Step-by-Step Guide to Configure Postfix with SASL Authentication on Ubuntu

1. Parse domain (prevent emails from going to spam): Set the A record of mail.fogsvc.com to your server IP, add an MX record pointing to mail.fogsvc.com with priority 10, and create a TXT record v=spf1 mx -all.

2. Install Postfix: apt-get install postfix. After installation you can send a test email, e.g.,

echo "Test email body" | mail -s "Email Subject" [email protected]

. Ensure the email does not land in the spam folder after DNS is correctly configured.

3. Install Cyrus‑SASL: apt-get install sasl2-bin.

4. Configure Postfix: Add the following lines to /etc/postfix/main.cf (or appropriate config file):

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination reject_unauth_destination
myhostname = mail.daliycode.com
mydomain = fogsvc.com
myorigin = $mydomain
mydestination = $myhostname.localhost.$mydomain,localhost,$mydomain
mynetworks = 127.0.0.0/8
home_mailbox = Maildir/
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = ipv4
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
broken_sasl_auth_clients = yes
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
message_size_limit = 15728640

5. Create smtpd.conf file: For 32‑bit machines edit /etc/postfix/sasl/smtpd.conf (or /usr/lib/sasl2/smtpd.conf on other systems) and add:

pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM

6. Create authentication user with saslpasswd2 : saslpasswd2 -c -u fogsvc.com admin (you will be prompted to enter the password twice).

7. Copy SASL database to Postfix's accessible directory (Ubuntu restriction): cp -a /etc/sasldb2 /var/spool/postfix/etc/.

8. Add Postfix to the SASL group and set permissions:

gpasswd -a postfix sasl

chmod 640 /var/spool/postfix/etc/sasldb2

sasldblistusers2 -f /var/spool/postfix/etc/sasldb2

9. Test SMTP authentication: Connect via telnet and authenticate:

telnet localhost 25
auth login
334 VXN1cm5hbWU6   # server prompts for username (base64 encoded)
[enter base64‑encoded username]
334 UGFzc3dvcmQ6   # server prompts for password
[enter base64‑encoded password]
235 2.7.0 Authentication successful

10. Configure your web application’s SMTP settings with the created credentials and send a test email.

After completing these steps, your Ubuntu server should be able to send authenticated emails reliably.