Skip to content

Instantly share code, notes, and snippets.

@zmwangx

zmwangx/Postfix: relay to authenticated SMTP.md

Created August 3, 2014 18:28
Show Gist options
  • Save zmwangx/223b4a5a55eb46193cfb to your computer and use it in GitHub Desktop.
Save zmwangx/223b4a5a55eb46193cfb to your computer and use it in GitHub Desktop.
Download ZIP
Postfix: relay to authenticated SMTP.
Raw
Postfix: relay to authenticated SMTP.md

  1. Taking Gmail as an example, put the following into /etc/postfix/main.cf.

     relayhost = [smtp.gmail.com]:587
 smtp_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 smtp_sasl_security_options = noanonymous
 smtp_sasl_mechanism_filter = plain
 smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
 smtp_use_tls = yes
 smtp_tls_security_level = encrypt

    If the ca-bundle.crt does not exist, do (on OS X)

     sudo su
 mkdir -p /etc/pki/tls/certs/
 security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain \
   >/etc/pki/tls/certs/ca-bundle.crt

  2. Apparently you need to provide the credentials at some point.

     sudo echo '[smtp.gmail.com]:587 USERNAME@DOMAIN:PASSWORD' >>/etc/postfix/sasl_passwd
 sudo postmap /etc/postfix/sasl_passwd

    For added security, remove that sasl_passwd file after the postmap.

    Note that for two-step authentication you need to create an application-specific password.

  3. And that's it! Reload Postfix:

     sudo postfix reload

    Or the more brutal way: stop followed by start.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment