Postfix Google Apps / Gmail SMTP Relay

April 30, 2009 by: Allen Sanford

For this to work you will need both SASL and SSL support compiled into postfix. Thank goodness Ubuntu by default does this for me. If you are not so luck them you will need to compile SASL and SSL support into your postfix install. To find out you can run the following command and the output should be similar to that below making note wether sasl and ssl are in the list (really for this that is all that is needed).

?View Code BASH
# ldd /usr/lib/postfix/smtp

You should see something similar to the following:

linux-gate.so.1 =>  (0xb7f62000)
libpostfix-master.so.1 => /usr/lib/libpostfix-master.so.1 (0xb7f54000)
libpostfix-tls.so.1 => /usr/lib/libpostfix-tls.so.1 (0xb7f45000)
libpostfix-dns.so.1 => /usr/lib/libpostfix-dns.so.1 (0xb7f3f000)
libpostfix-global.so.1 => /usr/lib/libpostfix-global.so.1 (0xb7f0e000)
libpostfix-util.so.1 => /usr/lib/libpostfix-util.so.1 (0xb7ee1000)
libssl.so.0.9.8 => /lib/i686/cmov/libssl.so.0.9.8 (0xb7e9b000)
libcrypto.so.0.9.8 => /lib/i686/cmov/libcrypto.so.0.9.8 (0xb7d4f000)
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d37000)
libdb-4.7.so => /usr/lib/libdb-4.7.so (0xb7be2000)
libnsl.so.1 => /lib/libnsl.so.1 (0xb7bcb000)
libresolv.so.2 => /lib/libresolv.so.2 (0xb7bb6000)
libc.so.6 => /lib/libc.so.6 (0xb7a6f000)
libdl.so.2 => /lib/libdl.so.2 (0xb7a6b000)
libz.so.1 => /lib/libz.so.1 (0xb7a54000)
libpthread.so.0 => /lib/libpthread.so.0 (0xb7a3c000)
/lib/ld-linux.so.2 (0xb7f63000)

If you dont see libssl and libsasl STOP, you’ll need to recompile with support before you continue, if you are lucky and do see them in your installation then we are good to go and you can proceed.


Generate a CSR for this server

?View Code BASH
 # cd /<path>/<to>/postfix/
 # mkdir certs<br />
 # cd certs<br />
 # openssl genrsa -out shual.key 1024
 # openssl req -new -key shual.key -out shual.csr
 # openssl ca -out shual.pem -infiles shual.csr


Modify main.cf

?View Code BASH
 # cd /<path>/<to>/postfix/<br />
 # vim main.cf

And now add the following lines:

?View Code BASH
    relayhost = [smtp.gmail.com]:587
    #auth<br />
    smtp_sasl_auth_enable=yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    #tls
    smtp_use_tls = yes
    smtp_sasl_security_options = noanonymous
    smtp_sasl_tls_security_options = noanonymous
    smtp_tls_note_starttls_offer = yes
    tls_random_source = dev:/dev/urandom
    smtp_tls_scert_verifydepth = 5
    smtp_tls_key_file=/etc/postfix/certs/itchy.key
    smtp_tls_cert_file=/etc/postfix/certs/itchy.pem
    smtpd_tls_ask_ccert = yes
    smtpd_tls_req_ccert =no
    smtp_tls_enforce_peername = no

 

Create /

?View Code BASH
    # <path>/<to>/postfix/sasl_passwd file

# vim /
# //postfix/sasl_passwd

Copy this text and edit with your account details then highlight and copy.

?View Code BASH
    gmail-smtp.l.google.com <username>@<yourdomain>:<password>
    smtp.gmail.com <username>@<yourdomain>:<password>
?View Code BASH
# postmap /etc/postfix/sasl_passwd
 # /etc/init.d/postfix reload


Filed under: Ubuntu
Tags: , , , , , ,

Leave a Reply