Postfix configured with Gmail SMTP

Postfix configured with Gmail SMTP

Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely-used Sendmail MTA.

 Installing and configuring Postfix

Install postfix:

$ sudo apt-get install postfix

Create the CA:

$ cd /etc/postfix
$ /usr/lib/ssl/misc/ -newca

After creating the key, extend the key for 10 years:

$ sudo openssl x509 -in demoCA/cacert.pem -days 3650 -out cacert.pem -signkey demoCA/private/cakey.pem

Copy the extended key:

$ cp cacert.pem demoCA

Generate private key:

$ sudo openssl req -new -nodes -subj '/CN=ServerName/O=Company/C=LB/ST=Location/' -keyout FOO-key.pem -out FOO-req.pem -days 3650

Sign private key:

$ sudo openssl ca -out FOO-cert.pem -infiles FOO-req.pem

Create certif directory:

$ sudo mkdir /etc/postfix/certif

Copy certificate to the certif directory:

$ cp demoCA/cacert.pem FOO-key.pem FOO-cert.pem /etc/postfix/certif

Change some permissions:

$ sudo chmod 644 /etc/postfix/certif/FOO-cert.pem /etc/postfix/certif/cacert.pem
$ sudo chmod 400 /etc/postfix/certif/FOO-key.pem

Install the CA Certificates and add certificates:

$ sudo apt-get install ca-certificates
$ sudo cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem >> /etc/postfix/certif/cacert.pem
$ sudo cat /etc/ssl/certs/Equifax_Secure_CA.pem >> /etc/postfix/certif/cacert.pem

Create transport file:

# Contents of /etc/postfix/transport
# This sends mail to Gmail               smtp:[]:587

Create generic file:

$ sudo touch /etc/postfix/generic

Create sasl_passwd file:

# Contents of /etc/postfix/sasl_passwd

Add these line at the end of /etc/postfix/

smtp_tls_loglevel = 1
smtp_enforce_tls = yes
smtp_tls_CAfile = /etc/postfix/certif/cacert.pem
smtp_tls_cert_file = /etc/postfix/certif/FOO-cert.pem
smtp_tls_key_file = /etc/postfix/certif/FOO-key.pem
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtp_use_tls = yes smtpd_tls_CAfile = /etc/postfix/certif/cacert.pem
smtpd_tls_cert_file = /etc/postfix/certif/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/certif/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom
## SASL Settings
# This is going in to THIS server
smtpd_sasl_auth_enable = no
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_application_name = smtpd
relayhost = []:587
transport_maps = hash:/etc/postfix/transport
smtp_generic_maps = hash:/etc/postfix/generic
disable_dns_lookups = yes

Hash the files:

$ sudo postmap sasl_passwd
$ sudo postmap transport
$ sudo postmap generic

Restart postfix:

$ sudo /etc/init.d/postfix restart

 Testing Postfix

Install mailx:

$ sudo apt-get install mailx

Send test mail:

$ sudo mail -s “testing postfix” < /etc/hosts

To list  the  mail queue:

$ sudo mailq

To empty the mail queue:

$ sudo postsuper -d ALL


Troubleshooting Postfix

View log files:

$ tail /var/log/mail.log


Like this Article? Share it!

About the Author

Author Gravatar

I would like to change the world, but they won't give me the source code

Related Posts

Comments are closed.