diff --git a/nixos/tests/postfix.nix b/nixos/tests/postfix.nix
index 8bd4afe1ba8b..4a20a99b28f6 100644
--- a/nixos/tests/postfix.nix
+++ b/nixos/tests/postfix.nix
@@ -19,6 +19,19 @@ import ./make-test-python.nix {
             certs.${domain}.key
             certs.${domain}.cert
           ];
+          smtpd_sasl_auth_enable = "yes";
+          cyrus_sasl_config_path =
+            let
+              smtpdConf = pkgs.writeTextFile {
+                name = "smtpd.conf";
+                destination = "/etc/sasl2/smtpd.conf";
+                text = ''
+                  pwcheck_method: saslauthd
+                  mech_list: PLAIN LOGIN
+                '';
+              };
+            in
+            "${smtpdConf}/etc/sasl2";
         };
         submissionsOptions = {
           smtpd_sasl_auth_enable = "yes";
@@ -26,10 +39,17 @@ import ./make-test-python.nix {
           milter_macro_daemon_name = "ORIGINATING";
         };
       };
+      services.saslauthd.enable = true;
 
       security.pki.certificateFiles = [
         certs.ca.cert
       ];
+      security.pam.services = {
+        # note: no 'd' on the end!
+        smtp = {
+          name = "smtp";
+        };
+      };
 
       networking.extraHosts = ''
         127.0.0.1 ${domain}
@@ -72,11 +92,49 @@ import ./make-test-python.nix {
                               'Subject: Test SMTPS\n\nTest data.')
                 smtp.quit()
           '';
+
+          auth = pkgs.writers.writePython3Bin "auth" { } ''
+            import smtplib
+
+            with smtplib.SMTP('${domain}') as smtp:
+                smtp.ehlo()
+                smtp.login("alice", "foobar")
+                smtp.quit()
+          '';
+
+          authStarttls = pkgs.writers.writePython3Bin "authStarttls" { } ''
+            import smtplib
+            import ssl
+
+            ctx = ssl.create_default_context()
+
+            with smtplib.SMTP('${domain}') as smtp:
+                smtp.ehlo()
+                smtp.starttls(context=ctx)
+                smtp.ehlo()
+                smtp.login("alice", "foobar")
+                smtp.quit()
+          '';
+
+          authSmtps = pkgs.writers.writePython3Bin "authSmtps" { } ''
+            import smtplib
+            import ssl
+
+            ctx = ssl.create_default_context()
+
+            with smtplib.SMTP_SSL('${domain}', context=ctx) as smtp:
+                smtp.ehlo()
+                smtp.login("alice", "foobar")
+                smtp.quit()
+          '';
         in
         [
           sendTestMail
           sendTestMailStarttls
           sendTestMailSmtps
+          auth
+          authStarttls
+          authSmtps
         ];
     };
 
@@ -85,5 +143,8 @@ import ./make-test-python.nix {
     machine.succeed("send-testmail")
     machine.succeed("send-testmail-starttls")
     machine.succeed("send-testmail-smtps")
+    machine.succeed("auth")
+    machine.succeed("authStarttls")
+    machine.succeed("authSmtps")
   '';
 }