Setup Postfix to Relay to Google Mail with TLS and smtp auth

 

What are we doing?

  • Configuring Postfix to use Google Mail as an SMTP relay

 

Why?

Running a send only SMTP server is useful for automating password recovery, account signup etc, but keeping mail out of the end user’s spam box is hard work. Relaying through Google means that the end user’s mail account will see the mail as having come from a Google relay rather than a SOHO IP address and will be much more likely to accept it.

How?

This guide assumes you have a Google Mail account with appropriate permissions and have at least a Postfix SMTP server configured. Follow the guide here to setup Postfix.

Edit the Postfix configuration file

sudo nano /etc/postfix/main.cf

Add following lines-

relayhost = [smtp-relay.gmail.com]:587
smtp_use_tls=yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_sasl_security_options =

Create a file to store the Gmail username and password

sudo nano /etc/postfix/sasl_passwd

Add the following line

[smtp-relay.gmail.com]:587  YOUR_GMAIL_USERNAME:YOUR_GMAIL_PASSWORD

Create a db hash of the password file

sudo postmap /etc/postfix/sasl_passwd

Reduce permissions to the bare minimum on the password hash and remove the non-hash file

cd /etc/postfix
sudo chown postfix:postfix sasl_passwd.db
sudo chmod 400 sasl_passwd.db
sudo rm sasl_passwd

Force changes to take effect

sudo service postfix reload

Leave a Reply

Your email address will not be published. Required fields are marked *