SMTP authentication in Proxmox

np-prxmx

Member
May 11, 2020
46
5
13
55
Hello everyone,
i'm new on PMG, after various researchesi haven't found any solution to set on proxmox the SMTP authentication. I setup my PMG to be a relay server to Office 365, but i would securize more my installation enable only smtp client auth to sent emails. How could i do this?.

Thanks in advance.
Regards
 
PMG is meant to be run between your border and your internal mail-server - this usually is deployed without SMTP-auth.
see https://pmg.proxmox.com/pmg-docs/pm...tion_into_existing_e_mail_server_architecture

This means there is no direct support for SMTP-Auth on PMG

Some users have enabled smtp-auth and relay directly via PMG - but this means you need to adapt the postfix configuration and also create a user database see
http://www.postfix.org/SASL_README.html
for authentication with postfix and
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine
for integration of the postfix configuration into PMG

I hope this helps!
 
Hello,
thanks for your suggestion.
Just i thing that i don't understand, when i copy the files i need to rewrite them?..
from main.cf.in to main.cf?
 
I have edit it, and execute pmgconfig sync --restart 1
But the modifications aren't display, do i lost something?
 
i've done postconf -d but the modifies aren't display.

Is there something to do more?

Thanks
 
I only have added this:

smtp_sasl_auth_enable = yes
smtp_tls_security_level = encrypt
smtp_sasl_tls_security_options = noanonymous


smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 
ok, i have try with postconf -n but , seems that postfix not read from file in /etc/pmg/template/main.cf.in .. which permission folder need?

Thanks
 
Yes was the "s" in templates.
But also, i have problems with configuration.
i need to use authentication clients to send emails...because i would set it for printes, scanners and other third applications.

Do you have some examples of other customers that had implement this?

Thanks
 
Hello, i've configured the postfix authentication and all.. but if i wanted to use relay only via authentication, so without "trudted network or relay domain", i got ever "relay access denied".

Where i m wrong? Is there any settings in proxmox that block my postfix config?

Thanks
 
without "trudted network or relay domain",
edit the postfix configuration templates (master.cf.in and main.cf.in) to reflect what you want and run pmgconfig sync
afterwards restart postfix
 
Hello, i've done.

I've insert this in main.cf.in:

'smtpd_sasl_auth_enable = yes'
'broken_sasl_auth_clients = yes'
'smtpd_sasl_security_options = noanonymous'
'smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination'

After do a pmgconfig sync --restart 1
and a postfix restart.. but if i don't insert or a trusted network or a trusted domain relay i give relay access denied.
 
check the rendered /etc/postfix/main.cf and also check /etc/postfix/master.cf

maybe you forgot to remove the above settings in the template?

else - try enabling the verbose output of the postfix daemons (http://www.postfix.org/DEBUG_README.html) - that should give you a hint why relaying is denied
 
in main.cf and master.cf i never modified, but i check if changes are applied and yes they are.
 
How did you go with this? I am looking to do the same thing, Allowing external devices to send via 587 only with Auth.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!