Using postfix to send mail via 1and1 or other authenticated SMTP

We recently wanted to set up postfix on web servers so that it could send messages generated by the website code. We’re using 1and1’s hosted email, and wanted to send the email from a user whose mailbox was hosted with 1and1, rather than relaying the email through 1and1’s mail servers. For us, this has the advantage of having our mailboxes hosted and managed by 1and1, and having a local postfix queue on each web server which will hold onto the mail if there’s a problem at 1and1.

Background over, here’s how we configured postfix on Debian 5 (lenny).

Install prerequisites

This bit’s important. Postfix will quietly fail to authenticate with the 1and1 servers with an extremely un-descriptive warning in /var/log/mail.log. Install these unless you want to spend loads of time trying to puzzle out what’s gone wrong!

sudo apt-get install postfix sasl2-bin libsasl2-2 libsasl2-modules

Configure postfix

Postfix configuration happens in /etc/postfix/ Essentially, any parameter starting smtp_ relates to postfix sending email. Any starting smtpd_ relates to it receiving mail for sending on. For this exercise we want to disable the receipt of mail (apart from over the loopback interface).

The sections below show you why to make changes, and the attached main.txt, which you should rename to, shows the finished file.

Error Notices

These notices will email when something goes wrong

delay_warning_time = 2h
bounce_notice_recipient =
delay_notice_recipient =
error_notice_recipient =

Only allow mail to be sent, not received

We only want to send mail from our mail servers, we don’t want to receive it. Here’s how:

myhostname =
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydomain =
myorigin =
mydestination =
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces =
inet_protocols = ipv4


These lines enable SSL and set up the config:

smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_sasl_tls_security_options = noanonymous
tls_random_source = dev:/dev/urandom


Finally, we want to log in to 1and1’s servers to send the email. Here’s the configuration settings:

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous

Creating the password file

The “smtp_sasl_password_maps” configuration option above sets a file which will contain the username & password used to log on to 1and1. To do this, first of all, we create the file:

sudo su
echo '' > /etc/postfix/sasl_passwd
chown root.root /etc/postfix/sasl_passwd
chmod 600 /etc/postfix/sasl_passwd
vim /etc/postfix/sasl_passwd

Now we need to put the username & password in there. It’s of the form:


The email address ( should be of one of your mailboxes, and the password of that mailbox too. Once you have authenticated, you do not need to use the same email address to send from.

You should then save the file, and encrypt it as follows:

sudo postmap sasl_passwd

And then check:

sudo postfix check

And restart postfix:

sudo /etc/init.d/postfix restart

Testing postfix

To test postfix is working, try:

echo "Subject: Test"| sendmail -f -v

And then:

sudo tail -f /var/log/mail.log

to check that the email has been sent ok.


If you ever have trouble with postfix, edit /etc/postfix/ and change the line:

smtp      unix  -       -       -       -       -       smtp


smtp      unix  -       -       -       -       -       smtp -v

And restart postfix.

Useful Resources

Comments are closed.