Configure Postfix#

Set up an email server for EclecticIQ Intelligence Center before you proceed to configure email settings in EclecticIQ Intelligence Center system settings.

If you skip this step, you will still be able to configure email settings in EclecticIQ Intelligence Center. However, EclecticIQ Intelligence Center won’t be able to send any automatic notification messages, and it won’t be aware of any Intelligence Center user email addresses.

EclecticIQ Intelligence Center needs a configured email server to successfully create Intelligence Center users and to send password reset emails when users request it.


Postfix relies on Cyrus SASL to implement SASL (Simple Authentication and Security Layer).

Make sure the following Cyrus SASL components are installed on the system for Postfix to work as expected:

  • cyrus-sasl-lib-2.1.x or later

  • cyrus-sasl-plain-2.1.x or later

Install Cyrus SASL#

The cyrus-sasl-plain package requires the cyrus-sasl-lib library.

To install Cyrus SASL on your system:

  1. First, install the required Cyrus SASL library:

    yum install cyrus-sasl-lib
  2. Then, install the Cyrus SASL package supporting AUTH PLAIN and AUTH LOGIN authentication schemes:

    yum install cyrus-sasl-plain

About Postfix#

Postfix is the default email server shipped with the Intelligence Center.

If you want to enable email-based Intelligence Center features such as email notifications, first configure Postfix to handle email traffic.

Postfix configuration and setup may vary, depending on the target environment EclecticIQ Intelligence Center is installed on.

The following links point to relevant sections of the official Postfix documentation:

EclecticIQ Intelligence Center ships with an example Postfix configuration file you can use as a customizable template: /etc/postfix/

  • The default installation location of the Postfix configuration file is /etc/postfix.

  • The Postfix configuration file is

Configure Postfix#

To configure Postfix as the default email server for the Intelligence Center:

  1. Open in a text editor:

    vi /etc/postfix/

    Example file

    myhostname =
    mydomain =
    myorigin = $mydomain
    mydestination =
    relayhost = []:587
    inet_interfaces = loopback-only
    smtp_sasl_security_options = noanonymous
    smtp_sasl_auth_enable = yes
    smtp_use_tls = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
  2. Set the configuration parameters to appropriate values for your system.

    Links in the table below point to further details about the parameters on the Postfix official documentation.





    Defines the host name of EclecticIQ Intelligence Center host server where Postfix is installed.


    Defines the internet name of EclecticIQ Intelligence Center host server where Postfix is installed


    Defines the domain name to use as sent-from and send-to address for local email traffic.

    Automatic email messages generated by system processes such as cronjobs use the myorigin value for this purpose.

    $mydomain (domain with multiple machines)
    $myhostname (domain with one machine)


    Defines the list of domains the email server accepts email from.







    Defines the next-hop destination of non-local email.

    It identifies the next email handler in the chain of email servers handling non-local email traffic.

    Format: []:port

    [ ]:587


    Defines the network interface addresses Postfix receives mail on.



    Defines one or more SASL security options for the SMTP client.








    Enables/Disables SASL authentication.




    Enables/Disables a TLS layer when available on the remote server.

    For more information, see the Postfix TLS Support official documentation.




    Defines a lookup table with one or more lines, where each line contains a username:password pair, and a remote host name or a next-hop domain to identify:

    • The Remote host name, or the next-hop domain

    • The sender, by validating their username and password


    For more information, see the Postfix official documentation.

    # sasl_passwd file line examples:
    [ ]:587 username:password username:password


    Defines a lookup table with one or more SMTP client TLS security policies by next-hop destination.


    For more information, see the smtp_tls_policy_maps entry in - Linux man page.

    # tls_policy file line examples:
    [ ]:587 encrypt encrypt protocols=TLSv1 verify ciphers=high secure

Create the password map#

/etc/postfix/sasl_passwd is a text file containing a lookup table file to map the following information:

  • Next-hop domain or destination SMTP host

  • Email sender username

  • Email sender password

To add an entry to the /etc/postfix/sasl_passwd:

  1. Open the file in a text editor:

    nano /etc/postfix/sasl_passwd
  2. Enter the next-hop domain or destination SMTP host, email sender username, and email sender password in the following format:

    [mail.isp.example] username:password
  3. Optionally, you can specify a custom TCP port – the default mail submission port is 587:

    [mail.isp.example]:587 username:password

Create the hash file#

Create the hash db file for Postfix by running the postmap command:

postmap /etc/postfix/sasl_passwd

The command creates a new file: /etc/postfix/sasl_passwd.db.

Every time you make changes to /etc/postfix/sasl_passwd, you need to run the postmap command.

Start and enable the service#

  1. Enable the Postfix service to automatically start at system boot:

    systemctl enable postfix
  2. Start the Postfix service:

    systemctl restart postfix
  3. Verify that Postfix is up and running by checking the status:

    systemctl status postfix

Check file ownership#

The default owner of /etc/postfix is root:root.