Postfix TLS on a null client
I pretty much have always been using ssmtp as a mail agent. ssmtp is a lightweight, easy to configure, nullmailer that supports AUTH and TLS. (Other nullmailers are listed here and here.)
I recently happened to install Ubuntu Linux on my ibook G3. On Ubuntu, installing ssmtp requires removing the meta-package ubuntu-base. In Ubuntu's words (see apt-cache show ubuntu-base):
So I decided not to uninstall ubuntu-base, and give postfix, the default mail agent in Ubuntu, a try.
Here was my need: using postfix as a null client to send emails through an SMTP server that uses AUTH and TLS. After having struggled a bit, I came up with the following working mail.cf configuration file:
My login/password is stored in the Berkeley DB file /etc/postfix/sasl/passwd.db, which was created using the command postmap(1) with the flag -i. Using other databases is possible, but using the Berkeley DB turned up straightforward.
I recently happened to install Ubuntu Linux on my ibook G3. On Ubuntu, installing ssmtp requires removing the meta-package ubuntu-base. In Ubuntu's words (see apt-cache show ubuntu-base):
It is safe to remove this package if some of the base system packages are not desired. However, it is recommended that you keep it installed, because it is used to carry out certain upgrade transitions (such as adding new packages to the system).
So I decided not to uninstall ubuntu-base, and give postfix, the default mail agent in Ubuntu, a try.
Here was my need: using postfix as a null client to send emails through an SMTP server that uses AUTH and TLS. After having struggled a bit, I came up with the following working mail.cf configuration file:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# default host to send non-local mail
relayhost = my.smtp.server
# do not receive mails from outside
inet_interfaces = loopback-only
# do not deliver email locally
local_transport = error:local delivery is disabled
# use TLS when a remote SMTP server announces STARTTLS support
smtp_use_tls = yes
# log TLS handshake and certificate information
smtp_tls_loglevel = 1
# log the hostname of a remote SMTP server that offers STARTTLS
smtp_tls_note_starttls_offer = yes
# enable SASL authentication in the Postfix SMTP server
smtp_sasl_auth_enable = yes
# SMTP client lookup table is /etc/postfix/sasl/passwd (Berkeley DB)
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
# disallow methods that allow anonymous authentication
smtp_sasl_security_options = noanonymous
My login/password is stored in the Berkeley DB file /etc/postfix/sasl/passwd.db, which was created using the command postmap(1) with the flag -i. Using other databases is possible, but using the Berkeley DB turned up straightforward.
posted by Eric Lemoine at
4:13 PM
0 Comments:
Post a Comment
<< Home