Fastmail provides outgoing smtp services to its users via an app-specific password. Postfix configuration can be set to use Fastmail’s servers for smtp with correct authentication headers (dkim, dmarc, spf). Before starting the postfix configuration, follow Fastmail’s directions for creating an app-specific password. Thanks to Tim Wild for noting preparation for the postfix configuration may require setting the server host name.
postfix and associated packages for securing the connection. Select Internet Site during installation and set an appropriate FQDN.
$ sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules
Add the following lines to
relayhost = [smtp.fastmail.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_use_tls = yes
The password is stored in the file
/etc/postfix/sasl_passwd with the following line. Replace the username with the email address used to connect to the Fastmail web page. The password is the app-specific password generated above.
Fix the permissions
$ sudo chmod 400 /etc/postfix/sasl_passwd
And tell postfix about the password entry
$ sudo postmap /etc/postfix/sasl_passwd
Make a copy of the certificate for postfix if it was installed with the ca-certificates. If the certificate is not in
/etc/ssl/certs, download the certificate directly from Thawte’s Root Certificates page (Thawte Primary Root CA). Thanks to Jim Kalafut for noting the Thawte certificate may not be installed.
$ sudo cp /etc/ssl/certs/Thawte_Premium_Server_CA.pem /etc/postfix/cacert.pem
$ sudo /etc/init.d/postfix reload
Finally, a test email
$ echo "Test mail from postfix" | mail -s "Test Postfix" email@example.com