This guide provides instructions for updating the Postfix configuration to use MailChannels Outbound Filtering. Authentication with MailChannels is required and relatively simple to set up.
For more advanced configuration scenarios, please refer to the online Postfix documentation.
The first step is to create the password map. Postfix uses this for authentication. The MailChannels team will provide the SMTP username. The password for authentication can be generated by logging into the MailChannels Customer Console.
1. Create a text file named `password` in the `/etc/postfix` folder using the following command:
# touch /etc/postfix/password
2. Edit the password file and add the following entry in space-delimited format:
Replace <SMTP_username> and <SMTP_password> with your actual SMTP credentials provided by MailChannels when you signed up for service. If you need these credentials, please contact firstname.lastname@example.org
3. Save and close the file.
4. Set the correct permissions on the password file:
# chown root:root /etc/postfix/password
# chmod 0600 /etc/postfix/password
5. Create the hash map by running the following command:
# postmap hash:/etc/postfix/password
Postfix Smarthost Authentication
To enable authenticated sending through the MailChannels system, add the following configuration directives to your /etc/postfix/main.cf file:
relayhost = smtp.mailchannels.net
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/password
smtp_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtp_tls_security_level = may
The parameters used in the configuration directives are described in the following table:
|relayhost = smtp.mailchannels.net||Relays all mail via the `smtp.mailchannels.net` mail service.|
|smtp_sasl_auth_enable = yes||Indicates Cyrus-SASL support for authentication of mail servers.|
|smtp_sasl_password_maps = hash:/etc/postfix/password||Sets the path to the `sasl_passwd` file.|
|smtp_sasl_security_options = noanonymous||When empty (default), allows Postfix to use anonymous and plaintext authentication.|
|smtpd_sasl_authenticated_header = yes||Logs the authenticated user ID in the received header to track user behavior and reputation.|
|smtp_tls_security_level = may||Enables opportunistic TLS encryption outbound.|
- Modify, save and close the file.
- Restart Postfix to apply the changes:
# /etc/init.d/postfix restart
To test your setup, follow these steps:
1. Create a text file with the desired email content. For example:
$ echo 'This is a test.' > /tmp/test
2. Send the test email to your desired recipient:
$ mail -s 'Test' email@example.com < /tmp/test
3. Monitor the mail log for any potential issues:
# tail -f /var/log/mail.log
4. Clean up the temporary test file:
# rm /tmp/test
If you encounter "no mechanism available" error messages, you may be missing SASL authentication libraries.
- For Debian or Ubuntu, install the missing libsasl module