Configure postfix to use Fastmail smtp
Fastmail provides outgoing smtp services to its users via an app-specific password. Postfix configuration can be set to use Fastmail’s servers for smtp with correct authentication headers (dkim, dmarc, spf). Before starting the postfix configuration, follow Fastmail’s directions for creating an app-specific password. Thanks to Tim Wild for noting preparation for the postfix configuration may require setting the server host name.
Install postfix
and associated packages for securing the connection. Select Internet Site during installation and set an appropriate FQDN.
$ sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules
Add the following lines to /etc/postfix/main.cf
relayhost = [smtp.fastmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes
The password is stored in the file /etc/postfix/sasl_passwd
with the following line. Replace the username with the email address used to connect to the Fastmail web page. The password is the app-specific password generated above.
[smtp.fastmail.com]:587 username:password
Fix the permissions
$ sudo chmod 400 /etc/postfix/sasl_passwd
And tell postfix about the password entry
$ sudo postmap /etc/postfix/sasl_passwd
Make a copy of the certificate for postfix if it was installed with the ca-certificates. If the certificate is not in /etc/ssl/certs
, download the certificate directly from Thawte’s Root Certificates page (Thawte Primary Root CA). Thanks to Jim Kalafut for noting the Thawte certificate may not be installed.
$ sudo cp /etc/ssl/certs/Thawte_Premium_Server_CA.pem /etc/postfix/cacert.pem
And reload
$ sudo /etc/init.d/postfix reload
Finally, a test email
$ echo "Test mail from postfix" | mail -s "Test Postfix" you@example.com
Information above based on a similar article located on easyengine.io.