SMTP Auth Menggunakan Postfix

Informasi Teknis
by vimanamail Informasi Teknis

Berikut adalah contoh pengiriman email menggunaan Postfix Authentication dengan TLS.
Pastikan Anda memiliki account vimana aktif dengan domain yang teregister untuk pengiriman email.

Username: vimanamail_smtpuser
Password : vimanamail_smtppassword

Konfigurasi ini berjalan pada Server Linux ubuntu 18 atau di atasnya, pastikan sudah memiliki OS yang sesuai dan silahkan ikuti panduan.

Installasi Postfix dan Stunnel

#update pakage OS
apt update && apt upgrade -y

#instalasi pakage postfix dan juga modul Libsasl2 dan stunnel
apt install postfix libsasl2-modules stunnel -y

#check service postfix
systemctl status postfix

#check service stunnel
systemctl status stunnel4

#Backup semua configure postfix yang ada
cp /etc/postfix/main.cf /etc/postfix/main.cf.backup
cp /etc/postfix/master.cf /etc/postfix/master.cf.backup

Cek komunikasi network

telnet smtp.defend.my.id 465

Konfigurasi Stunnel /etc/default/stunnel4

######################################
# /etc/default/stunnel
# Julien LEMOINE <speedblue@debian.org>
# September 2003

# Change to one to enable stunnel automatic startup
ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""

# Change to one to enable ppp restart scripts
PPP_RESTART=0

# Change to enable the setting of limits on the stunnel instances
# For example, to set a large limit on file descriptors (to enable
# more simultaneous client connections), set RLIMITS="-n 4096"
# More than one resource limit may be modified at the same time,
# e.g. RLIMITS="-n 4096 -d unlimited"
RLIMITS=""

Konfigurasi /etc/stunnel/stunnel.conf

client = yes
output = /etc/stunnel/stunnel.log

[smtp-tls-wrapper]
accept = 11125
connect = smtp.defend.my.id:465

Konfigurasi Postfix /etc/postfix/main.cf

Note konfigurasi main.cf :
pada opsi mynetworks anda dapat melakukan setting sesuai dengan network yang dapat dijinkan mengakses smtp postfix
contoh 172.16.0.0/16

################# main.cf ####################
relayhost = [127.0.0.1]:11125

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

################################END#######################################

Konfigurasi SASL /etc/postfix/sasl_passwd

127.0.0.1:11125 vimanamail_smtpuser:vimanamail_smtppassword

Finalisasi

postmap /etc/postfix/sasl_passwd
systemctl restart stunnel4 postfix

Testing Menggunakan Command Prompt

AUTH LOGIN menggunakan base64.
Lakukan encode untuk SMTP user dan juga password ke base64 berikut alamat link https://www.base64encode.org/

root@ubuntu20-ts:/home/ts# telnet 127.0.0.1 11125
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 vimanamail smtp
EHLO server1 
250-vimanamail smtp Hello server1
250 AUTH PLAIN LOGIN CRAM-MD5
AUTH LOGIN 
334 VXNlcm5hbWU6
base64_vimanamail_smtpuser
334 UGFzc3dvcmQ6
base64_vimanamail_smtppassword
235 Authentication successful
MAIL FROM: admin@YOURDOMAIN
250 Ok
rcpt to: dest@DESTDOMAIN
250 Ok
DATA 
354 End data with <CR><LF>.<CR><LF>
SUBJECT: TEST MAIL
TEST MAIL
.
250 Ok
^]
telnet> quit

note : server1 di ganti dengan FQDN server anda

Testing Swaks

AUTH LOGIN tidak base64

swaks -s ‘127.0.0.1:12525’ -f ‘pengirim@domain.co.id’ -t ‘penerima@gmail.com’ –auth

swaks -s '127.0.0.1:12525' -f 'pengirim@domain.co.id' -t  'penerima@gmail.com' --auth
Username: username
Password: password
=== Trying 127.0.0.1:12525...
=== Connected to 127.0.0.1.
<-  220 vimanamail smtp
 -> EHLO smtpoutserver
<-  250-vimanamail smtp Hello smtpoutserver
<-  250 AUTH PLAIN LOGIN CRAM-MD5
 -> AUTH CRAM-MD5
<-  334 PDUzMDI4MTg4Mi4x34342324taS5hdXRoPg==
 -> cHJvc3Blcml0YTIxMDIgMmQ2Z34234242352fZGQwMTgxM2RmMjdjMjM0ODM3MDI=
<-  235 Authentication successful
 -> MAIL FROM:<pengirim@domain.co.id>
<-  250 Ok
 -> RCPT TO:<penerima@gmail.com>
<-  250 Ok
 -> DATA
<-  354 End data with <CR><LF>.<CR><LF>
 -> Date: Thu, 30 Mar 2023 14:39:28 +0700
 -> To: penerima@gmail.com
 -> From: pengirim@prosperita.co.id
 -> Subject: test Thu, 30 Mar 2023 14:39:28 +0700
 -> Message-Id: <20230330143928.219349@smtpoutserver>
 -> X-Mailer: swaks v20190914.0 jetmore.org/john/code/swaks/
 -> 
 -> This is a test mailing
 -> 
 -> 
 -> .
<-  250 Ok
 -> QUIT
<-  221 goodbye
=== Connection closed with remote host.

Testing Menggunakan ThunderBird

Pengaturan outgoing  

Arahkan ke IP POSTFIX diatas dengan tujuan Port 25 dan lakukan test Kirim email

# Pastikan contoh log terkirim sebagai berikut 

root@ubuntu20-ts:/home/ts# tail -f /var/log/mail.log 
Jun 22 03:05:22 ubuntu20-ts postfix/smtpd[36256]: connect from unknown[x.x.x.x]
Jun 22 03:05:22 ubuntu20-ts postfix/smtpd[36256]: C5D1B480C2E: client=unknown[x.x.x.x]
Jun 22 03:05:22 ubuntu20-ts postfix/cleanup[36260]: C5D1B480C2E: message-id=<38107803-f86a-eea6-be09-2cc8735c02e0@YOURDOMAIN>
Jun 22 03:05:22 ubuntu20-ts postfix/qmgr[28625]: C5D1B480C2E: from=<sender@YOURDOMAIN>, size=655, nrcpt=1 (queue active)
Jun 22 03:05:22 ubuntu20-ts postfix/smtpd[36256]: disconnect from unknown[x.x.x.x] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jun 22 03:05:23 ubuntu20-ts postfix/smtp[36261]: C5D1B480C2E: to=<target@DESTDOMAIN>, relay=127.0.0.1[127.0.0.1]:11125, delay=0.38, delays=0.04/0.01/0.07/0.27, dsn=2.0.0, status=sent (250 Ok)
Jun 22 03:05:23 ubuntu20-ts postfix/qmgr[28625]: C5D1B480C2E: removed