To configure client SMTP authentication (also known as smarthost authentication) in Postfix, follow these steps:
- Install the
sasl2-binpackage if it’s not already installed:sudo apt-get install sasl2-bin
- Create a new file in
/etc/postfix/sasldirectory for the authentication credentials. For example:sudo nano /etc/postfix/sasl/sasl_passwd
Add the following line to the file, replacing
smtp.gmail.comwith the hostname of your smarthost,USERNAMEwith your email address, andPASSWORDwith your email password:[smtp.gmail.com]:587 USERNAME@gmail.com:PASSWORD
- Set the permissions on the file so that only root can read and write it:
sudo chmod 600 /etc/postfix/sasl/sasl_passwd
- Create a Postfix lookup table for the SASL password file:
sudo postmap /etc/postfix/sasl/sasl_passwd
This will create a hashed version of the
sasl_passwdfile in the same directory (sasl_passwd.db). - Edit the
/etc/postfix/main.cfconfiguration file and add the following lines to enable client SMTP authentication:# Enable SASL authentication
smtp_sasl_auth_enable = yes
# Path to the saslauthd socket
smtp_sasl_path = smtpd
# Set the authentication method
smtp_sasl_security_options = noanonymous
# Set the SASL password lookup table
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
# Set the hostname of the smarthost
relayhost = [smtp.gmail.com]:587
Note that you should replace
smtp.gmail.comwith the hostname of your smarthost and the port number with the appropriate value if necessary. - Save and close the
main.cfconfiguration file, then restart the Postfix service:sudo systemctl restart postfix
With these configuration changes, your Postfix server should now be able to authenticate with the smarthost using the credentials you have provided in the sasl_passwd file. Any outgoing mail from your server will be relayed through the smarthost using these credentials.