In this article we are going to configure Postfix to relay mail through Gmail’s SMTP server on Ubuntu 18.04 & 16.04. If you want to use a SMTP server other than Gmail, please see How to configure Postfix to use an External SMTP Server.

Prerequisites

If your Gmail account uses 2-Step Verification, you must create an application specific password.

If you’re not using 2-Step Verification, please ensure that your Gmail account is configured to allow less secures apps.

1. Install Postfix

If you’ve already installed Postfix, skip to step 2.

Let’s update the package database first.

sudo apt-get update

Install mailutils, which will automatically install Postfix.

sudo apt install -y mailutils

On the first Postfix configuration screen, select OK by pressing TAB and ENTER

Select Internet Site and press ENTER.

System mail name should be your domain name eg. example.com, press ENTER.

Package should now be installed.

2. Configure Postfix

Edit the Postfix configuration file.

sudo nano /etc/postfix/main.cf

Find the following line relayhost = about 6 lines up from the bottom of the file and delete it.

Add the following to the end of the file.

/etc/postfix/main.cf

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

Save file and exit. (Press CTRL + X, press Y and then press ENTER)

3. Create Password and DB Files

Create the sasl_passwd file which will store our credentials.

sudo nano /etc/postfix/sasl_passwd

Insert the following:

/etc/postfix/sasl_passwd

[smtp.gmail.com]:587 [email protected]:password

Replace username and password with your own.

Save file and exit. (Press CTRL + X, press Y and then press ENTER)

Create a hash database file for Postfix with the postmap command.

sudo postmap /etc/postfix/sasl_passwd

There should now be a file called sasl_passwd.db in the /etc/postfix/ directory.

For added security, we will only allow root user to read and write to sasl_passwd and sasl_passwd.db

sudo chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

sudo chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db

4. Sign Certificate

Now we are going to create the certificate.

cat /etc/ssl/certs/thawte_Primary_Root_CA.pem | sudo tee -a /etc/postfix/cacert.pem

There should now be a certificate file called cacert.pem in /etc/postfix

5. Send a Test Mail

We’ll now send a test email message. Make sure to replace [email protected] with your own email address.

echo "Test Email message body" | mail -s "Email test subject" [email protected]

Don’t forget to check your spam folder.

If you still haven’t received any mail, check the mail error log.

sudo tail /var/log/mail.log

If the mail log is empty or doesn’t exist, try parsing the syslog. This will return the last 50 entries for postfix.

sudo tail -f -n 50 /var/log/syslog | grep postfix

If the syslog is empty and you still haven’t received any test email, it’s possible that the test email was rejected by the recipient server. You should check to see if anything has bounced back to your mail folder.

sudo less /var/mail/$(whoami)

Press uppercase G to scroll to the bottom of the file and lowercase q to quit. The $(whoami) variable returns the currently logged in user.

Note: Sending Mail to Your Own Domain

If you ever intend to send email from postfix to your own domain, [email protected] for example, postfix may need some further configuration. Please see article Can’t send mail to own domain. Postfix: status=bounced (unknown user: “user”)