Skip to content

Instantly share code, notes, and snippets.

@jaeyson

jaeyson/README.md

Last active October 7, 2025 04:35
Show Gist options
  • Save jaeyson/1566a5e880305eb71c259b036b1b1f6e to your computer and use it in GitHub Desktop.
Save jaeyson/1566a5e880305eb71c259b036b1b1f6e to your computer and use it in GitHub Desktop.
Download ZIP
Postfix
Raw
README.md

An example of my Postfix setup under Ubuntu 22.04 server. Allowing you to sent mails from various services, cronjobs and sendmail via Postfix.

I'm using Postfix as a relay to sent mails via Gmail SMTP.

Below you can find a diff (== MOST IMPORTANT) changes of the main.cf configuration file for Postfix, located at: /etc/postfix directory.
Ps. ubuntu-server is the hostname.

SASL Authenication

Next to the main.cf file, you need to add a sasl paswd file, see Gmail example below as well. I personally store the sasl_passwd file in a new sasl directory. Do NOT forget to run: sudo postmap /etc/postfix/sasl/sasl_passwd. On your sasl_passwd file, so the content will get hashed (*.db file). Ideally, remove the un-hashed file now.

Gmail specific

If you also want to use Gmail SMTP server, be sure to enable 2FA. And generate an application password. Your normal Gmail login credentials will NOT work.

Raw
main.cf
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level=may
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = ubuntu-server
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, ubuntu-server, localhost.localdomain, , localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.17.0.0/16
mailbox_size_limit = 0
recipient_delimiter = +
# accept email from our web-server only (incl. Docker)
inet_interfaces = 127.0.0.1, [::1], 172.17.0.1
inet_protocols = all
# Gmail settings
relayhost = [smtp.gmail.com]:587
# Require auth
smtp_sasl_auth_enable = yes
# Password file
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
# Disable anonymous login
smtp_sasl_security_options = noanonymous
# Enable STARTTLS encryption for SMTP
smtp_tls_security_level = encrypt
smtp_tls_mandatory_ciphers = high
Raw
sasl_passwd
[smtp.gmail.com]:587 [email protected]:yoursecret_application_password
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment