“Standard” way it to route all mails posted by your users from your submission server to PMG (usually via port 26). On the other hand… if all mails are generally supposed to go through PMG – why not to make PMG to be your submission server? It’s easy!
Fist of all: you need sasl server. We will use Dovecot. Do the following steps on all PMG nodes:
Edit file
The steps below have to be done only on master node.
Change PMG configuration:
Create file
Apply new configuration:
That’s it! Well… almost. You need also users/passwords database. This is beyond scope of this tutorial. Read Dovecot documentation and find solution suitable for you.
Example:
On all nodes in your
On master node create file
...and you have now static user database with passwords stored in plaintext. (Just an example…)
Have fun!
Fist of all: you need sasl server. We will use Dovecot. Do the following steps on all PMG nodes:
Code:
apt install dovecot-coreEdit file
/etc/dovecot/conf.d/10-master.conf and inside service auth section, just below “# Postfix smtp-auth” comment make sure to have uncommnted this:
Code:
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}The steps below have to be done only on master node.
Change PMG configuration:
Code:
cd /etc/pmg/templates
ln -s /var/lib/pmg/templates/master.cf.in master.cf.distCreate file
/etc/pmg/templates/master.cf.in
Code:
[% INCLUDE 'master.cf.dist' %]
submission inet n - y - - smtpd
# -o myhostname=submission.yourdomain
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_authenticated_header=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o broken_sasl_auth_clients=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_authenticated_header=yes
[% IF pmg.mail.before_queue_filtering -%]
-o smtpd_proxy_filter=127.0.0.1:10023
-o smtpd_proxy_options=speed_adjust
-o smtpd_client_connection_count_limit=[% pmg.mail.conn_count_limit div 5 %]
[%- ELSE -%]
-o content_filter=scan:127.0.0.1:10023
[%- END %]
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
[% IF postfix.dnsbl_sites -%]
-o postscreen_dnsbl_sites=
-o postscreen_dnsbl_threshold=
[%- END %]Apply new configuration:
Code:
pmgconfig sync --restart 1That’s it! Well… almost. You need also users/passwords database. This is beyond scope of this tutorial. Read Dovecot documentation and find solution suitable for you.
Example:
On all nodes in your
/etc/dovecot/conf.d/10-auth.conf remove first # from line “#!include auth-static.conf.ext”. Place this in your /etc/dovecot/conf.d/auth-static.conf.ext:
Code:
passdb {
driver = passwd-file
args = /etc/pmg/templates/users.passwd
}On master node create file
/etc/pmg/templates/users.passwd:
Code:
myuser@mydomain:{PLAIN}mypassword...and you have now static user database with passwords stored in plaintext. (Just an example…)
Have fun!
Last edited:
