Tuesday, February 9, 2010

Postfix relaying emails with GMAIL SMTP (Centos 5.3)

I was tired of maintaining my email server so I decide to move everything to Google app. They can host your mail server up to 50 accounts for free, isnt it great?. So I have moved all my domains to Google apps and everything was working perfect, however I missed an issue RELAY emails!!
So I relaxed and I figured out how to relay emails using an Google app (GMAIL) account.

After reading a lot of post, I realized that everybody was missing a part of the problem.
Some people shows you how to create client certificates for postfix when you do not need them.
Some people tell you to get the root CA certificates when you already have them.
However the most important part is to have all the required packages to make it work.

For Centos 5.3

Verify package installed

# rpm -qa |grep postfix
postfix-2.3.3-2.1.el5_2

# rpm -qa |grep sasl
cyrus-sasl-lib-2.1.22-5.el5
cyrus-sasl-2.1.22-5.el5
cyrus-sasl-plain-2.1.22-5.el5

# rpm -qa |grep openssl
openssl-perl-0.9.8e-12.el5_4.1
openssl-devel-0.9.8e-12.el5_4.1
xmlsec1-openssl-1.2.9-8.1.1
openssl-0.9.8e-12.el5_4.1
openssl097a-0.9.7a-9.el5_2.1

Copy root CA certificates. Postfix needs to know the location of root CA.

# cp /etc/pki/tls/certs/ca-bundle.crt /etc/postfix/cacert.pem

Create file that stores GMAIL user and password.

# vi /etc/postfix/sasl_passwd

smtp.gmail.com user@domain:password

#postmap /etc/postfix/sasl_passwd


Edit /etc/postfix/main.cf

# Relay all e-mail via GMail.
relayhost = [smtp.gmail.com]:587

# SASL authentication
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_sasl_tls_security_options = noanonymous
smtp_sasl_mechanism_filter = login

# TLS
smtp_tls_eccert_file =
smtp_tls_eckey_file =
smtp_use_tls = yes
smtp_enforce_tls = no
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_received_header = yes
tls_random_source = dev:/dev/urandom


Finally, restart postfix.


Enjoy it ...

1 comment:

  1. this works great, i dont know but i need to change this lines in order to work

    ################################
    #Ingresado por yb-webadmin
    mydomain = myhost.dns.com
    myhostname = elastix.myhost.dns.com

    ReplyDelete