I realize that there are too many tutorials on getting your Relaying Postfix SMTP via to work. Most of them are long and complicated, but I found a tutorial from this particular website which provides the shortest, simplest, and the clearest tutorial on how to get it work in less than 5 minutes. I would like to post it here for my future use again, so that I don't need to spend hours finding the right tutorial to get it done :)

Install the required packages
sudo aptitude install postfix libsasl2 ca-certificate libsasl2-modules

If you are on Debian 6:
sudo aptitude install postfix libsasl2-2 ca-certificates libsasl2-modules

And select "No configuration", which you will need to manually create the later on.

Configure Postfix
This tutorial will not outline how to configure your postfix server, but we’ll jump directly to the relayhost section. You’ll want to add the following lines to your /etc/postfix/ file:

relayhost = []:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

The above lines are telling Postfix that you want to relay mail through gmail on a specific port, telling it to authenticate, and where to find the username and password. The last three lines specify the authentication types supported, where the certificate authority file is and that it should use tls.

Define Username and Password
Next we’ll need to populate the sasl_passwd file. Create the file /etc/postfix/sasl_passwd with the following contents:


This file should have restrictive permissions and then needs to be translated into a .db that Postfix will read.

sudo chmod 400 /etc/postfix/sasl_passwd
sudo postmap /etc/postfix/sasl_passwd

At this point you can restart Postfix and it should work, however it will complain about not being able to authenticate the certificate. To take care of this issue we’ll use the ca-certificate package we installed and tell it where it can validate the certificate.

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

Go ahead and reload postfix (sudo /etc/init.d/postfix reload) and you should be set.

Published on 23 February 2012 - 8:10pm