Introduction
Most important feature of the MTA's are the ability to control the relay. Most of the MTA's denies the relay from domains that are consider to be not local or hosts that are considered to be not in same subnet.
Postfix Relay
Postfix will relay the domains that are "considered to be local by default". These are specified in the main.cf file, but in sendmail there is a local file that contains the list of domains for relay. "hostname -f" which gives the FQDN of the server, by default postfix will accept the mails destined to its domain because it considered to be local. By using the "mydestination" directive the postfix accepts the mails that coming for the domains defined there. "mynetworks" and "mynetworks_style" also controls the relaying initially. All other domains are considered to be "only relayed if the relay is specifically defined".
The Basic relay configuration is done in postfix by
- mydestination
- mynetworks
- mynetworks_style
Configure the postfix to be used to relay only localhost
# vim /etc/postfix/main.cf
mynetworks = 127.0.0.1
mynetwork_style = host
# postfix reload
# postconf |grep mynetwork
SMTP Authentication:
SMTP auth is used to relay based on the user authentication, permitting roaming users.
We need the cyrus packages which will support the smtp authentication
Check the package availability by the following command. If not install all the cyrus packages
# rpm -qa |grep cyrus
# telnet localhost 25
ehlo
(have to get the 250-auth reply from the server)
# cd postfix-2.7
# make makefiles CCARG="-DUSE_SASL_AUTH -I/usr/include/sasl" AUXLIBS="-L/usr/lib -lsasl2"
# postfix stop
# make install
After installation of the postfix binaries include the derivatives that supports the smtp-auth in main.cf file
# vim /etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
#This enables the smtpd authentication
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
# postfix reload
Confirm the SMTP_AUTH supported
# telnet localhost 25
ehlo localhost
(Check for the 250-AUTH reply)
# tail /var/log/maillog
Now we have to configure the SASL to handle the SMTP authentication requests. Create the following file to invoke smtp authentication by SASL
# vim /usr/lib/sasl2/smtp.conf
pwcheck_method: saslauthd
mech_list: plain login
# service saslauthd start
# service postfix restart
# ps -ef |grep saslauth
Thank you for sharing such a wonderful Information !!
ReplyDeleteHere is a list of Top LINUX INTERVIEW QUESTIONS
Veritas Cluster Interview Questions
Redhat Cluster Suite Commands
SAMBA Server Interview Questions
Linux FTP vsftpd Interview Questions
SSH Interview Questions
Apache Interview Questions
Nagios Interview questions
IPTABLES Interview Questions
Ldap Server Interview Questions
LVM Interview questions
Sendmail Server Interview Questions
YUM Interview Questions
NFS Interview Questions
Tcpdump Command Examples & Usages
Example of YUM Commands
How to rewrite outgoing address in Postfix
Read More at :- Linux Troubleshooting