Setting up Postfix for outgoing mail

egrivel498 · March 29, 2026, 1:58pm

I am trying to use Postfix to set up a mail relay to my ISP, to allow me send out emails from the system. I have done this in the past through YaST, but now that that’s no longer available, I’m not sure how to set up Postfix on a Leap 16 system. I know I need both TLS (required by my ISP) and masquerading for this to work.

I tried setting up TLS through the main.cfg file, including self-signed certificates, but when postfix starts up it complains about warning: problem talking to server private/tlsmgr: No such file or directory and I have no idea how that’s possible, let alone how to fix it. I haven’t even gotten to the point where I somehow must enter my user name and password at the ISP.

Is there a replacement for the YaST configuration tools, which took care of most of the details of setting up services, on Leap 16? If not, can anyone help me through the Postfix setup?

Thanks,
Eric

egrivel498 · March 30, 2026, 1:24pm

Update: I uninstalled and re-installed postfix, resulting in a clean main.cfg file (and made a backup of that, which I should have done from the start). I then recreated the settings I have on my Leap 15.6 machine (where sending email through my hosting provider works). Now what I get in the /var/log/mail output is:

2026-03-30T09:03:08.158907-04:00 {mmm} postfix/smtp[7024]:
   A321340110: to=<{nnn}@{mmm}>, relay=mail.{ddd}.net[x.x.x.x]:465,
   delay=0.49, delays=0/0/0.41/0.08, dsn=5.0.0, status=bounced (host 
   mail.{ddd}.net[x.x.x.x] said: 550-Please turn on SMTP Authentication in your
   mail client.  {external DNS name at ISP} ({mmm) 550-[y.y.y.y]:35308 is not permitted
   to relay through this server without 550 authentication. (in reply to RCPT TO
   command))

(linebreaks added for readability, names and IP addresses masked ({mmm} = machine, x.x.x.x = IP address, {ddd} = domain at my hosting provider, {nnn} = name).

Basically, it says I have to turn on SMTP authentication. This is the relevant section of my main.cf file (again, with names redacted):

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = 
smtp_sasl_password_maps = lmdb:/etc/postfix/sasl_passwd
smtpd_sasl_auth_enable = no

smtp_tls_security_level = encrypt
smtp_tls_CApath = /etc/postfix/ssl/cacerts

smtp_tls_wrappermode = yes

myhostname = {mmm}
masquerade_domains = {ddd}.net
masquerade_exceptions = root {nnn}
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks_style = host
relayhost = [mail.{ddd}.net]:465

smtp_generic_maps = lmdb:/etc/postfix/generic

I did run postmap on both the lmdb files, restarted postfix (even restarted the whole computer).

I must be missing something… something that Leap 15.6 did behind the scenes that I didn’t realize?

Thanks,
Eric

malcolmlewis · March 30, 2026, 2:21pm

@egrivel498 Hi, perhaps check SELinux?

pavinjoseph · March 30, 2026, 4:24pm

The config looks okay.

Maybe a permission issue, the sasl_passwd plaintext file and its corresponding binary must be owned and readable by only root. 🫜

What’s the output of:

ll /etc/postfix/sasl_passwd*
postmap -q 'mail.{ddd}.net' /etc/postfix/sasl_passwd

egrivel498 · March 30, 2026, 9:11pm

Thanks, double-checking the files and permissions made me realize I created a file sasl_passw with the last letter d missing. I feel so stupid! So of course it wasn’t finding the configuration, the sasl_passwd file (which already existed, but only with comments explaining its usage) didn’t have anything.

Now the emails are going out. They still don’t seem to get delivered, so I will do some more troubleshooting, but at least I’m over this hump.

Thanks!

system · April 29, 2026, 9:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.