Inbound SASL Support

Any email coming into ZixGateway from any source is considered inbound. Selecting the Inbound SASL option defines the ZixGateway appliance as a SASL server. This requires any email received from other servers to be SASL authenticated, with no distinction between inbound servers.

To define SASL support for inbound messages

  1. Login to ZixGateway appliance as zixadmin.
  2. Execute the following command substituting the SASL username for <USER>.

The SASL username must be the same as defined on the sending server (the SASL user defined in MS Exchange).

sudo saslpasswd2 -c -u `postconf -h myhostname` <USER>

Note: The “`” character is the grave accent, located at the top left position on your keyboard.

Use sudo saslpasswd2 -d -u `postconf -h myhostname` <USER> to remove a user name.

  1. Enter the password when prompted.
  2. Check to make sure that the database has accepted the username and password format by executing the following command.

    sudo sasldblistusers2
  3. Configure your mail client to authenticate the SMTP server using either MD5-CRAM or MD5-DIGEST for <USER>.

To configure SASL in ZixGateway Manager

  1. Select the Configure Server tab.
  2. Select the Secure Connection tab.
  3. Select Yes in the Enable Inbound SASL Support row.
  4. Click Apply.
  5. Select the System tab.
  6. Enter permit_sasl_authenticated in the Sender Restrictions box, just before the final permit. The list is comma separated.
  7. Click Apply.

Main Topic

SASL Support