Many ISPs block sending email over port 25. This means that you won’t be able to send mail from your Linux server through simple commands like mailx or logwatch. A good way to get around this limitation is to set up a relay through a Gmail account.
The following instructions were tested on CentOS 6.3, 6.4 and 6.5 using Postfix.
Note: You must install certain modules for SASL authentication to work. On CentOS, you can check that these are installed by running the following command: yum install cyrus-sasl-plain
Create the file /etc/postfix/sasl_passwd in your favorite text editor, and fill in the following on one line:
smtp.gmail.com GmailUsername:GmailPassword
Next, we’ll need to hash that file so that it’s more secure. First, make sure that /etc/postfix is owned by the postfix user, or you’ll get an error message stating “postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied”:
sudo chown postfix /etc/postfix postmap hash:/etc/postfix/sasl_passwd
The files /etc/postfix/sasl_passwd and /etc/postfix/sasl_passwd.db will both still exist on your computer even after hashing. Please make sure that both are owned by user and group root. Set the file permissions to 640 for both files.
Edit the /etc/postfix/main.cf configuration file, and add the following lines at the end:
#Set the relayhost to the Gmail SMTP server relayhost = smtp.gmail.com:587 #Set the required TLS options smtp_tls_security_level = secure smtp_tls_mandatory_protocols = TLSv1 smtp_tls_mandatory_ciphers = high smtp_tls_secure_cert_match = nexthop #Check that this path exists -- these are the certificates used by TLS smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt #Set the sasl options smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous
Restart postfix with this command: service postfix restart
Other notes:
The CentOS minimal install does not include the mail command – run yum install mail to install.
Send a test message by using the format: echo “Test email” | mail -s “This is a test” youremail@domain.com
Make sure to chown postfix /etc/postfix or you will get a fatal error when using postmap.
More reading: http://charlesa.net/tutorials/centos/centosgmail.php
Set postfix to only use ipv4 to fix ipv6 routing issues with gmail:
http://linuxmoz.com/google-mail-ipv6-network-is-unreachable-postfix-ipv4-only-fix/
Didn’t work for me on CentOS 6.4.
“530-5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257”
User/pass are correct, even tried setting world-readable password file.
Omar, having the same issue, can’t seem to authenticate to gmail, have you resolved or found a link; thanks!
Works fine !!
Thanks.
Excellent! Tested OK with CentOS 6.4, with account on Google Apps for Enterprise. Thanks for the link to restrict postfix to IPv4, too!
There seems to be an issue.. perhaps it is with 64bit Centos 6.4..
after executing
” postmap hash:/etc/postfix/sasl_passwd ”
There was no output good or bad, so i decided to look closer, turns out it creates a new file called sasl_passwd.db wich appears to be encrypted, however sasl_passwd file remains untouched, and very much intact.
Awesome! Tried almost everything with sendmail with no result. Finally was in the verge of giving up when I stumbled on this site. Worked the first time.
Note: I did a clean install, also set to ipv4 from the link above. Was done on Centos 6.2. Stopped sendmail and installed postfix.
i worked with eyesofnetwork in centos
i want to connect my virtual machine to internet in order to receive mails from postfix
may anyone help me please 🙂
Awesome! You’re the man! Worked like a champ. Now my Nagios alerts are going out.
Centos 6.4 x64.
I’m glad this helped!
Steve
Must ensure that :
yum install cyrus-sasl{,-plain}
Thanks for the note.
Steve
Thanx lot, this was solved my problem, if selinux is enabled then we need to use the following command,
/usr/sbin/getsebool httpd_can_sendmail
which will report
httpd_can_sendmail –> {on|off}
and if it is off, you can turn it on using
sudo setsebool -P httpd_can_sendmail 1
Thanks very much !
Works like a charm, CentOS 65. and Nagios Core 4.0.4
Thanks
Tested on centos 6.5 64 bits and work fine!
It does not work for me :
SASL authentication failed; server smtp.gmail.com[74.125.206.108] said: 534-5.7.14 Please log in via your web browser and then try again.?534-5.7.14 Learn more at?534 5.7.14 https://support.google.com/mail/bin/answer.py?answer=78754 n4sm18275231wjb.40 – gsmtp
Nov 2 14:22:23 ns384574 postfix/smtp[17702]: 0348A37C006A: to=, relay=smtp.gmail.com[74.125.206.109]:587, delay=95163, delays=95163/0.03/0.49/0, dsn=4.7.14, status=deferred (SASL authentication failed; server smtp.gmail.com[74.125.206.109] said: 534-5.7.14 Please log in via your web browser and?534-5.7.14 then try again.?534-5.7.14 Learn more at?534 5.7.14 https://support.google.com/mail/bin/answer.py?answer=78754 da3sm18636144wjb.12 – gsmtp)
I got the same issue.
But I resolved that by going into my gmail account and making a settign change to allow gmail to get unsecure apps.
Basically I got a security warning email from gmail and I had to take an action for it by visitng the site: https://www.google.com/settings/security/lesssecureapps
Hi XXXXXX,
You recently changed your security settings so that your Google Account [sanjay.vijayasundaram@gmail.com] is no longer protected by modern security standards.
If you did not make this change
Please review your Account Activity page at https://security.google.com/settings/security/activity to see if anything looks suspicious. Whoever made the change knows your password; we recommend that you change it right away.
If you made this change
Please be aware that it is now easier for an attacker to break into your account. You can make your account safer again by undoing this change at https://www.google.com/settings/security/lesssecureapps then switching to apps made by Google such as Gmail to access your account.
Sincerely,
The Google Accounts team
THANKS MAN…. U SAVED MY LIFE 😀
it doesn’t work for me. here is the maillog file :
warning: SASL authentication failure: no secret in database
any idea ?
mail3 postfix/smtp[11624]: 0E2E760790: to=, relay=none, delay=0.22, delays=0.12/0.09/0.01/0, dsn=4.4.1, status=deferred (connect to smtp.x.x[w.w.w.w]:456: No route to host)
For me mail3 is the hostname of the postfix server. I am trying to send mail using the smtpserver smtp.y.y by assigning the relayhost=smtp.y.y . Email is being sent from the postfix server using mail command where example@x.x is my email address.
In short, I am will be using postfix as relay server so that the mail send using this server will be pushed to another smtp server .
I had the SAS Authentication error and did the following to resolve:
sudo vi /etc/postfix/main.cf:
I added this line anywhere in the file:
smtpd_sasl_auth_enable = yes
I also had to edit my user/pass file again because the username was incorrect.
vi /etc/postfix/sasl_passwd
I also changed my password on GMAIL.
In addition to that, I had to restart the server, restarting postfix wasn’t enough. If I were you, I would try with just adding the smtpd_sasl_auth_enable = yes line and rebooting the server before you go changing your gmail password.
Good Luck!
Its Works
Thanks
Tested on centos 6.7 64 bits and work fine!
Thank you VERY MUCH !