Dimas Maulana
Dimas Maulana

Configure Postfix to Use Gmail as a Mail Relay

Dimas Maulana Development
 

If you have a Gmail account, you can configure your Mail Transfer Agent (MTA) to relay outgoing mail through Gmail. This provides you with the reliability and infrastructure of Gmail for sending emails from the command line. In this tutorial, we’ll use Postfix as our MTA, which is a secure and open-source mail transfer agent. We’ll cover instructions for various operating systems.

Configure Postfix to use Gmail as a Mail Relay

1. Install Required Software

Debian, Ubuntu: 

1

apt-get update && apt-get install postfix mailutils

Fedora: 

1

dnf update && dnf install postfix mailx

CentOS: 

1

yum update && yum install postfix mailx cyrus-sasl cyrus-sasl-plain

OpenSUSE: 

1

zypper update && zypper install postfix mailx cyrus-sasl

Arch Linux: 

1

pacman -Sy postfix mailutils

FreeBSD:

Compile Postfix from the ports collection with SASL support:

1
2
3

portsnap fetch extract update
cd /usr/ports/mail/postfix
make config

In the configuration dialogs, select SASL support. Then:

1

make install clean

Install Mailx from the binary package:

1

pkg install mailx

2. Configure Gmail Authentication

Create or modify a password file that Postfix will use to authenticate with Gmail. Replace username with your Gmail username and password with your Gmail password. If you’re using a custom Gmail Apps domain, replace gmail.com with your domain.

Debian, Ubuntu, Fedora, CentOS, OpenSUSE, Arch Linux:

Postfix configuration files are in /etc/postfix. Create or edit the password file:

1

vi /etc/postfix/sasl_passwd

Add the line:

[smtp.gmail.com]:587   [email protected]:password

Save and make the file accessible only by root:

1

chmod 600 /etc/postfix/sasl_passwd

FreeBSD:

Postfix configuration files are in /usr/local/etc/postfix. Create or edit the password file:

1

vi /usr/local/etc/postfix/sasl_passwd

Add the line:

[smtp.gmail.com]:587   [email protected]:password

Save and make the file accessible only by root:

1

chmod 600 /usr/local/etc/postfix/sasl_passwd

3. Configure Postfix

There are six parameters to set in the Postfix configuration file main.cf:

  • relayhost: Specifies the mail relay host and port number.
  • smtp_use_tls: Enables (or disables) transport layer security.
  • smtp_sasl_auth_enable: Enables (or disables) SASL authentication.
  • smtp_sasl_security_options: Set to empty to ensure no Gmail-incompatible security options are used.
  • smtp_sasl_password_maps: Specifies the password file to use.
  • smtp_tls_CAfile: Specifies the list of certificate authorities to use when verifying server identity.

Debian, Ubuntu, Arch Linux:

Edit the main Postfix configuration file:

1

vi /etc/postfix/main.cf

Add or modify the following values:

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Save and close the file.

Fedora, CentOS:

Edit the main Postfix configuration file:

1

vi /etc/postfix/main.cf

Add or modify the following values:

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt

Save and close the file.

OpenSUSE:

Edit the main Postfix configuration file:

1

vi /etc/postfix/main.cf

Add or modify the following values:

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/ca-bundle.pem

Save and close the file.

OpenSUSE also requires modifying the Postfix master process configuration file master.cf:

1

vi /etc/postfix/master.cf

Uncomment the line that reads:

#tlsmgr unix - - n 1000? 1 tlsmg

So it reads:

tlsmgr unix - - n 1000? 1 tlsmg

Save and close the file.

FreeBSD:

Edit the main Postfix configuration file:

1

vi /usr/local/etc/postfix/main.cf

Add or modify the following values:

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/mail/certs/cacert.pem

Save and close the file.

4. Process Password File

Use postmap to compile and hash the contents of sasl_passwd. The results will be stored in your Postfix configuration directory in the file sasl_passwd.db.

Debian, Ubuntu, Fedora, CentOS, OpenSUSE, Arch Linux: 

1

postmap /etc/postfix/sasl_passwd

FreeBSD: 

1

postmap /usr/local/etc/postfix/sasl_passwd

5. Restart Postfix

Restart the Postfix service to apply your changes.

Debian, Ubuntu, Fedora, CentOS, OpenSUSE, Arch Linux: 

1

systemctl restart postfix.service

FreeBSD:

To start the Postfix service for this session:

1

service postfix onestart

To start Postfix automatically at system initialization, edit /etc/rc.conf:

1

vi /etc/rc.conf

Add the line:

postfix_enable=YES

Save and close the file, then run:

1

service postfix start

6. Enable “Less Secure Apps” in Gmail

By default, Gmail allows only the most secure sign-ins. To permit relay requests, log in to your Gmail account and turn on “Allow less secure apps.” Review the Google Support document “Allowing less secure apps to access your account” for more information.

7. Send a Test Email

Test your new configuration by sending an email using the mail command. Run:

1

mail
Updated on 20-07-2016 
Back | Home
0%