Linux, Windows

Using Postfix to deliver mail using SMTP Authentication

Open or create the /etc/postfix/sasl_passwd file, using your favorite text editor:

nano /etc/postfix/sasl_passwd

Add your destination (SMTP Host), username, and password in the following format:

[mail.isp.example] username:password

If you want to specify a non-default TCP Port (such as 587), then use the following format:

[mail.isp.example]:587 username:password

Create the hash db file for Postfix by running the postmap command:

postmap /etc/postfix/sasl_passwd

If all went well, you should have a new file named sasl_passwd.db in the /etc/postfix/ directory.
Securing Your Password and Hash Database Files

The /etc/postfix/sasl_passwd and the /etc/postfix/sasl_passwd.db files created in the previous steps contain your SMTP credentials in plain text.
For security reasons, you should change their permissions so that only the root user can read or write to the file.
Run the following commands to change the ownership to root and update the permissions for the two files:

chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

Configuring to connect to the Relay Server
In this section, you will configure the /etc/postfix/ file to use the external SMTP server.

Open the /etc/postfix/ file with your favorite text editor:

nano /etc/postfix/

Update the relayhost parameter to show your external SMTP relay host.
If you specified a non-default TCP port in the sasl_passwd file,
then you must use the same port when configuring the relayhost parameter.

# specify SMTP relay host
relayhost = [mail.isp.example]:587

At the end of the file, add the following parameters to enable authentication:

# enable SASL authentication
smtp_sasl_auth_enable = yes
# disallow methods that allow anonymous authentication.
smtp_sasl_security_options = noanonymous
# where to find sasl_passwd
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# Enable STARTTLS encryption
smtp_use_tls = yes
# where to find CA certificates
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Save your changes and Restart Postfix:

service postfix restart

Testing PostfixPermalink

The fastest way to test your configuration is to send an email to any unrelated email address, using the mail command:

echo "body of your email" | mail -s "This is a Subject" -a "From:"

You may have to install mailutils to use the mail command:

sudo apt-get install mailutils

Alternatively, you can use Postfix’s own sendmail implementation, by entering lines similar to those shown below:

Subject: Test mail
This is a test email

Leave a Reply