Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

Postfix using Gmail as a Mail Relay with Debian 7

Rumi, February 10, 2017

Prerequisites

Before starting this tutorial, you should have:

  • Debian 7 installed
  • Your fully qualified domain name (FQDN)
  • All updates installed :
apt-get update

A valid username and password for the SMTP mail provider, such as Mandrill, or SendGrid
Make sure the libsasl2-modules package is installed and up to date:

apt-get install libsasl2-modules

Installing Postfix

In this section, you will install Postfix and set the domain and hostname. Install Postfix with the following command:

apt-get install postfix

During the installation, a prompt will appear asking for your General type of mail configuration.

Select Internet Site. Enter the fully qualified name of your domain, fqdn.example.com. Once the installation is finished, open the /etc/postfix/main.cf file with your favorite text editor:

nano /etc/postfix/main.cf

Make sure that the myhostname parameter is configured with your server’s FQDN:

/etc/postfix/main.cf
myhostname = fqdn.example.com

Configuring SMTP Usernames and Passwords

Usernames and passwords are generally stored in a file called sasl_passwd in the /etc/postfix/directory. In this section, you’ll add your external mail provider credentials to this file and to Postfix.

Open or create the /etc/postfix/sasl_passwd file, using your favorite text editor:

nano /etc/postfix/sasl_passwd

Add your destination (Gmail SMTP Host), username, and password in the following format including third brackets :):

[smtp.gmail.com]:587 username@gmail.com:password

Create the hash db file for Postfix by running the postmap command:

postmap /etc/postfix/sasl_passwd

If all went well, you should have a new file named sasl_passwd.db in the /etc/postfix/ directory.

Securing Your Password and Hash Database Files

The /etc/postfix/sasl_passwd and the /etc/postfix/sasl_passwd.db files created in the previous steps contain your SMTP credentials in plain text.

For security reasons, you should change their permissions so that only the root user can read or write to the file. Run the following commands to change the ownership to root and update the permissions for the two files:

chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

Configuring the Relay Server

In this section, you will configure the /etc/postfix/main.cf file to use the external SMTP server.

Open the /etc/postfix/main.cf file with your favorite text editor:

nano /etc/postfix/main.cf

Update the relayhost parameter to show Gmail SMTP relay host. Important: If you specified a non-default TCP port in the sasl_passwd file, then you must use the same port when configuring the relayhost parameter in /etc/postfix/main.cf

# specify SMTP relay host 
relayhost = [smtp.gmail.com]:587

At the end of the file, add the following parameters to enable authentication:

nano /etc/postfix/main.cf
# enable SASL authentication 
smtp_sasl_auth_enable = yes
# disallow methods that allow anonymous authentication. 
smtp_sasl_security_options = noanonymous
# where to find sasl_passwd
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# Enable STARTTLS encryption 
smtp_use_tls = yes
# where to find CA certificates
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Save your changes and restart Postfix:

service postfix restart

 

Enable “Less Secure Apps” In Gmail

By default, only the most secure sign-ins, such as logging in to Gmail on the web, are allowed for your Gmail account. To permit relay requests, log in to your Gmail account and turn on Allow less secure apps.

For more information, review the Google Support document “Allowing less secure apps to access your account.”

Allow Other Mailserver to use this system as a gateway

To allow postfix accept email relaying from a specific ip adress, we can edit /etc/postfix/main.cf:

mynetworks = 127.0.0.0/8

to

mynetworks = 127.0.0.0/8, a.b.c.d/e

where a.b.c.d/e is the new group of ip address, or you can simply add one ip address in it. Restart postfix and now postfix will consider a.b.c.d/e as trusted ip and allow email from this ip address relaying email using this postfix mail server.

Testing Postfix

The fastest way to test your configuration is to send an email to any unrelated email address, using the mail command:

echo "body of your email" | mail -s "This is a Subject" -a "From: you@example.com" recipient@elsewhere.com

Resource:

https://www.linode.com/docs/email/postfix/postfix-smtp-debian7

https://www.howtoforge.com/tutorial/configure-postfix-to-use-gmail-as-a-mail-relay/

Administrations Configurations (Linux) GmailPostfixRelay

Post navigation

Previous post
Next post

Comments (4)

  1. wish says:
    January 26, 2018 at 5:55 pm

    How to configure to receive mails to gmail relay?

    Reply
    1. Rumi says:
      February 5, 2018 at 11:39 pm

      Postfix is a MTA SMTP IN and OUT. For Receiving mail in a box, you’ll need something like Dovecot (POP/IMAP). This tutorial is based only to send email and configure a linux box as outbound box. For receiving mails with username@gmail.com– I’m afraid you have to use gmail UI or any mail client such as Thunderbird to download Gmail IMAP mails.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP squid SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin XCP-NG zimbra

Topics

Recent Posts

  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025
  • Enabling Nested Virtualization In Proxmox March 8, 2025
  • How to Modify/Change console/SSH login banner for Proxmox Virtual Environment (Proxmox VE / PVE) March 3, 2025
  • Install Proxmox Backup Server on Debian 12 February 12, 2025

Archives

Top Posts & Pages

  • Install Jitsi on Ubuntu 22.04 / 22.10
©2025 Bots! | WordPress Theme by SuperbThemes