Labels

How to setup Postfix to send mails using Gmail

Summary
Needed a new SMTP Forward to replace the old one, Windows Workstation, for vCenter Server Appliance (vCenter).
 
At the same time, could upgrade (free) it to Windows 10.
 

How-to
On the Ubuntu 18.04 server.

1.

$ sudo apt install postfix libsasl2-modules

 
 
2.

$ sudo dpkg-reconfigure postfix


No configuration: Should be chosen to leave the current configuration unchanged.


Internet site: Mail is sent and received directly using SMTP.


Internet with smarthost: Mail is received directly using SMTP or by running a utility such as fetchmail. Outgoing mail is sent using a smart host.


Satellite system: All mail is sent to another machine, called a 'smarthost', for delivery.


Local only: The only delivered mail is the mail for local users. There is no network.


2.1.
Internet site

2.2.
smtp.domain.local

2.3.

Mail for the 'postmaster', 'root', and other system accounts needs to be redirected to the user account of the actual system administrator.


If this value is left empty, such mail will be saved in /var/mail/nobody, which is not recommended.


[...]

 
2.4.
root@domain.local...

Please give a common-separated list of domains for which this machine should consider itself the final destination. If this is a mail domain gateway, you probably want to include the top-level domain.


Other destinations to accept mail for (blank for none):


2.5.
No
If synchronous updates are forced, then mail is processed more slowly. If not forced, then there is a remote chance of losing some mail if the system crashes at an inopportune time, and you are not using a journaled filesystem (such as ext3).
 
2.6.
127.0.0.0/8 ...
Please specify the network blocks for which this host should relay mail. The default is just the local host...

2.7.
25000000 (25MB)
Please specify the limit that Postfix should place on mailbox files to prevent runway software errors. A value of zero (0) means no limit. The upstream default is 51200000.

2.8.
+
Please choose the character that will be used to define a local address extension.

To not use address extensions, leave the string blank.

2.9.
all (use both IPv4 and IPv6 addresses)
By default, whichever Internet protocols are enabled on the system at installation time will be used. ...

 
3.
$ sudo vim /etc/postfix/main.cf

myhostname = smtp.domain.hk

relayhost = [smtp.gmail.com]:587



# Enable SASL authentication

smtp_sasl_auth_enable = yes


# Disallow methods that allow anonymous authentication

smtp_sasl_security_options = noanonymous


# Location of sasl_passwd

smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd


# Enable STARTTLS encryption

smtp_tls_security_level = encrypt


# Location of CA certificates

smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt



4.

$ sudo vim /etc/postfix/sasl/sasl_passwd


[smtp.gmail.com]:587 username@gmail.com:{APP PASSWORD}



5. Enable “Less secure apps” access: https://www.google.com/settings/security/lesssecureapps
 
 
6.

$ sudo postmap /etc/postfix/sasl/sasl_passwd

 
 
7.

$ sudo chown root:root /etc/postfix/sasl/sasl_passwd /etc/postfix/sasl/sasl_passwd.db

$ sudo chmod 0600 /etc/postfix/sasl/sasl_passwd /etc/postfix/sasl/sasl_passwd.db

 
 
8. Limit what IPs can use the SMTP service.

$ sudo vim /etc/postfix/main.cf

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.2 192.168.1.3

 

9. For vCenter:

$ sudo vim /etc/mail/sendmail.mc

FEATURE(`nocanonify`)


If not, get:
$ sudo tail -f /var/log/syslog
2020-11-30T04:23:31.117593+00:00 vcenter sendmail[63191]: 0AU4NVat063189: to=<adm.vms@domain.hk>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=120870, relay=192.168.1.2, dsn=5.1.2, stat=Host unknown (Name server: 192.168.1.2: host not found)
2020-11-30T04:23:31.118176+00:00 vcenter sendmail[63191]: 0AU4NVat063189: 0AU4NVas063191: DSN: Host unknown (Name server: 192.168.1.2: host not found)
 
 
10.

$ sudo systemctl restart postfix

 
 
11.

$ sudo ufw allow Postfix

$ sudo ufw status




References
Generate an App Password
https://security.google.com/settings/security/apppasswords


https://support.google.com/accounts/answer/185833?hl=en

An App Password is a 16-digit passcode that gives a less secure app or device permission to access your Google Account. App Passwords can only be used with accounts that have 2-Step Verification turned on.



Sending email from the VMware vCenter Server Appliance after configuring an SMTP relay gateway fails with the error: stat=Deferred: Connection timed out (2124423)
https://kb.vmware.com/s/article/2124423


Emails are not sent from vCenter Server Appliance 6.5 or 6.7 after an Alert/Event is triggered. (54375)
https://kb.vmware.com/s/article/54375


The sendmail.cf and sendmail.mc Files
https://www.oreilly.com/library/view/linux-network-administrators/1565924002/ch18s04.html
 
 
Configure Postfix to Send Mail Using Gmail and Google Apps on Debian or Ubuntu



Update


Labels: