SMTP authentication in Proxmox

np-prxmx

New Member
May 11, 2020
16
0
1
51
Hello everyone,
i'm new on PMG, after various researchesi haven't found any solution to set on proxmox the SMTP authentication. I setup my PMG to be a relay server to Office 365, but i would securize more my installation enable only smtp client auth to sent emails. How could i do this?.

Thanks in advance.
Regards
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
4,399
551
118
PMG is meant to be run between your border and your internal mail-server - this usually is deployed without SMTP-auth.
see https://pmg.proxmox.com/pmg-docs/pm...tion_into_existing_e_mail_server_architecture

This means there is no direct support for SMTP-Auth on PMG

Some users have enabled smtp-auth and relay directly via PMG - but this means you need to adapt the postfix configuration and also create a user database see
http://www.postfix.org/SASL_README.html
for authentication with postfix and
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine
for integration of the postfix configuration into PMG

I hope this helps!
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
Hello,
thanks for your suggestion.
Just i thing that i don't understand, when i copy the files i need to rewrite them?..
from main.cf.in to main.cf?
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
I have edit it, and execute pmgconfig sync --restart 1
But the modifications aren't display, do i lost something?
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
i've done postconf -d but the modifies aren't display.

Is there something to do more?

Thanks
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
I only have added this:

smtp_sasl_auth_enable = yes
smtp_tls_security_level = encrypt
smtp_sasl_tls_security_options = noanonymous


smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
ok, i have try with postconf -n but , seems that postfix not read from file in /etc/pmg/template/main.cf.in .. which permission folder need?

Thanks
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
4,399
551
118

np-prxmx

New Member
May 11, 2020
16
0
1
51
Yes was the "s" in templates.
But also, i have problems with configuration.
i need to use authentication clients to send emails...because i would set it for printes, scanners and other third applications.

Do you have some examples of other customers that had implement this?

Thanks
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
Hello, i've configured the postfix authentication and all.. but if i wanted to use relay only via authentication, so without "trudted network or relay domain", i got ever "relay access denied".

Where i m wrong? Is there any settings in proxmox that block my postfix config?

Thanks
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
4,399
551
118
without "trudted network or relay domain",
edit the postfix configuration templates (master.cf.in and main.cf.in) to reflect what you want and run pmgconfig sync
afterwards restart postfix
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
Hello, i've done.

I've insert this in main.cf.in:

'smtpd_sasl_auth_enable = yes'
'broken_sasl_auth_clients = yes'
'smtpd_sasl_security_options = noanonymous'
'smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination'

After do a pmgconfig sync --restart 1
and a postfix restart.. but if i don't insert or a trusted network or a trusted domain relay i give relay access denied.
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
4,399
551
118
check the rendered /etc/postfix/main.cf and also check /etc/postfix/master.cf

maybe you forgot to remove the above settings in the template?

else - try enabling the verbose output of the postfix daemons (http://www.postfix.org/DEBUG_README.html) - that should give you a hint why relaying is denied
 

np-prxmx

New Member
May 11, 2020
16
0
1
51
in main.cf and master.cf i never modified, but i check if changes are applied and yes they are.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!