This method has been tested on the Free PBX Distro versions 1.811.210.57-2 and 4.211.64-8 with excellent results.
When setting out to configure Postfix to use Gmail as a relay many how-to’s were found but most of them were either incomplete or complex, however, a tutorial by Charles Auer at http://charlesa.net/tutorials/centos/postfix-as-gmail-relay-centos.php provided all the information necessary to set up Postfix as a Gmail relay on FreePBX Distro Systems.
Here are simple instructions derived from that tutorial:
-
A working Gmail account is required. If more than one FreePBX system is involved the best way is to open a new Gmail account for each FreePBX system. This makes identifying which system an email came from very simple.
-
Using Putty or a similar SSL client log on to the PBX system as root.
-
A password file needs to be created so that Postfix can authenticate to Gmail’s servers. This is done by creating a file named sasl_passwd in /etc/postfix. Replace smtp_user and smtp_passwd with their respective values for the Gmail account and run the following command:
echo “smtp.gmail.com smtp_user:smtp_passwd” > /etc/postfix/sasl_passwd
- Then hash that file so that the password is not stored in clear text. This command will create a file named sasl_passwd.db in the /etc/postfix/ directory when run:
postmap hash:/etc/postfix/sasl_passwd
- After that step is completed use Nano or Vi editors to add the following lines to the bottom of /etc/postfix/main.cf. This assumes that the root certificates installed from open ssl are located in /etc/pki/tls/certs/ca-bundle.crt which has proved to be the case with the versions of the FreePBX Distro tested:
Use Gmail as a relay for Postfix
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
Secure channel TLS with exact nexthop name match.
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
relayhost = smtp.gmail.com:587
- Now restart Postfix with this command:
service postfix restart
- Now test it to make sure it is working. Run the following command replacing email and domain with the values for the email address that is to receive the email:
mail email@domain
Fill in the subject, put something in the body and then type Control D twice. If all went well an email should be received at the email address entered. If so, delete the unencrypted password file with the following command:
rm /etc/postfix/sasl_passwd
-
That’s it everything should be good to go and the system should be sending out emails for voice mail, alerts, intrusions etc.
-
If it did not work, check the log to see what happened by running:
tail /var/log/maillog
- This work is based on the work of Charles Auer, unless otherwise stated and is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License