Find the answer to your Linux question:
Results 1 to 10 of 10
I'm on Debian 7.0 testing guide followed: Postfix: Configuring Gmail as Relay - matthew hawthorne is mhawthorne.net /etc/postfix/main.cf Code: smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2010
    Posts
    31

    Postfix using gmail.com relay, simply not working.


    I'm on Debian 7.0 testing

    guide followed: Postfix: Configuring Gmail as Relay - matthew hawthorne is mhawthorne.net

    /etc/postfix/main.cf
    Code:
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
    smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
    smtpd_use_tls=yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    myhostname = eocserver.helix
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = eocserver.helix, localhost.helix, localhost
    relayhost = [smtp.gmail.com]:587
    smtp_use_tls=yes
    smtp_sasl_auth_enable = yes 
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
    smtp_sasl_security_options =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = loopback-only
    default_transport = error
    relay_transport = error
    /var/log/mail.log: (my mail masked with Xs)
    Code:
    Feb 25 14:30:45 eocserver postfix/pickup[8569]: CCA3E5FC27: uid=0 from=<root>
    Feb 25 14:30:45 eocserver postfix/cleanup[8582]: CCA3E5FC27: message-id=<20130225193045.CCA3E5FC27@eocserver.helix>
    Feb 25 14:30:45 eocserver postfix/qmgr[8570]: CCA3E5FC27: from=<root@eocserver.helix>, size=257, nrcpt=1 (queue active)
    Feb 25 14:30:45 eocserver postfix/error[8585]: CCA3E5FC27: to=<XXXXXXXXXX@gmail.com>, relay=none, delay=11, delays=11/0/0/0.03, dsn=5.0.0, status=bounced ([smtp.gmail.com]:587)
    Feb 25 14:30:45 eocserver postfix/cleanup[8590]: DFB845FBE3: message-id=<20130225193045.DFB845FBE3@eocserver.helix>
    Feb 25 14:30:45 eocserver postfix/qmgr[8570]: DFB845FBE3: from=<>, size=1966, nrcpt=1 (queue active)
    Feb 25 14:30:45 eocserver postfix/bounce[8588]: CCA3E5FC27: sender non-delivery notification: DFB845FBE3
    Feb 25 14:30:45 eocserver postfix/qmgr[8570]: CCA3E5FC27: removed
    Feb 25 14:30:45 eocserver postfix/cleanup[8582]: E96C75FC27: message-id=<20130225193045.DFB845FBE3@eocserver.helix>
    Feb 25 14:30:45 eocserver postfix/local[8587]: DFB845FBE3: to=<root@eocserver.helix>, relay=local, delay=0.08, delays=0.03/0.01/0/0.04, dsn=2.0.0, status=sent (forwarded as E96C75FC27)
    Feb 25 14:30:45 eocserver postfix/qmgr[8570]: DFB845FBE3: removed
    Feb 25 14:30:45 eocserver postfix/qmgr[8570]: E96C75FC27: from=<>, size=2097, nrcpt=1 (queue active)
    Feb 25 14:30:46 eocserver postfix/error[8585]: E96C75FC27: to=<XXXXXXXXXX@gmail.com>, orig_to=<root@eocserver.helix>, relay=none, delay=0.08, delays=0.04/0/0/0.04, dsn=5.0.0, status=bounced ([smtp.gmail.com]:587)
    Feb 25 14:30:46 eocserver postfix/qmgr[8570]: E96C75FC27: removed
    notice there [b]relay=none[b]. wtf?

    I've googled the error, a few others have had this problem but it's unclear if/how they resolved it.

  2. #2
    Just Joined!
    Join Date
    Sep 2012
    Location
    Nashville, TN
    Posts
    93
    Do you have your relay authentication with gmail servers setup? In the past when trying this that always seemed to be the step that would trip me up.

  3. #3
    Just Joined!
    Join Date
    Aug 2010
    Posts
    31
    Quote Originally Posted by bsdtux View Post
    Do you have your relay authentication with gmail servers setup? In the past when trying this that always seemed to be the step that would trip me up.
    pop and imap are both enabled in my gmail account. or is something else required?

  4. #4
    Just Joined!
    Join Date
    Sep 2012
    Location
    Nashville, TN
    Posts
    93
    when setting up a relay you will still have to authenticate to the gmail server.

    to accomplish this create a password file. The example I followed used the following (replace smtp_user:smtp_passwd with your gmail username and password)
    Code:
    echo "smtp.gmail.com    smtp_user:smtp_passwd" > /etc/postfix/sasl_passwd
    postmap hash:/etc/postfix/sasl_passwd
    This wil create a password files and hash it so that it does not stay in clear text on the server.

    It looks like you already have your postfix file pointing to a sasl_passwd file which is good. One change would be to smtp_sasl_security_options =
    make sure it says
    Code:
    smtp_sasl_security_options = noanonymous
    after changing those restart the postfix service.
    Code:
    service postfix restart
    Last edited by bsdtux; 02-26-2013 at 04:12 PM. Reason: spelling mistakes

  5. #5
    Just Joined!
    Join Date
    Aug 2010
    Posts
    31
    Quote Originally Posted by bsdtux View Post
    when setting up a relay you will still have to authenticate to the gmail server.

    to accomplish this create a password file. The example I followed used the following (replace smtp_user:smtp_passwd with your gmail username and password)
    Code:
    echo "smtp.gmail.com    smtp_user:smtp_passwd" > /etc/postfix/sasl_passwd
    postmap hash:/etc/postfix/sasl_passwd
    This wil create a password files and hash it so that it does not stay in clear text on the server.

    It looks like you already have your postfix file pointing to a sasl_passwd file which is good. One change would be to smtp_sasl_security_options =
    make sure it says
    Code:
    smtp_sasl_security_options = noanonymous
    after changing those restart the postfix service.
    Code:
    service postfix restart
    oh yeah. I definitely did that.

  6. #6
    Just Joined!
    Join Date
    Sep 2012
    Location
    Nashville, TN
    Posts
    93
    in your password file do you have the following format
    Code:
    [smtp.gmail.com]:587 gmail-username@gmail.com:gmail-password
    or is it like this

    Code:
    [smtp.gmail.com]:587 gmail-username:gmail-password
    If it is like the second one then try changing it to the first method and see if that helps.

  7. #7
    Just Joined!
    Join Date
    Aug 2010
    Posts
    31
    Quote Originally Posted by bsdtux View Post
    in your password file do you have the following format
    Code:
    [smtp.gmail.com]:587 gmail-username@gmail.com:gmail-password
    or is it like this

    Code:
    [smtp.gmail.com]:587 gmail-username:gmail-password
    If it is like the second one then try changing it to the first method and see if that helps.
    that's the format I use. I've tried both username variations.

  8. #8
    Just Joined!
    Join Date
    Sep 2012
    Location
    Nashville, TN
    Posts
    93
    Quote Originally Posted by zeroth View Post
    that's the format I use. I've tried both username variations.
    Ok I just tested this on a brand new CentOS machine and got it working. Here are the steps

    1. install the following
    Code:
    yum install cyrus-sasl-plain
    #Needed this because of authentication problems

    2. Generated my own self signed cert. (I believe this is optional.)
    Code:
    openssl genrsa -des3 -out server.key 1024
    openssl req -new -key server.key -out server.csr
    cp server.key server.key.org
    openssl rsa -in server.key.org -out server.key #this was supposed to clear the need for a passphrase but I couldn't get it to work. Still made me put one in
    openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
    3. I added the following to my /etc/postfix/main.cf
    Code:
    relayhost = [smtp.gmail.com]:587
    smtp_use_tls = yes
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options = no anonymous
    smtp_tls_CAfile = /etc/ssl/certs/server.crt
    4. Then I created the password file and made sure not to make a new line
    Code:
    [smtp.gmail.com]:587 my_gmail_account@gmail.com:my_gmail_password
    postmap sasl_passwd
    chmod 600 sasl_passwd sasl_passwd.db
    5. restart postfix
    Code:
    service postfix restart
    6. OPTIONAL - I installed mailx which has always treated me better than the old mail command
    Code:
    yum install mailx
    echo "This is a test email" | mailx -s 'A simple Test' test@example.com
    I know you went through these steps but it normally helps me to start over from scratch in case I missed something. Also when I checked my logs I do see where it says relay=[smtp.gmail.com]

    I hope this helps.

  9. #9
    Just Joined!
    Join Date
    Aug 2010
    Posts
    31
    I noticed you have a space in "no anonymous"

    aside from the "optional" part of creating my own cert, and that space, my setup is the same.

    maybe what I'm getting tripped up on is the cert. how is the cert even used? whats it for anyway? if I can just create my own on the fly, it sounds like it's just used to sign emails so recipients can see where the message originated. or does it need it to actually connect to gmail's smtp?

    edit: also, there's no cyrus-sasl-plain package on debian 7 testing, so I'm guessing it was satisfied by a different name.
    Last edited by zeroth; 02-27-2013 at 06:15 PM.

  10. #10
    Just Joined!
    Join Date
    Sep 2012
    Location
    Nashville, TN
    Posts
    93
    That was a typo. it should not have a space. Also try commenting out anything with my in your main.conf. As you pointed out the problem is that it is not even trying to use gmail as the relay.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •