Notes on Postfix configuration and other silly tricks.
I currently run my external mail on a Google Apps account. As a simple solution to allow me to send mail from several Linux systems, I have configured Postfix to use a specially configured Gmail account as a pseudo mail relay.
To do this you really only need to make a few configuration changes to the default Postfix main.cf file that ships with the Debian package.
# See /usr/share/postfix/main.cf.dist for a commented, more complete version smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no delay_warning_time = 4h readme_directory = no myhostname = localhost alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $myhostname mydestination = localhost, localhost.localdomain, localhost relayhost = [smtp.gmail.com]:587 mynetworks = 127.0.0.0/8 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl/gmail-passwdmap smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/postfix/gmail-cacerts.pem smtp_use_tls = yes smtp_tls_loglevel=1 smtp_tls_security_level=encrypt compatibility_level=2
You can retrieve the current Google CA certs from this page: https://support.google.com/a/answer/6180220?hl=en
Store these certs as /etc/postfix/gmail-cacerts.pem
.
You will also need to generate an app password to use with the account in Gmail.
https://support.google.com/accounts/answer/185833?hl=en
You can then configure this username and password in /etc/postfix/sasl/gmail-passwdmap
accordingly:
[smtp.gmail.com]:587 my-smtp-relay@example.com:abcdefghijklmnop
Where my-smtp-relay@example.com is the Gmail account you will use and abcdefghijklmnop is your app password. You will also need to use postmap(1)
to create the Postfix binary map table for this file when you create or modify this file:
postmap /etc/postfix/sasl/gmail-passwdmap