“Be yourself; everyone else is already taken.” – Oscar Wilde
Each account that you want to set up to be able to send and receive email has to be set up on the email server.
Simple Authentication and Security Layer (SASL) - is an authentication layer used in Internet protocols. SASL is not a protocol, but rather a framework that provides developers of applications and shared libraries with mechanisms for authentication, data integrity–checking, and encryption.
Specifically in our case it is Dovecot which provides the SASL to postfix to allow postfix to validate users.
So effectively it is Dovecot which is set up to give authentication to postfix for email accounts
Dovecot is configured to request UNIX login security when a user tries to connect. They give a user name and password and this is verified by the UNIX login and either accepted or rejected.
So first the email users must be defined in Unix.
The user to be created needs certain things and certain things limited. For example a directory needs to be created to allow storage of emails. Obviously the email user should not be allowed to login as a normal Unix user to the server.
In our case the command to set up the email user is:
sudo useradd --create-home -s /sbin/nologin emailusername;
the --create-home creates the needed directories
the -s /sbin/nologin means that they cannot login
the password for the user is then set with
sudo passwd emailusername
which requests
password
which is entered.
Note please choose a random password of at least 12 characters with alphabetic characters (upper and lower case) and numbers.
(There are look ups which permit encrypted known words to be looked up, so beware)
For each user enter the following
Note the characters in Blue need replaceing with your actual values.
sudo useradd --create-home -s /sbin/nologin user1;
sudo passwd user1;
then respond with password
New password: abcd1234FEGH5678;
Retype new password: abcd1234FEGH5678;
I found that certain accounts could not send emails until these steps were done to create the empty /etc/postfix/generic.db file.
Create the empty generic file with
sudo touch /etc/postfix/generic
Create the generic.db file from the generic text file
sudo postmap /etc/postfix/generic