===== Using Gmail as a Relay on RedHat Distro Linux =====

RockyLinux 9 Notes:
  * (Nothing special noted)

CentOS 8 Notes:
  * (Nothing special noted)

Required packages if CentOS7 7.2.1511: \\
  * postfix (tested version 2.10.1-6.el7 )
  * ca-certificates.noarch (tested version 2015.2.4-70.0.el7_1)
  * cyrus-sasl-plain (tested version 2015.2.6-70.1.el7_2)
    * Got hint that this is needed from [[http://www.postfix.org/SASL_README.html#client_sasl_policy|Postfix config]]
  * cyrus-sasl-lib (tested version 2.1.26-20.el7_2)

Other CentOS 7 Notes:
  * Best to use this version of mutt: mutt-1.6.2-1.fc22.x86_64.rpm
    * Otherwise, you may get errors like: Bad IDN in "from": 'tidewater.�
'
  * /etc/resolv.conf may need the 'search' pattern, ex: search attlocal.net
    * As root, run 'nmtui' to set network parameters
  * If trouble sending after install, may need to consult [[http://unix.stackexchange.com/questions/109473/after-updating-ssmtp-to-version-2-61-i-cannot-send-mail-via-gmail|this link]]

Directions [[http://mhawthorne.net/posts/postfix-configuring-gmail-as-relay.html|based on this page by Matthew Hawthorne]]: \\

1. If it exists, make sure /etc/ssmtp/ssmtp.conf is the distro version with no changes

2. Make a backup copy of /etc/postfix/main.cf

3. Edit /etc/postfix/main.cf to have these settings:

<code>
# Sets gmail as relay
relayhost = [smtp.gmail.com]:587

# Use tls
smtp_use_tls=yes

# Use sasl when authenticating to foreign SMTP servers
smtp_sasl_auth_enable = yes 

# Path to password map file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

# NOTE: This section *should* be configured properly in CentOS8 and RockyLinux9 by default
# list of CAs to trust when verifying server certificate
#smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
# Below is provided by ca-certificates package (Mozilla CA root certificate bundle)
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

# Eliminates default security options which are incompatible with Gmail
smtp_sasl_security_options =

# Modify debugging (make sure to comment pre-existing entries)
debug_peer_list=smtp.gmail.com
debug_peer_level=3
</code>

4. Add your own Gmail credentials to /etc/postfix/sasl_passwd (the password needs to be a Google App-Specific password to get around the 2FA requirement \\
<code>
[smtp.gmail.com]:587  USERNAME@gmail.com:GMAIL_APP_PASSWORD
</code>

5. Run the following as root: \\
<code>
# postmap /etc/postfix/sasl_passwd
</code>

6. Make sure the /etc/sasl_passwd* files are owned by the postfix user: \\
<code>
# chown postfix sasl_passwd*
</code>

7. Tighten permissions: \\
<code>
# chmod 600 sasl_passwd sasl_passwd.db
</code>

8. Restart postfix: \\
<code>
# /bin/systemctl restart postfix.service
</code>
or
<code>
# /etc/init.d/postfix reload
</code>
or
<code>
# service postfix restart
</code>

9. Add these lines to the global /etc/Muttrc.local (easier than adding it to each user's $HOME/.muttrc): \\

<code>
set from = "`whoami`@`hostname`"
set realname = "`whoami`@`hostname`"
</code>

10. Send a test message: \\
<code>
mutt -s "Test1" RECIPIENT@DOMAIN.COM </dev/null
</code>
or to send a message without using a separate file but note mailx is probably not looking at .muttrc:
<code>
echo 'It works' | mailx -s 'Test message' RECIPIENT@DOMAIN.COM
</code>
or 
<code>
mailx -a test.txt -s "test subject" user@domain < /dev/null
</code>

Other links:\\

[[http://serverfault.com/questions/194376/how-to-send-email-with-my-centos-server|How to send email with my CentOS server]] \\
[[http://rs20.mine.nu/w/2011/07/gmail-as-relay-host-in-postfix/|Setting up gmail as a relay host in postfix (without creating certificates)]] \\
[[https://www.digitalocean.com/community/tutorials/how-to-use-gmail-or-yahoo-with-php-mail-function|How To Use Gmail or Yahoo with PHP mail() Function]] \\
[[https://techjourney.net/update-add-ca-certificates-bundle-in-redhat-centos/|Updating certificates]] (not needed at this point)