Written by James McDonald

March 3, 2014

Followed the mailgun documentation to get SASL relay working but was getting

SASL authentication failure: No worthy mechs found

Also found that the default configuration wasn’t finding the ca-bundle.crt

# /etc/postfix/main.cf
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = static:[email protected]:yourmailgunpassword
smtp_sasl_security_options = noanonymous
# add this line to point to ca-bundle
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtpd_tls_CApath = /etc/pki/tls/certs
smtpd_tls_cert_file = /etc/pki/tls/certs/smtpd.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may


Also discovered that there was a missing module

yum install cyrus-sasl-plain


Creating a self signed cert

cd /etc/pki/certs
make smtpd.pem


Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…


If you have Veeam backup failing with the Updating BCD failed with Cannot update SafeBoot flag and SentinelOne is...