Postfix: Configure a SmartHost with SMTP Authentication and TLS

A smart host is a type of mail relay server which allows an SMTP server to route e-mail to an intermediate mail server rather than directly to the recipient’s server. [Wikipedia]

This document aims to describe some simple steps to setup a Postfix eMail server with a SmartHost used to relay messages through. The SmartHost will be authenticated and secured trough TLS.

1. Create a password file in /etc/postfix/relay_password containing SMTP host, username and password (used for submission authentication) as shown:

smtp.relaydomain.ext USERNAME:PASSWORD

2. Secure the file against unwanted modifications and readings:

chmod 600 /etc/postfix/relay_password

3. Hash the file in order to create a passwords.db file

postmap /etc/postfix/relay_passwords

4. Configure Postfix, by editing /etc/postfix/

relayhost = [smtp.relaydomain.ext]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwords
smtp_sasl_security_options =
5. Check and then (if all seems to be ok) Reload postfix configuration
<pre lang="bash">
postfix check
postfix reload

To have some debug:

tail -f /var/log/mail.log