How to configure Postfix with SMTP-AUTH over SASL2 with authentication against PAM in Ubuntu

I would like to submit emails to Postfix using smtp authentication. I will authenticate my smtp users against PAM.

Install sasl2:

apt-get install sasl2-bin

Add the following to /etc/postfix/sasl/smtpd.conf:

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

Create saslauthd’s config file copy to /etc/default/saslauthd-postfix so that is used from postfix:

cp /etc/default/saslauthd /etc/default/saslauthd-postfix

Update the following in /etc/default/saslauthd-postfix:

OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

Since we have chrooted saslauthd to postfix so its good to symlink it:

rm -rf /run/saslauthd
ln -s /var/spool/postfix/var/run/saslauthd /run/saslauthd

Create required subdirectories:

dpkg-statoverride --add root sasl 710 /var/spool/postfix/var/run/saslauthd

Setup proper permission by adding postfix to ‘sasl’ group:

adduser postfix sasl

Restart saslauthd service

systemctl restart saslauthd.service

Add the following directives to /etc/postfix/

smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

Restart postfix service

systemctl restart postfix.service

Create linux user

useradd postmaster

Test authentication using ‘swaks’ mailing utility :

swaks --from --to --tls --auth LOGIN --auth-user --auth-password 123pass --server

How to send emails over IPv4 with Postfix

“inet_protocols” directive is used to configure what Protocols Postfix should use to accept or make network connections. It also controls what DNS lookups Postfix will use.

On Ubuntu 16.10, we found Postfix(3.1.0) was configured to use both IPv6 and IPv4. See below :

inet_protocols = all        (enable IPv4, and IPv6 if supported)

IPv6 is always tried first and when it fails, it would try to deliver emails over IPv4. You can reconfigure it to listen on ipv4 IPs only :

vim /etc/postfix/

Replace “all” with “ipv4

inet_protocols = ipv4

Restart postfix

systemctl restart postfix.service