Part 1. Introduction.
Part 2. DBMail.
Part 3. Postfix.
Part 4. SASL.
Part 5. SPF. DKIM. DMARC. Clear headers. DNS PTR.
Install SASL.
apt install libsasl2-modules sasl2-bin
Add postfix user to sasl group.
adduser postfix sasl
Create /etc/postfix/sasl/smtpd.conf file.
pwcheck_method: saslauthd mech_list: PLAIN LOGIN
Edit /etc/default/saslauthd file.
START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="rimap" MECH_OPTIONS="localhost" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
Add the following lines to /etc/postfix/main.cf file.
smtpd_sasl_local_domain = $mydomain smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_type = cyrus smtpd_sasl_security_options = noanonymous smtpd_sasl_path = smtpd smtpd_sasl_exceptions_networks = $mynetworks smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
Restart services.
systemctl restart saslauthd systemctl restart postfix
Now, test mail server with your favorite email client program, such as Thunderbird.
imap mail.somewhere-in-the.space 993 SSL/TLS "Encrypted password" Username: admin smtp mail.somewhere-in-the.space 587 STARTTLS "Normal password" Username: admin
Now you can send and receive mail on all devices, but all outgoing messages will probably moved into spam by all major mail providers. Let’s see what we can do here.