Postfix and SMTP AUTH on OS X Lion

The standard instructions for configuring postfix to use authenticated SMTP to use authentication when forwarding to a relay host did not work for me on OS X Lion. For future searchers here is how I made it work.

  1. Create the file /etc/postfix/sasl_passwd as described in the standard docs, i.e. at least one line containing:
    server username:password
    and set the permissions using sudo chmod 600 /etc/postfix/sasl_passwd.
  2. Make the db version used by postfix: sudo postmap /etc/postfix/sasl_passwd (the new file will inherit the permissions of the original file).
  3. If you have upgraded from a previous version of OS X, particularly if you modified your postfix configs, follow the advice in the section below before continuing.
  4. To tell postfix to use authenticated SMTP, add the following lines to /etc/postfix/

    mydomain = <>
    mydomain_fallback = localhost
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

    If your domain’s MX records do not specify your relayhost then you must also set the relayhost line.
  5. postfix on OS X runs “on demand” so there is no need to instruct it to reload its configuration. The log file is in the standard UNIX location, /var/log/mail.log.

Upgrading from Snow Leopard

I had previously had this postfix setup working under Snow Leopard, and the upgrade process appeared to have preserved my configuration settings so I was surprised to see that after upgrading to Lion, my smarthost was not accepting mail.

Examining the files in /etc/postfix I noticed that in addition to my customised there was also a file called which was modified the date I had upgraded to Lion. Comparing the two files showed a number of subtle differences but after being unable to determine why postfix was not authenticating to my upstream server, I decided to copy it over my customised and re-apply my changes.

Having done this, the mailq command gave me the following error:
postfix[17922]: fatal: bad string length 0 < 1: setgid_group =
Setting setgid_group = _postdrop in fixed that but then I hit another error:
fatal: file /etc/postfix/ parameter mail_owner: user postfix has same user ID as _postfix
Resolving this required me to change the value of mail_owner from postfix to _postfix but I don’t know if this is a bug in Apple’s supplied or an artefact of my user and group information evolving from a 10.6 install to 10.7.

2 thoughts on “Postfix and SMTP AUTH on OS X Lion

  1. Hey Nathan,

    This is the first time I’m setting up postfix on my Mac and I’ve been trying to wrap my head around this issue for over a week now…

    I’m not quite there just yet (these things happen when you listen to the Internet) but your article got me real close, I can feel it!

    Since there were no comments on this useful post, I thought I’d be the first to thank you : )

    If it helps anyone else, here’s another link that was very helpful to me from the Apple Support Communites :

    Local Mail Server for Lion

    Man I wish I had found these posts from the get go…


    Stéphane Thibault
    Montreal, QC, Canada

  2. Hey, I just found your post while searching for the ‘user postfix has same user ID as _postfix’ and although it’s an old post I wanted to share the solution as it’s still high in google 😉

    Add the following to /etc/postfix/

    mail_owner = _postfix
    setgid_group = _postdrop

Comments are closed.