Configuration Summary

Following are step-by-step instructions summarizing the configuration described in this chapter. This is a broad overview of what’s required to set up your Postfix system with SASL:

1. Determine the authentication mechanisms and framework you plan to support.
2. Install the SASL libraries and recompile Postfix with SASL support. Or obtain a Postfix distribution with SASL, including support for the authentication mechanisms and SASL options you need.
3. Reinstall Postfix.
4. Create the file /usr/local/lib/sasl2/smtpd.conf. Enter either saslauthd or auxprop for pwcheck_method .
5. If you are using Unix passwords for authentication, start the saslauthd daemon, specifying the type of authentication in use on your system. Otherwise, use the saslpasswd2 command to create email accounts on your system.
6. Edit main.cf to turn on authentication. This requires that you enable SASL and that you specify that authenticated clients should be allowed to relay mail. A basic setup requires at least the following parameters:

   smtpd_sasl_auth_enable = yes
   smtpd_recipient_restrictions = permit_mynetworks,
      permit_sasl_authenticated, reject_unauth_destination
   

7. Reload Postfix so that it recognizes the changes in its main.cf configuration file:

   # postfix reload