Configuring Postfix as a Gmail Relay on FreePBX Distro

I thought I would share this link for those who may have difficulty getting email working:

http://charlesa.net/tutorials/centos/postfix-as-gmail-relay-centos.php

It is very simple and works like a dream!

@Stonet if this tutorial is written by you, if you could please paste it into a forum post, or better yet get the original site owner to join and provide this information if not your original content. We prefer to keep all content actually on freepbx.org as linked site content may disappear at anytime making the post useless without the link for future visitors to the site.

Preston

I have asked the author if he has any objection to it being published on the freepbx site.

Will keep you posted.

This method has been tested on the Free PBX Distro versions 1.811.210.57-2 and 4.211.64-8 with excellent results.

When setting out to configure Postfix to use Gmail as a relay many how-to’s were found but most of them were either incomplete or complex, however, a tutorial by Charles Auer at http://charlesa.net/tutorials/centos/postfix-as-gmail-relay-centos.php provided all the information necessary to set up Postfix as a Gmail relay on FreePBX Distro Systems.

Here are simple instructions derived from that tutorial:

  1. A working Gmail account is required. If more than one FreePBX system is involved the best way is to open a new Gmail account for each FreePBX system. This makes identifying which system an email came from very simple.

  2. Using Putty or a similar SSL client log on to the PBX system as root.

  3. A password file needs to be created so that Postfix can authenticate to Gmail’s servers. This is done by creating a file named sasl_passwd in /etc/postfix. Replace smtp_user and smtp_passwd with their respective values for the Gmail account and run the following command:

echo “smtp.gmail.com smtp_user:smtp_passwd” > /etc/postfix/sasl_passwd

  1. Then hash that file so that the password is not stored in clear text. This command will create a file named sasl_passwd.db in the /etc/postfix/ directory when run:

postmap hash:/etc/postfix/sasl_passwd

  1. After that step is completed use Nano or Vi editors to add the following lines to the bottom of /etc/postfix/main.cf. This assumes that the root certificates installed from open ssl are located in /etc/pki/tls/certs/ca-bundle.crt which has proved to be the case with the versions of the FreePBX Distro tested:

Use Gmail as a relay for Postfix

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

Secure channel TLS with exact nexthop name match.

smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
relayhost = smtp.gmail.com:587

  1. Now restart Postfix with this command:

service postfix restart

  1. Now test it to make sure it is working. Run the following command replacing email and domain with the values for the email address that is to receive the email:

mail email@domain

Fill in the subject, put something in the body and then type Control D twice. If all went well an email should be received at the email address entered. If so, delete the unencrypted password file with the following command:

rm /etc/postfix/sasl_passwd

  1. That’s it everything should be good to go and the system should be sending out emails for voice mail, alerts, intrusions etc.

  2. If it did not work, check the log to see what happened by running:

tail /var/log/maillog

  1. This work is based on the work of Charles Auer, unless otherwise stated and is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License

Or for 25.00 you can buy sysadmin pro which will do all this for you with just defining your gmail info in the GUI.

Error is coming back

Dec 30 18:03:14 localhost postfix/smtp[1976]: warning: SASL authentication failure: No worthy mechs found
Dec 30 18:03:14 localhost postfix/smtp[1976]: 252581DF6A7: to=[email protected], relay=smtp.gmail.com[74.125.193.109]:587, delay=1152, delays=1151/0.01/0.69/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.193.109]: no mechanism available)
Dec 30 18:08:13 localhost postfix/qmgr[1924]: 74F2B1DF6A9: from=[email protected], size=234601, nrcpt=1 (queue active)
Dec 30 18:08:13 localhost postfix/smtp[2010]: connect to smtp.gmail.com[2607:f8b0:4002:c01::6d]:587: Network is unreachable
Dec 30 18:08:13 localhost postfix/smtp[2010]: warning: SASL authentication failure: No worthy mechs found
Dec 30 18:08:13 localhost postfix/smtp[2010]: 74F2B1DF6A9: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.142.108]: no mechanism available
Dec 30 18:08:13 localhost postfix/smtp[2010]: warning: SASL authentication failure: No worthy mechs found
Dec 30 18:08:13 localhost postfix/smtp[2010]: 74F2B1DF6A9: to=[email protected], relay=smtp.gmail.com[74.125.142.109]:587, delay=343, delays=342/0.04/0.78/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.142.109]: no mechanism available)
[root@localhost /]#