Setting Up Postfix

In the case of Postfix, only the main configuration file,/etc/postfix/main.cf, needs to

be modified. Add or edit the following configuration directives:
1. Enable SMTP Authentication in the Postfix SMTP server:
smtpd_sasl_auth_enable = yes
2. Instruct Postfix to use theDovecot SASL implementation for SMTP Authentication:
smtpd_sasl_type = dovecot
3. Provide the authentication path relative to the Postfix queue directory (note that
the use of a relative path ensures that the configuration works regardless of whether
the Postfix server runs in achroot or not):
smtpd_sasl_path = private/auth
This step assumes that you want to use UNIX-domain sockets for communication
between Postfix and Dovecot. To configurePostfix to look forDovecot on a
different machine in case you use TCP sockets for communication, use configuration
values similar to the following:
smtpd_sasl_path = inet:127.0.0.1:12345
In the above example, 127.0.0.1 needs to be substituted by theIP address of the
Dovecot machine and 12345 by the port specified inDovecot's
/etc/dovecot/conf.d/10-master.conf configuration file.
4. Specify SASL mechanisms that thePostfix SMTP server makes available to clients.
Note that different mechanisms can be specified for encrypted and unencrypted
sessions.
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
The above example specifies that during unencrypted sessions, no anonymous
authentication is allowed and no mechanisms that transmit unencrypted user names
or passwords are allowed. For encrypted sessions (using TLS), only non-anonymous
authentication mechanisms are allowed.
See http://www.postfix.org/SASL_README.html#smtpd_sasl_security_options for a
list of all supported policies for limiting allowed SASL mechanisms.