Saturday, September 20, 2008

postfix and gmail

Newsvine - Configuring[Ubuntu] Postfix and Gmail in 10+1 Easy Steps
Step 6:

Now we can go back to our postfix configuration and make some changes to the main.cf file and create some other needed files. From this point out, all the things we are checking are meant to make sure Postfix itself is operational and has nothing to do with the certificates we created above.

Check your computer's hostname by looking in the /etc/hostname file. If you are using another Linux system this may be different (/etc/sysconfig/network or the like). To check the hostname file you can simple type $cat /etc/hostname and it will display the information in the terminal. Using this information, we want to make sure everything knows what the hostname is so run the command $sudo hostname bob.com replacing "bob.com" with what ever your hostname file says. This simply makes sure we are in a known state off wellness for the rest of the configuration.

Next move to the /etc/postfix directory, back up main.cf $sudo mv main.cf main.cf.old and open up the main.cf file in your favorite text editor (I think HowTo writers are suppose to say vi to sound cool but you can use gedit or nano if you like):

$sudo gedit main.cf

Copy the following lines to the bottom of your main.cf. Being at the bottom, it will override any settings made at the top that have the same name.

## Add these lines to the bottom on main.cf
##
##


## TLS Settings
#
# For no logs set = 0
smtp_tls_loglevel = 1
#
# smtp_enforce_tls = yes
# Above is commented because doing it site by site below
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
#
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/FOO-cert.pem
smtp_tls_key_file = /etc/postfix/FOO-key.pem
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/run/smtpd_tls_session_cache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

## SASL Settings
# This is going in to THIS server
smtpd_sasl_auth_enable = no
# We need this
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
#smtp_sasl_security_options =
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_application_name = smtpd


## Gmail Relay
relayhost = [smtp.gmail.com]:587

## Good for Testing
# sender_bcc_maps = hash:/etc/postfix/bcc_table

# Disable DNS Lookups
disable_dns_lookups = yes
#
# Great New feature Address Mapping
# for example may mchirico@localhost to mchirico@gmail.com
smtp_generic_maps = hash:/etc/postfix/generic
#
#
transport_maps = hash:/etc/postfix/transport

One of the key entries in this stuff is the GMAIL RELAY section. This is the setting that turns our postfix system into a smarthost configuration. This is what we need to use use gmail's SMTP servers. More importantly. we are using port 587 which is not the SMTP port. This is why using gmail to send our outgoing mail is beneficial... ISPs do not block this port. Also notice that we have what appears to be repeated lines for our certificates. If you look closely however, one is smtp the other is smtpd. One is the configuration for the service, the other is the configuration for the client. Finally you can see a number of 'hash:' lines. The top of your config file will have some hash lines as well. Do not worry about those since the initial setup took care of those. The hashes we refer to need to be created still. Lets go do that now.

Step 7:

Setting up the sasl_passwd file and hash is necessary to log into gmail. Remaining in the /etc/postfix directory issue the command:

$sudo gedit sasl_passwd

This creates a new file in /etc/postfix called sasl_passwd.

Place into that file the following:

[smtp.gmail.com]:587 bms@gmail.com:password

The smtp info needs to remain, but you must change the email address and the password to match your own.

Next we need to make a hash file out of this. Enter $sudo postmap sasl_passwd

That is all we have to do to make the sasl_passwd. Equally exciting is that the other hash files are just as easy to make.

Step 8:

Next create the generic file and hash using the same methods in the last section with this inside:

bms@squeezel.bob.com bms@gmail.com

replace bms@bob.com with your username on your linux box before the '@' sign and your hostname after the '@'. Similarly, replace 'bms@gmail.com' with your gmail address.

Step 9:

Now we need to make the transport file and hash. This is the file that tells postfix how to rout emails it gets.

Open a new text file called transport and enter into it:

# This sends mail to Gmail
gmail.com smtp:[smtp.gmail.com]:587
#
# Except mail going to the tape and closet server
comp1.bob.com relay:[comp1.bob.com]
comp2.bob.com relay:[comp2.bob.com]

What this tells postfix is to send all mail to gmail except for two cases. On my network I have two other computers. One called comp1 the other called comp2. I am telling postfix to send email meant for those two computers directly to them.

Remember to make the hash for the transport file.

Step 10:

We now need to create the tls_per_site file and hash. This is possibly the most important file to create after the main.cf. This file will protect us from "man-in-the-middle" attacks by forcing a secure connection to the remote machine BEFORE we send any passwords.

Create the file tls_per_site and enter:

smtp.gmail.com MUST
comp1.bob.com MUST
comp2.bob.com MUST
p>

Replacing my domains with your domains and making the hash with postmap.. yada yada. The 'MUST' keyword tells postfix to establish a secure connection with those domains before doing any password hanky panky. If you do not want to worry about your local network because it is small like mine and does not rely on wireless networking, then you can use the keyword MAY. Gmail is a MUST however.

Step 10 + 1:

Open master.cf using $sudo gedit master.cf and find the line that reads relay unix - - n - - smtp. It will be a little ways down. Beneath that line, you will probably see a few settings that start with '-o', we will be adding one more. Enter -o smtp_generic_maps= right below the relay line. This entry tells postfix to send out your emails with your gmail address as the originating address rather than your Ubuntu account and domain. When ever you edit the master.cf file you need to reload postfix. To do this simply issue the command
$sudo postfix reload.

That is all there is to it. Make sure your postfix server is started by typing $sudo postfix start. You should now have a working postfix server that sends messages out through gmail's smtp servers. Test it out and make sure it works.

Note: If you check the mail.log file you might notice that your certificate is not validating with gmail. I have not found a reason for this yet but it doe snot seem to impede the function

To fix the errors in you mail.log file follow These Instructions. However, replace Thawte_Premium_Server_CA.pem with Equifax_Secure_CA.pem

69 comments:

Anonymous said...

Fallout 3 DLC Coming To the PS3, New Content Announced on games.slashdot.org/article.pl?sid=09/05/20/0514242

Anonymous said...

xplayer crack
network simulator keygen
tmpgenc plus 2.524 keygen
pdfill form filler 3.0 crack
final draft 7 crack serial
camcorder pro crack
network lookout crack
1st evidence remover crack
xlkeyd crack
scoop script 2004 crack




ultralingua 5 keygen
filemaker 7 keygen
mystical tint tone and color crack
dvdx platinum crack
ad infinitum 2 crack
how to crack a safe combination
microsoft office 2003 standard edition product key crack
password recovery tools crack
cdrwin 5 keygen
power dvd keygen
korg legacy keygen
muvee autoproducer 3 crack
installshield 10.5 crack
interaktivni atlas slovenije crack
folder lock 5.0.3 crack
style master 3.5 crack
hotviewer keygen
gamewiz32 crack
w32dasm crack
tv manager crack
far cry crack no cd
filerestore crack
image comparer 2.1 crack

Anonymous said...

[url=http://tinyurl.com/getvpn][b]Click here to get VPN service![/b][/url]

[b]Anonymous surfing[/b]
Using our service you'll be fully anonymous in the Internet. Hide your IP address, and nobody will know that strange visitor from Germany ( Great Britain, Estonia and so ), is you.

[b]Full access to network[/b]
You can use any services, access any sites and use any software with us. BitTorrent, Skype, Facebook, MySpace, Twitter, Pocker .. we have no restrictions.

[b]Traffic protection[/b]
Don't worry, from this moment all you data will be protected using 256 bit Blowfish encryption algorithm. Nobody can access your internet data.

[b]Wide variety of countries[/b]
You can choose one of over twenty high speed servers located in different parts of the world, from South America coast to islands in Indian Ocean.

Related keywords:
anonymous surfing review
proxy server vpn
anonymous secure surfing
proxy vpn
anonymous vpn free
internet explorer vpn
vpn dial up
ssl vpn
Traffic protection
anonymous surfing freeware
anonymous surfing software
vtunnel
anonymous surfing vpn
best anonymous browser
surf the web anonymous
best anonymous surfing
anonymizer anonymous surfing review
firefox anonymous surfing
Virtual Private Networks
Free Vpn Client Software
anonymous surfing software
[url=http://dasbmw.ru] anonymous surfing software[/url]
[url=http://seobraincenter.ru] anonymous proxy[/url]

Anonymous said...

[url=http://tinyurl.com/getvpn][b]Click here to get VPN service![/b][/url]

[b]Anonymous surfing[/b]
Using our service you'll be fully anonymous in the Internet. Hide your IP address, and nobody will know that strange visitor from Germany ( Great Britain, Estonia and so ), is you.

[b]Full access to network[/b]
You can use any services, access any sites and use any software with us. BitTorrent, Skype, Facebook, MySpace, Twitter, Pocker .. we have no restrictions.

[b]Traffic protection[/b]
Don't worry, from this moment all you data will be protected using 256 bit Blowfish encryption algorithm. Nobody can access your internet data.

[b]Wide variety of countries[/b]
You can choose one of over twenty high speed servers located in different parts of the world, from South America coast to islands in Indian Ocean.

Related keywords:
anonymous surfing review
proxy server vpn
anonymous secure surfing
proxy vpn
anonymous vpn free
internet explorer vpn
vpn dial up
ssl vpn
Traffic protection
anonymous surfing freeware
anonymous surfing software
vtunnel
anonymous surfing vpn
best anonymous browser
surf the web anonymous
best anonymous surfing
anonymizer anonymous surfing review
firefox anonymous surfing
Virtual Private Networks
Free Vpn Client Software
anonymous surfing software
[url=http://dasbmw.ru] anonymous surfing software[/url]
[url=http://seobraincenter.ru] anonymous proxy[/url]
[url=http://carlwebster.com/members/Alexander-Pwnz.aspx]Buy Cheap Zoloft[/url]

Anonymous said...

[url=http://tinyurl.com/getvpn][b]Click here to get VPN service![/b][/url]

[b]Anonymous surfing[/b]
Using our service you'll be fully anonymous in the Internet. Hide your IP address, and nobody will know that strange visitor from Germany ( Great Britain, Estonia and so ), is you.

[b]Full access to network[/b]
You can use any services, access any sites and use any software with us. BitTorrent, Skype, Facebook, MySpace, Twitter, Pocker .. we have no restrictions.

[b]Traffic protection[/b]
Don't worry, from this moment all you data will be protected using 256 bit Blowfish encryption algorithm. Nobody can access your internet data.

[b]Wide variety of countries[/b]
You can choose one of over twenty high speed servers located in different parts of the world, from South America coast to islands in Indian Ocean.

Related keywords:
anonymous surfing review
proxy server vpn
anonymous secure surfing
proxy vpn
anonymous vpn free
internet explorer vpn
vpn dial up
ssl vpn
Traffic protection
anonymous surfing freeware
anonymous surfing software
vtunnel
anonymous surfing vpn
best anonymous browser
surf the web anonymous
best anonymous surfing
anonymizer anonymous surfing review
firefox anonymous surfing
Virtual Private Networks
Free Vpn Client Software
anonymous surfing software
[url=http://dasbmw.ru] anonymous surfing software[/url]
[url=http://seobraincenter.ru] anonymous proxy[/url]
[url=http://carlwebster.com/members/Alexander-Pwnz.aspx]Buy Cheap Zoloft[/url]

Anonymous said...

My first test blog.
my first test blog
[url=http://tboardu.blog.hr] my first test blog [/url]

Anonymous said...

An interesting blog. The author made a good job! I even wish to advertise here... My blog is dedicated to madden ps3 games. Pls feel free to email me at: editor@xboxformoney.com

Dean said...

greetings to all.
I would first like to thank the writers of this blog by sharing information, a few years ago I read a book called Real Estate Investment costa rica in this book deal with questions like this one.

Anonymous said...

last minute hotel deals reservations hotels, taj hotels, hotel system hotel chains hotel deals australia, breakers hotel, deals on hotels flight and hotel hotel coupons, tune hotel, hotel chains buy cheap viagra online buy viagra cheap, buy cheap viagra, buy viagra in mexico cheap house alarm cheap hotel book, cheapest hotel prices, economy class seats

niz said...

Hello .. firstly I would like to send greetings to all readers. After this, I recognize the content so interesting about this article. For me personally I liked all the information. I would like to know of cases like this more often. In my personal experience I might mention a book called Generic Viagra in this book that I mentioned have very interesting topics, and also you have much to do with the main theme of this article.

Anonymous said...

Thanks for the informative post. It helped me a lot. May the Force be with you.

Anonymous said...

I usually don't post in blogs but your blog forced me to, amazing work.. beautiful !
Order Ultram

Anonymous said...

I usually don't post in blogs but your blog forced me to, amazing work.. beautiful !
Buy Ultram Online

Anonymous said...

You own a very interesting blog covering lots of topics I am interested as well.I just added your site to my favorites so I can read more in the future... Please continue your marvellous work!
Tramadol Buy Online

Anonymous said...

Hello! Excellent site, keep up the good work!
Purchase Cheap Accutane

Anonymous said...

Hello, I think this is the coollest blog I`ve seen. I really like your theme.
Buy Tramadol Online Without A Script

Anonymous said...

buy alprazolam online no prescription xanax withdrawal vertigo - xanax xr dosage information

Anonymous said...

order xanax no prescription xanax withdrawal on 1 mg daily - xanax effects immune system

Anonymous said...

order viagra online viagra online paypal - viagra for women south africa

Anonymous said...

viagra online without prescription buy viagra online fast shipping - cheap female viagra online

Anonymous said...

buy tramadol online tramadol dosage men - can overdose tramadol

Anonymous said...

buy soma soma drug 250 mg - soma x ciel

Anonymous said...

buy soma online buy somatropin thailand - who owns soma san diego

Anonymous said...

buy soma 350mg soma no prescription overnight delivery - buy cheap soma online

Anonymous said...

soma medication order cheap soma online - soma intimates online application

Anonymous said...

soma 350 mg where to order somatropin - buy soma online cheap

Anonymous said...

generic soma generic soma 350 - soma san diego owner

Anonymous said...

buy soma can you buy soma online - buy soma online overnight

Anonymous said...

generic soma kind drug soma - buy soma online us

Anonymous said...

buy soma numbers soma pills - buy soma online credit card

Anonymous said...

soma medication where to buy soma online overnight - 350mg soma value

Anonymous said...

tramadol 50 mg order tramadol online 100mg - buy cheap tramadol overnight

Anonymous said...

can you buy tramadol online best place order tramadol online - 100 mg of tramadol

Anonymous said...

generic cialis cialis online+truffa - cialis 100mg. online

Anonymous said...

discount cialis cialis for bph - can i buy cialis over the counter in usa

Anonymous said...

longchamp qezcspux longchamp sale sxaarkor longchamp bags esfrsfqy longchamp uk xguiubda longchamp bags uk cmcwbgpt

Anonymous said...

xanax online xanax bars 2mg - valium xanax and alcohol

Anonymous said...

generic xanax xanax pill identifier - xanax effects stomach

Anonymous said...

cheap nike air max galfabhk cheap nike free run lfjtrdhf cheap nike shoes pgiutvtt nike air max lqbrzebg nike free run gpmtihkj nike shoes online nhpqympj

Anonymous said...

ugg hxyojiew ugg baratas rnojaees botas ugg kdcezbup ugg australia avghfrzb ugg espa?a yeefpygv

Anonymous said...

generic xanax xanax generic 2mg - xanax drug test bluelight

Anonymous said...

buy tramadol tramadol addiction more drug_warnings_recalls - is buying tramadol online illegal

Anonymous said...

buy carisoprodol carisoprodol 350 mg generic for - carisoprodol tablets dosage

Anonymous said...

xanax online how to order xanax online no prescription - xanax bars strength

Anonymous said...

carisoprodol 350 mg carisoprodol soma watson brand - carisoprodol buy online no prescription

Anonymous said...

buy tramadol tramadol hcl 200mg er - cheap 100mg tramadol

Anonymous said...

buy tramadol tramadol for dogs used by humans - tramadol for ultram

Anonymous said...

xanax online alprazolam 2mg side effects - much 1mg xanax worth

Anonymous said...

cheap cialis cialis online best place buy - buy cialis from usa

Anonymous said...

buy cialis online cialis lilly - buy cialis with prescription

Anonymous said...

cialis online buy cialis online cheap - generic cialis capsules

Anonymous said...

learn how to buy tramdadol buy tramadol health solutions network - tramadol 50mg to get high

Anonymous said...

buy tramadol online tramadol depresion - buy tramadol online in europe

Anonymous said...

buy klonopin online 1 mg klonopin overdose - klonopin jaw

Anonymous said...

buy tramadol online no prescription overnight tramadol used opiate withdrawal - buy tramadol with a mastercard

Anonymous said...

http://landvoicelearning.com/#51438 boompanjang blogspot buy tramadol online - order cheap tramadol cod

Anonymous said...

buy tramadol online buy tramadol 100mg - tramadol with hydrocodone

Anonymous said...

learn how to buy tramdadol tramadol wiki - tramadol for dogs pet meds

Anonymous said...

http://buytramadolonlinecool.com/#30807 buy tramadol online australia no prescription - tramadol hcl 50mg dosage

Anonymous said...

klonopin online pharmacy klonopin yahoo answers - will 2mg klonopin do

Anonymous said...

buy tramadol online where can i order tramadol - can i buy tramadol over the counter

Anonymous said...

buy tramadol with paypal order tramadol online check - buy tramadol online with echeck

Anonymous said...

buy klonopin online klonopin overdose side effects - klonopin 4 weeks pregnant

Anonymous said...

http://southcarolinaaccidentattorney.com/#93385 carisoprodol soma watson brand - carisoprodol 350 mg buy

Anonymous said...

carisoprodol 350 mg carisoprodol drug screen - carisoprodol neutral drug

Anonymous said...

carisoprodol 350 mg carisoprodol online no prescription - carisoprodol ld50

Anonymous said...

geotorelxzp debt consolidation services
credit card consolidation

Anonymous said...

geotorelxzp credit card debt
loan rates

Anonymous said...

here on the website assembled a huge assortment of fresh news [url=http://apple-televizor.ru/]http://apple-televizor.ru/[/url]