How to relay mail via Google account using Postfix

You have to enable TLS in Postfix's SMTP client, since Google requires it. This is indicated by them in the message Must issue a STARTTLS command.

In /etc/postfix/main.cf, you want something like this:

smtp_tls_policy_maps = hash:/etc/postfix/tls_policy

and then in /etc/postfix/tls_policy:

[smtp.gmail.com]:587 encrypt

The left hand side in tls_policy must appear exactly the same as your relayhost entry in main.cf.

Remember to run postmap on /etc/postfix/tls_policy after creating or changing it as required.

You can find more details in Postfix's TLS documentation.

Refer these links

http://blog.bigdinosaur.org/postfix-gmail-and-you/

http://www.postfix.org/TLS_README.html#client_tls


This is the procedure I use for this:

sudo apt-get install postfix.

If it asks what sort of mail server you are installed, choose no configuration (the first option)

sudo nano /etc/postfix/main.cf

and paste this in

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
# listen on localhost only
inet_interfaces = 127.0.0.1

smtpd_banner = $myhostname ESMTP $mail_name

biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

#Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

Save the file, Now we create the file with the username and password in

sudo nano /etc/postfix/sasl_passwd

and paste in the following making the required replacements

[smtp.gmail.com]:587    [email protected]:password

Save it, and at the command prompt

sudo postmap /etc/postfix/sasl_passwd

Then

chmod 600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

Finally,

sudo service postfix restart

Note that once you’ve successfully tested the email system, you can remove / obfuscate the password in sasl_passwd.

Test it with you application. If you have trouble, check /var/log/mail.log You can apt-get install mail-utils to have it install a mail program. you can then test with

echo “this is a test” | mailx -s “This is the subject” [email protected]

Finally

Run

newaliases

to make an /etc/aliases.db file. If you don’t it will log a lot of errors about it to /var/log/mail.err If you get SASL errors (postfix) Check the hostname is in /etc/hosts and /etc/hostname If postfix complains about not being able to relay for a given host / ip address (postfix) Add this to /etc/postfix/main.cf

mynetworks = 10.0.0.0/8

This will allow anyone with a 10.0.0.0 address to connect, obviously you should bolt this down as much as possible, either by restricting the network, and / or using any firewall or security policy available to you

Tags:

Linux

Postfix