## Enable TLS ########
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
######################################

smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

++++++++++++++++++++++++++++++++++++++++++++++++++++

Step 3: 

SMTP Port 25 disable  and Enable 

To enable port 587, edit the file /etc/postfix/master.cf
vim /etc/postfix/master.cf

and remove the # in front of the line:
 #submission inet n – n – – smtpd

so that it looks like this:
 submission inet n – n – – smtpd

and restart postfix:
 /etc/init.d/postfix restart


Step: 4 

To disable port 25, kill the process
netstat -ap | grep :
That will output the line corresponding to the process holding port . Then, look in the last column, you'll see /. Then execute this:
 
kill
If that doesn't work (you can check by re-running the netstat command). Do this:
 
kill -9

Comments

Post a Comment

Popular posts from this blog

Squid Configuration

#apt-get install squid Minimum Configuration:                    edit      http_port 8080   acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 add      acl our_network src 192.168.200.0/24   In the part “ # Recommended minimum configuration:”   add       http_access allow our_network http_access deny all   save & exit (Esc+Shift+:wq!) # /etc/init.d/squid restart
Read more

Squint Configure

1.       Download actual version of squint and extract it: http://www.ledge.co.za/software/squint/ wget www.ledge.co.za/software/squint/squint-0.3.18.tar.gz 2.       tar – zxvf squint-0.3.18.tar.gz         3.        cd squint-0.3.18            ##To see installation steps --- more INSTALL   ### 4.       cp squint.pl squint.cron.sh /usr/local/bin/ 5.         cd /usr/local/bin# restart squint.pl squint.cron.sh squint.cron.sh init 6.       squint.cron.sh all 7.       squint.cron.sh regen 8.       Now Edit BASEDIR=”/var/www/localhost/htdocs/squint”          ### unhash this Line and Changed to >     ...
Read more

Postfix SASL authentication with SMTP port 465:

  By default postfix SMTP works on 25 port.   You can check this by following command with the output below: #netstat -nat tcp        0      0 0.0.0.0:25             0.0.0.0:*               LISTEN    Here we will change the port to 465 with SASL authentication. It is useful technique to fight against spam. Users those travel here and there with their laptops need not to change their e-mail client software settings also. Here is how we can do it.   Step 1 . Edit the file /etc/dovecot.conf and make sure your auth default section has the lines below. auth default { socket listen {   client {    path = /var/spool/postfix/private/auth    mode = 0660    user = postfix    group = postfix     }   }   mechanisms = plain login } Step 2 . Edit /etc/postfix/main.cf , fin...
Read more

How to Change the Logo from Zimbra Admin Console

Image
To get a professional look, most of Mail Server Administrator wants to change the default Zimbra logo. Today I am going to show how to replace the Zimbra logo with  your own company logo.   Step:1 Firstly, logo size has to change as specified here, otherwise the image may not display correctly. ·          300x48 pixels (Login screen) ·          200x28 pixels (Zimbra interface, top left corner) Step: 2 Rename the logos as follows. LoginBanner_white.png AppBanner_white.png Step:3 Go to the Logo directory on zimbra and rename the existing default logos as backup: root@hmail:~# su zimbra zimbra@hmail:~$ /opt/zimbra/jetty_base/webapps/zimbra/skins/_base/logos$   LoginBanner_white_back.png AppBanner_white_back.png Step:4 Upload your own company images on Logo Directory and change the ownership permission of the images zimbra@hmail:~$ chown zimbra:zimbra LoginBan...
Read more