Configure Postfix to Use Gmail SMTP on Ubuntu 18.04

koromicha
|
Last Updated:
|
HowTos, , Ubuntu 18.04
|
8 Comments

In this guide, we are going to learn how to configure Postfix to use Gmail SMTP on Ubuntu 18.04 to relay mails. To ensure reliable mail delivery, Postfix MTA can be configured to relay mails through an external SMTP server such as Gmail SMTP server.

Configuring Postfix to Use Gmail SMTP on Ubuntu 18.04

Install Postfix on Ubuntu 18.04

If Postfix is not already installed on your Ubuntu 18.04 server, run the command below to install it.

apt install mailutils

During installation, you will be prompted to provide some information required to configure Postfix. The first prompts asks you to choose the type of configuration that best suits your environment. Select Internet Site to enable Postfix to sent and received mails and press Enter to proceed.

Configure Postfix to Use Gmail SMTP on Ubuntu 18.04

Set the mail name. Mail name specifies the domain part that is used in a mail ID, e.g example.com for an email ID, [email protected].

post fix mail name

Press Enter to finalize the installation.

Note that you can always reconfigure Postfix by running the command below;

dpkg-reconfigure postfix

Configuring Postfix to Use Gmail SMTP

Now that Postfix is installed, proceed to configure it to use Gmail as a mail relay.

Open the Postfix configuration file, /etc/postfix/main.cf and configure is as follows;

vim /etc/postfix/main.cf

Set the Postfix relay server

Find the line, relayhost = and setting its value to Gmail SMTPS such that it looks like

relayhost = [smtp.gmail.com]:587

Next add the following lines to the end of the configuration file.

Enable SMTP Authentication

To enable SMTP server authentication, you need to;

  • Enable Cyrus-SASL support for authentication by setting the value of smtp_sasl_auth_enable to yes. 
    smtp_sasl_auth_enable = yes
  • Configure Postfix to use the file with the SASL credentials. This can be done by defining the path to sasl_passwd as follows; 
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
  • Set the SASL security options to disable options that allows anonymous authentication. 
    smtp_sasl_security_options = noanonymous

Enable STRTTLS Encryption

Enforce STARTTLS encryption for outgoing SMTP with Postfix by adding the following line. When a non-empty value is specified, this overrides the obsolete parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.

smtp_tls_security_level = encrypt

Define the path to CA certificates. The public root certificates are usually found under /etc/ssl/certs/ca-certificates.crt on Debian/Ubuntu systems.

smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

These lines should look like this;


...
relayhost = [smtp.gmail.com]:587
...
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Add Credentials to sasl_passwd

Since Postfix is acting a as mail client, it has to know when to provide a username and password. Therefore, create the sasl_passwd file define above, /etc/postfix/sasl_passwd and set the credentials of the mail relay server as shown below;

vim /etc/postfix/sasl_passwd
[smtp.gmail.com]:587 [email protected]:password

Replace your email ID appropriately.

Secure sasl_passwd

The credentials are set in plaintext. Hence to make it abit secured, change ownership and permission to root and read-write only respectively.

chown root:root /etc/postfix/sasl_passwd
chmod 600 /etc/postfix/sasl_passwd

Create sasl_passwd DB file

Postfix requires that the sasl_passwd file to be a database such that it can be read faster. Use postmap command to convert the file into a database, sasl_passwd.db.

postmap /etc/postfix/sasl_passwd

This will assign the same ownership and permissions to the database file as set for the sasl_passwd file above.

ls -l /etc/postfix/sasl_passwd*
-rw------- 1 root root    51 Jan  6 21:57 /etc/postfix/sasl_passwd
-rw------- 1 root root 12288 Jan  6 22:04 /etc/postfix/sasl_passwd.db

Restart Postfix

sudo systemctl restart postfix

Send a Test Mail

To verify that all is well, send the test mail as shown below;

echo "Test Postfix Gmail Relay" | mail -s "Postfix Gmail Relay" [email protected]

You can tail the logs to check what is happening. If you encounter such an error ...SASL authentication failed; server smtp.gmail.com..., you need to allow less secure apps to access your gmail account. Otherwise, you should be able to receive the test mail.

NOTE that the use of less secure app access has been deprecated. See how you can use App password as an alternative in the guide below;

Configure Postfix to Use Gmail App Passwords

You can also check our previous article on how to configure Postfix as send-only SMTP server on Fedora 29.

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
koromicha
I am the Co-founder of Kifarunix.com, Linux and the whole FOSS enthusiast, Linux System Admin and a Blue Teamer who loves to share technological tips and hacks with others as a way of sharing knowledge as: "In vain have you acquired knowledge if you have not imparted it to others".

Related Posts

Process and Visualize ModSecurity Logs on ELK Stack

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

How to Create And Delete OpenStack Project

How to Upgrade Your Computer in 4 Easy Steps

Different types of onboarding videos to enhance the onboarding process

How To Create The Perfect Playlist For Your Next Event

8 thoughts on “Configure Postfix to Use Gmail SMTP on Ubuntu 18.04”

  1. Great article. Thanks for this.

    I had problem with following error…

    Aug 13 18:59:27 hostname postfix/smtp[21528]: 827ABBC09CA: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.24.108]: invalid parameter supplied

    It was fixed with placing this next line at the end of my file: /etc/postfix/main.cf
    smtp_sasl_mechanism_filter = plain

    Took me ages to find on Google, hope someone finds it useful.

    Reply

  2. in my instantiation we don’t need an authentication for sending email as the server installed on the same network. do I sill need to setup username and password?

    Ubuntu 16
    PHP7

    Reply

  4. Thanks for the clear presentation. However I have this error after sending the test message:

    postfix/smtp[2520363]: connect to gmail-smtp-in.l.google.com[74.125.195.26]:25: Connection timed out

    Reply

    • Here is the root problem that appeared shortly after posting my message. Can you explain it?

      Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication. Please review 550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError

      Here is the message at that support link:

      Fix IPv6 authorization errors
      An IPv6 authorization error could mean the PTR record for the sending server isn’t using IPv6. If you use an email service provider, confirm they’re using an IPv6 PTR record.

      Reply

    • Hello Stephen, I would attribute the connection time out issue to your network connectivity issues. Please recheck and try restart of Postfix.

      Reply

Leave a Comment

© 2024 kifarunix.com

Home Advertise with us Privacy Policy