Christopher Juckins

SysAdmin Tips, Tricks and other Software Tools

User Tools

Site Tools


gmail_as_a_relay_on_linux

Using Gmail as a Relay on RedHat Distro Linux

RockyLinux 9 Notes:

  • (Nothing special noted)

CentOS 8 Notes:

  • (Nothing special noted)

Required packages if CentOS7 7.2.1511:

  • postfix (tested version 2.10.1-6.el7 )
  • ca-certificates.noarch (tested version 2015.2.4-70.0.el7_1)
  • cyrus-sasl-plain (tested version 2015.2.6-70.1.el7_2)
  • cyrus-sasl-lib (tested version 2.1.26-20.el7_2)

Other CentOS 7 Notes:

  • Best to use this version of mutt: mutt-1.6.2-1.fc22.x86_64.rpm
    • Otherwise, you may get errors like: Bad IDN in "from": 'tidewater.�'
  • /etc/resolv.conf may need the 'search' pattern, ex: search attlocal.net
    • As root, run 'nmtui' to set network parameters
  • If trouble sending after install, may need to consult this link

Directions based on this page by Matthew Hawthorne:

1. If it exists, make sure /etc/ssmtp/ssmtp.conf is the distro version with no changes

2. Make a backup copy of /etc/postfix/main.cf

3. Edit /etc/postfix/main.cf to have these settings:

# Sets gmail as relay
relayhost = [smtp.gmail.com]:587

# Use tls
smtp_use_tls=yes

# Use sasl when authenticating to foreign SMTP servers
smtp_sasl_auth_enable = yes 

# Path to password map file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

# NOTE: This section *should* be configured properly in CentOS8 and RockyLinux9 by default
# list of CAs to trust when verifying server certificate
#smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
# Below is provided by ca-certificates package (Mozilla CA root certificate bundle)
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

# Eliminates default security options which are incompatible with Gmail
smtp_sasl_security_options =

# Modify debugging (make sure to comment pre-existing entries)
debug_peer_list=smtp.gmail.com
debug_peer_level=3

4. Add your own Gmail credentials to /etc/postfix/sasl_passwd (the password needs to be a Google App-Specific password to get around the 2FA requirement

[smtp.gmail.com]:587  [email protected]:GMAIL_APP_PASSWORD

5. Run the following as root:

# postmap /etc/postfix/sasl_passwd

6. Make sure the /etc/sasl_passwd* files are owned by the postfix user:

# chown postfix sasl_passwd*

7. Tighten permissions:

# chmod 600 sasl_passwd sasl_passwd.db

8. Restart postfix:

# /bin/systemctl restart postfix.service

or

# /etc/init.d/postfix reload

or

# service postfix restart

9. Add these lines to the global /etc/Muttrc.local (easier than adding it to each user's $HOME/.muttrc):

set from = "`whoami`@`hostname`"
set realname = "`whoami`@`hostname`"

10. Send a test message:

mutt -s "Test1" [email protected] </dev/null

or to send a message without using a separate file but note mailx is probably not looking at .muttrc:

echo 'It works' | mailx -s 'Test message' [email protected]

or

mailx -a test.txt -s "test subject" user@domain < /dev/null

Other links:

How to send email with my CentOS server
Setting up gmail as a relay host in postfix (without creating certificates)
How To Use Gmail or Yahoo with PHP mail() Function
Updating certificates (not needed at this point)

gmail_as_a_relay_on_linux.txt · Last modified: 2024/01/01 12:40 by juckins