SMTP Auth Menggunakan Postfix

Informasi Teknis
by vimanamail : Informasi Teknis

Berikut adalah contoh pengiriman email menggunaan Postfix Authentication dengan TLS.
Pastikan Anda memiliki account vimana aktif dengan domain yang teregister untuk pengiriman email.

Username: vimanamail_smtpuser
Password : vimanamail_smtppassword

Konfigurasi ini berjalan pada Server Linux ubuntu 18 atau di atasnya, pastikan sudah memiliki OS yang sesuai dan silahkan ikuti panduan.

Installasi Postfix dan Stunnel

#update pakage OS
apt update && apt upgrade -y

#instalasi pakage postfix dan juga modul Libsasl2 dan stunnel
apt install postfix libsasl2-modules stunnel -y

#check service postfix
systemctl status postfix

#check service stunnel
systemctl status stunnel4

#Backup semua configure postfix yang ada
cp /etc/postfix/main.cf /etc/postfix/main.cf.backup
cp /etc/postfix/master.cf /etc/postfix/master.cf.backup

Cek komunikasi network

telnet smtp.defend.my.id 465

Konfigurasi Stunnel /etc/default/stunnel4

######################################
# /etc/default/stunnel
# Julien LEMOINE <speedblue@debian.org>
# September 2003

# Change to one to enable stunnel automatic startup
ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""

# Change to one to enable ppp restart scripts
PPP_RESTART=0

# Change to enable the setting of limits on the stunnel instances
# For example, to set a large limit on file descriptors (to enable
# more simultaneous client connections), set RLIMITS="-n 4096"
# More than one resource limit may be modified at the same time,
# e.g. RLIMITS="-n 4096 -d unlimited"
RLIMITS=""

Konfigurasi /etc/stunnel/stunnel.conf

client = yes
output = /etc/stunnel/stunnel.log

[smtp-tls-wrapper]
accept = 11125
connect = smtp.defend.my.id:465

Konfigurasi Postfix /etc/postfix/main.cf

Note konfigurasi main.cf :
pada opsi mynetworks anda dapat melakukan setting sesuai dengan network yang dapat dijinkan mengakses smtp postfix
contoh 172.16.0.0/16

################# main.cf ####################
relayhost = [127.0.0.1]:11125

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

################################END#######################################

Konfigurasi SASL /etc/postfix/sasl_passwd

127.0.0.1:11125 vimanamail_smtpuser:vimanamail_smtppassword

Finalisasi

postmap /etc/postfix/sasl_passwd
systemctl restart stunnel4 postfix

Testing Menggunakan Command Prompt

AUTH LOGIN menggunakan base64.
Lakukan encode untuk SMTP user dan juga password ke base64 berikut alamat link https://www.base64encode.org/

root@ubuntu20-ts:/home/ts# telnet 127.0.0.1 11125
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 vimanamail smtp
EHLO server1 
250-vimanamail smtp Hello server1
250 AUTH PLAIN LOGIN CRAM-MD5
AUTH LOGIN 
334 VXNlcm5hbWU6
base64_vimanamail_smtpuser
334 UGFzc3dvcmQ6
base64_vimanamail_smtppassword
235 Authentication successful
MAIL FROM: admin@YOURDOMAIN
250 Ok
rcpt to: dest@DESTDOMAIN
250 Ok
DATA 
354 End data with <CR><LF>.<CR><LF>
SUBJECT: TEST MAIL
TEST MAIL
.
250 Ok
^]
telnet> quit

note : server1 di ganti dengan FQDN server anda

Testing Swaks

AUTH LOGIN tidak base64

swaks -s ‘127.0.0.1:12525’ -f ‘pengirim@domain.co.id’ -t ‘penerima@gmail.com’ –auth

swaks -s '127.0.0.1:12525' -f 'pengirim@domain.co.id' -t  'penerima@gmail.com' --auth
Username: username
Password: password
=== Trying 127.0.0.1:12525...
=== Connected to 127.0.0.1.
<-  220 vimanamail smtp
 -> EHLO smtpoutserver
<-  250-vimanamail smtp Hello smtpoutserver
<-  250 AUTH PLAIN LOGIN CRAM-MD5
 -> AUTH CRAM-MD5
<-  334 PDUzMDI4MTg4Mi4x34342324taS5hdXRoPg==
 -> cHJvc3Blcml0YTIxMDIgMmQ2Z34234242352fZGQwMTgxM2RmMjdjMjM0ODM3MDI=
<-  235 Authentication successful
 -> MAIL FROM:<pengirim@domain.co.id>
<-  250 Ok
 -> RCPT TO:<penerima@gmail.com>
<-  250 Ok
 -> DATA
<-  354 End data with <CR><LF>.<CR><LF>
 -> Date: Thu, 30 Mar 2023 14:39:28 +0700
 -> To: penerima@gmail.com
 -> From: pengirim@prosperita.co.id
 -> Subject: test Thu, 30 Mar 2023 14:39:28 +0700
 -> Message-Id: <20230330143928.219349@smtpoutserver>
 -> X-Mailer: swaks v20190914.0 jetmore.org/john/code/swaks/
 -> 
 -> This is a test mailing
 -> 
 -> 
 -> .
<-  250 Ok
 -> QUIT
<-  221 goodbye
=== Connection closed with remote host.

Testing Menggunakan ThunderBird

Pengaturan outgoing  

Arahkan ke IP POSTFIX diatas dengan tujuan Port 25 dan lakukan test Kirim email

# Pastikan contoh log terkirim sebagai berikut 

root@ubuntu20-ts:/home/ts# tail -f /var/log/mail.log 
Jun 22 03:05:22 ubuntu20-ts postfix/smtpd[36256]: connect from unknown[x.x.x.x]
Jun 22 03:05:22 ubuntu20-ts postfix/smtpd[36256]: C5D1B480C2E: client=unknown[x.x.x.x]
Jun 22 03:05:22 ubuntu20-ts postfix/cleanup[36260]: C5D1B480C2E: message-id=<38107803-f86a-eea6-be09-2cc8735c02e0@YOURDOMAIN>
Jun 22 03:05:22 ubuntu20-ts postfix/qmgr[28625]: C5D1B480C2E: from=<sender@YOURDOMAIN>, size=655, nrcpt=1 (queue active)
Jun 22 03:05:22 ubuntu20-ts postfix/smtpd[36256]: disconnect from unknown[x.x.x.x] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jun 22 03:05:23 ubuntu20-ts postfix/smtp[36261]: C5D1B480C2E: to=<target@DESTDOMAIN>, relay=127.0.0.1[127.0.0.1]:11125, delay=0.38, delays=0.04/0.01/0.07/0.27, dsn=2.0.0, status=sent (250 Ok)
Jun 22 03:05:23 ubuntu20-ts postfix/qmgr[28625]: C5D1B480C2E: removed