Help Center

MailChannels Outbound Filtering - Setting up for Postfix


This guide provides instructions for updating the Postfix configuration to use MailChannels Outbound Filtering. Authentication with MailChannels is required and relatively simple to set up. 

For more advanced configuration scenarios, please refer to the online Postfix documentation.


Password Map

The first step is to create the password map. Postfix uses this for authentication. The MailChannels team will provide the SMTP username. The password for authentication can be generated by logging into the MailChannels Customer Console.

1. Create a text file named `password` in the `/etc/postfix` folder using the following command:

# touch /etc/postfix/password

2. Edit the password file and add the following entry in space-delimited format: <SMTP_username>:<SMTP_password>

Replace <SMTP_username> and <SMTP_password> with your actual SMTP credentials provided by MailChannels when you signed up for service. If you need these credentials, please contact

3. Save and close the file.

4. Set the correct permissions on the password file:

# chown root:root /etc/postfix/password
# chmod 0600 /etc/postfix/password

5. Create the hash map by running the following command:

# postmap hash:/etc/postfix/password


Postfix Smarthost Authentication

To enable authenticated sending through the MailChannels system, add the following configuration directives to your /etc/postfix/ file:

relayhost =
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/password
smtp_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtp_tls_security_level = may

The parameters used in the configuration directives are described in the following table:

Parameter Description
relayhost = Relays all mail via the `` mail service.
smtp_sasl_auth_enable = yes Indicates Cyrus-SASL support for authentication of mail servers.
smtp_sasl_password_maps = hash:/etc/postfix/password Sets the path to the `sasl_passwd` file.
smtp_sasl_security_options = noanonymous When empty (default), allows Postfix to use anonymous and plaintext authentication.
smtpd_sasl_authenticated_header = yes Logs the authenticated user ID in the received header to track user behavior and reputation.
smtp_tls_security_level = may Enables opportunistic TLS encryption outbound.
  1. Modify, save and close the file.
  2. Restart Postfix to apply the changes:

# /etc/init.d/postfix restart



To test your setup, follow these steps:

1. Create a text file with the desired email content. For example:

$ echo 'This is a test.' > /tmp/test

2. Send the test email to your desired recipient:

$ mail -s 'Test' < /tmp/test

3. Monitor the mail log for any potential issues:

# tail -f /var/log/mail.log

4. Clean up the temporary test file:

# rm /tmp/test


Helpful Hints

If you encounter "no mechanism available" error messages, you may be missing SASL authentication libraries.

- For Debian or Ubuntu, install the missing libsasl module


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


  • Avatar
    John Quaglieri

    To specify only certain domains use change

    relayhost =


    transport_maps = hash:/etc/postfix/transport

    create /etc/postfix/transport in the format of

    then run
    postmap hash:/etc/postfix/transport

    Using this only remote domains listed in the transport file would be used.

    Comment actions Permalink
  • Avatar
    Javier Cota

    Thank you I was able to get it configured and it is working now. The mail channels extension was a great tool to get the service working faster. I hope you reconsider updating and get it available in the near future.

    Javier Cota

    Comment actions Permalink
  • Avatar
    Dmitry Yatkevich

    any example how to exclude specific senders from relay? to send email directly

    Comment actions Permalink

Article is closed for comments.