{"id":68,"date":"2015-09-11T11:42:08","date_gmt":"2015-09-11T15:42:08","guid":{"rendered":"http:\/\/blog.voipxswitch.com\/?p=68"},"modified":"2015-09-14T13:39:52","modified_gmt":"2015-09-14T17:39:52","slug":"setup-an-smtp-server-with-user-authentication-using-postgres-postfix-and-dovecot-on-debian-8","status":"publish","type":"post","link":"https:\/\/blog.voipxswitch.com\/?p=68","title":{"rendered":"Setup an SMTP server with user authentication using postgres, postfix, and dovecot on Debian 8"},"content":{"rendered":"<p><strong>Please note: this tutorial assumes postgres is already setup and configured on the machine.<\/strong><br \/>\n<strong>Install &amp; configure the dovecot and postfix:<\/strong><\/p>\n<pre>apt-get install dovecot-core dovecot-pgsql postfix -y<\/pre>\n<p><strong>Provision the smtp database in postgres:<\/strong><\/p>\n<pre>su -c \"psql -c \\\"CREATE USER smtp WITH PASSWORD 'smtp';\\\"\" postgres\r\nsu -c \"psql -c \\\"CREATE DATABASE smtp WITH OWNER=smtp;\\\"\" postgres<\/pre>\n<p>Encrypt you password using doveadm tool and SHA512-CRYPT:<\/p>\n<pre>doveadm pw -s SHA512-CRYPT -p test1234 -r 100000\r\n************************\r\n<\/pre>\n<p>Create the SQL file with your one test user:<\/p>\n<pre>cat &gt; smtp.sql&lt;&lt;EOT\r\nCREATE TABLE users (\r\n\u00a0\u00a0\u00a0 id SERIAL,\r\n\u00a0\u00a0\u00a0 username VARCHAR(128) NOT NULL,\r\n\u00a0\u00a0\u00a0 password VARCHAR(512) NOT NULL,\r\n\u00a0\u00a0\u00a0 constraint username_key unique (username)\r\n);\r\ninsert into users (username, password) values ('emailuser01', '************************');\r\n\r\nEOT\r\n<\/pre>\n<p>Import your SQL table and test user:<\/p>\n<pre>psql -h localhost -d 'smtp' -U smtp -W &lt; smtp.sql<\/pre>\n<p><strong>Configure dovecot<\/strong><br \/>\nOpen <strong>\/etc\/dovecot\/conf.d\/10-master.conf<\/strong> in your favorite text editor and uncomment the following:<\/p>\n<pre>\u00a0 # Postfix smtp-auth\r\n\u00a0 unix_listener \/var\/spool\/postfix\/private\/auth {\r\n\u00a0\u00a0\u00a0 mode = 0666\r\n\u00a0 }\r\n<\/pre>\n<p>Enable SQL and login auth:<\/p>\n<pre>sed -i \"s\/auth_mechanisms = plain\/auth_mechanisms = plain login\/g\" \/etc\/dovecot\/conf.d\/10-auth.conf\r\nsed -i \"s\/\\!include auth-system.conf.ext\/#\\!include auth-system.conf.ext\/g\" \/etc\/dovecot\/conf.d\/10-auth.conf\r\nsed -i \"s\/#\\!include auth-sql.conf.ext\/\\!include auth-sql.conf.ext\/g\" \/etc\/dovecot\/conf.d\/10-auth.conf\r\n<\/pre>\n<p>Disable the default password scheme<\/p>\n<pre>sed -i \"s\/default_pass_scheme\/#default_pass_scheme\/g\" \/etc\/dovecot\/dovecot-sql.conf.ext<\/pre>\n<p>Enable SHA512-CRYPT and set database parameters<\/p>\n<pre>cat &gt;&gt;\/etc\/dovecot\/dovecot-sql.conf.ext&lt;&lt;EOT\r\ndefault_pass_scheme = SHA512-CRYPT\r\ndriver = pgsql\r\nconnect = host=localhost dbname=smtp user=smtp password='smtp'\r\npassword_query = select username as user, password from users where username = '%n';\r\n\r\nEOT\r\n<\/pre>\n<p><strong>Restart dovecot<\/strong><\/p>\n<pre>service dovecot restart\r\n<\/pre>\n<p><strong>Configure postfix to use dovecot for sasl<\/strong><\/p>\n<pre>postconf -e 'smtpd_sasl_type = dovecot'\r\npostconf -e 'smtpd_sasl_auth_enable = yes'\r\npostconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'\r\npostconf -e 'smtpd_sasl_path = private\/auth'\r\n<\/pre>\n<p><strong>Enable submission for clients on port tcp\/587<\/strong><\/p>\n<pre>sed -i \"s\/\\#submission\/submission\/g\" \/etc\/postfix\/master.cf\r\n<\/pre>\n<p><strong>Restart postfix<\/strong><\/p>\n<pre>service postfix restart\r\n<\/pre>\n<h3>Email client setup example<\/h3>\n<p>Now configure your mail client to use the SMTP server. For this example we will say the mail client is postfix and the smtp server we just setup has an IP of 192.168.0.186<\/p>\n<pre>192.168.0.186:587 emailuser01:test1234 &gt; \/etc\/postfix\/sasl_passwd<\/pre>\n<pre>postmap hash:\/etc\/postfix\/sasl_passwd<\/pre>\n<pre>cat &gt;&gt;\/etc\/postfix\/main.cf &lt;&lt;EOT\r\n\r\nsmtp_sasl_auth_enable = yes\r\nsmtp_sasl_mechanism_filter = plain, login\r\nsmtp_sasl_security_options = noanonymous\r\nsmtp_sasl_password_maps = hash:\/etc\/postfix\/sasl_passwd\r\nrelayhost = 192.168.0.186:587\r\n\r\nEOT\r\n<\/pre>\n<p><strong>Restart postfix<\/strong><\/p>\n<pre>service postfix restart<\/pre>\n<p><strong>Send test email<\/strong><\/p>\n<pre>echo \"TEST\" &gt; testemail\r\nmail -s \"TEST EMAIL\" me@myemaildomain.com &lt; testemail<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Please note: this tutorial assumes postgres is already setup and configured on the machine. Install &amp; configure the dovecot and postfix: apt-get install dovecot-core dovecot-pgsql postfix -y Provision the smtp database in postgres: su -c &#8220;psql -c \\&#8221;CREATE USER smtp WITH PASSWORD &#8216;smtp&#8217;;\\&#8221;&#8221; postgres su -c &#8220;psql -c \\&#8221;CREATE DATABASE smtp WITH OWNER=smtp;\\&#8221;&#8221; postgres Encrypt [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18,5,13,14],"tags":[],"class_list":["post-68","post","type-post","status-publish","format-standard","hentry","category-dovecot","category-email","category-postfix","category-smtp"],"_links":{"self":[{"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=\/wp\/v2\/posts\/68","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=68"}],"version-history":[{"count":18,"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=\/wp\/v2\/posts\/68\/revisions"}],"predecessor-version":[{"id":87,"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=\/wp\/v2\/posts\/68\/revisions\/87"}],"wp:attachment":[{"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=68"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=68"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.voipxswitch.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=68"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}