-
SSH into proxmox node and become root user. Run the following commands to download extra software dependencies we'll need.
apt update apt install -y libsasl2-modules mailutils
-
Enable 2FA for the gmail account that will be used by going to security settings
-
Create app password for the account.
- Go to App Passwords
- Select app:
Mail
- Select device:
Other
- Type in:
Proxmox
or whatever you want here
-
Write gmail credentials to file and hash it. Again, make sure you are root.
echo "smtp.gmail.com [email protected]:yourpassword" > /etc/postfix/sasl_passwd # chmod u=rw chmod 600 /etc/postfix/sasl_passwd # generate /etc/postfix/sasl_passwd.db postmap hash:/etc/postfix/sasl_passwd
-
Open the Postfix configuration file with editor of your choice.
nano /etc/postfix/main.cf
-
Append the following to the end of the file:
relayhost = smtp.gmail.com:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_security_options = smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtp_tls_session_cache_timeout = 3600s
IMPORTANT: Comment out the existing line containing just
relayhost=
since we are using this key in our configuration we just pasted in. -
Reload postfix
postfix reload
-
Test to make sure everything is hunky-dory.
echo "sample message" | mail -s "sample subject" [email protected]
-
-
Save tomdaley92/9315b9326d4589c9652ce0307c9c38a3 to your computer and use it in GitHub Desktop.
It looks like you're using two different styles of password maps, but without detail on why. Which method works best?
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_password_maps = /etc/postfix/sasl_passwd.db
if doing this on proxmox for it to send emails properly you may also need to hash your aliases with postalias /etc/aliases
so items addressed to root get sent to you for example ZFS array scrubbing or smart errors
I got the error message in /var/log/mail.log
Must issue a STARTTLS command first
Update the CA first: update-ca-certificates --fresh
Also the main.cf
should be
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_enforce_tls = yes
smtpd_use_tls = yes
thanks a lot!
but i have to install postfix to...
Hey,
Thank you for these instructions!!
I got this error,
Would anyone know how to change it?
SendAsDenied; [email protected] not allowed to send as [email protected]
Fixed it.
I created the file /etc/postfix/header_check
and added the following code /From:.*/ REPLACE From: [email protected]
Then added the following line to /etc/postfix/main.cf
smtp_header_checks = regexp:/etc/postfix/header_check
that changed the sendas address to match my email address
credit: https://vectops.com/2022/02/how-to-set-up-a-smtp-relay-on-your-proxmox-node/
Thank you for these setup instructions! If it helps anyone, I didn't log in as root when installing the dependencies. I purged them and reinstalled. For some reason, I still had to use sudo for some commands, like the postmap. Also, followed @SecureCPU advise to add custom from address followed by systemctl restart postfix.service to restart.
Big THANK YOU! Works fine!
Hi, thank you for the most detailed setup you did.
If you have a network unreachable error it might be caused by the fact that google smtp server address is now : smtp-relay.gmail.com:25
Hi, thank you for the most detailed setup you did. If you have a network unreachable error it might be caused by the fact that google smtp server address is now : smtp-relay.gmail.com:25
Most ISPs block port 25 have you tried using one of the other ports? Such as 587 or 465?
Thank you! Thorough and easy to follow.
You forgot to add that the unhashed file with the password should be deleted.
Thanks for the tutorial.
Thank you
I installed Proxmox over Debian FWIW, and I ran into this default settings causing errors:
default_transport = error
Commenting it out fixed the issue
Hi, thank you for the most detailed setup you did. If you have a network unreachable error it might be caused by the fact that google smtp server address is now : smtp-relay.gmail.com:25
The address smtp.gmail.com
is still functional. Also, if you want to use a different SMTP server, remember to update the SMTP server in /etc/postfix/sasl_passwd.
If you get a "network is unreachable" error and the syslog shows that the SMTP server uses IPv6:
connect to smtp.gmail.com[IPv6]:587: Network is unreachable
Here is my solution:
- Open
/etc/postfix/main.cf
, changeinet_protocols = all
toinet_protocols = ipv4
(or just add it). - Restart postfix using
service postfix restart
.
Thanks for catching that @pixitha