Difference between revisions of "Outgoing mail via gmail"

From Amahi Wiki
Jump to: navigation, search
(first version)
 
Line 5: Line 5:
 
First of all, install postfix and remove sendmail: <br>
 
First of all, install postfix and remove sendmail: <br>
  
# yum -y install postfix<br>
+
    yum -y install postfix<br>
# yum -y remove sendmail<br>
+
    yum -y remove sendmail<br>
 
Openssl and openssl-perl are needed to generate certificates and create SSL connections to GMail<br>
 
Openssl and openssl-perl are needed to generate certificates and create SSL connections to GMail<br>
 
Openssl should be installed already, but to be sure: <br>
 
Openssl should be installed already, but to be sure: <br>
# yum -y install openssl openssl-perl<br>
+
    yum -y install openssl openssl-perl<br>
 
A Certificate Authority is needed to create the necessary certificates. You can skip the next paragraph if you already have one:<br>
 
A Certificate Authority is needed to create the necessary certificates. You can skip the next paragraph if you already have one:<br>
  
# cd /etc/pki/tls/misc<br>
+
    cd /etc/pki/tls/misc<br>
# ./CA.pl –newca<br>
+
    ./CA.pl –newca<br>
  
 
*You will be prompted for the file name, hit enter to create a new CA.
 
*You will be prompted for the file name, hit enter to create a new CA.
Line 20: Line 20:
 
*For the Common Name, type “CA” (without quotes).  
 
*For the Common Name, type “CA” (without quotes).  
 
*Take defaults for everything else and when prompted enter the passphrase from above.<br>
 
*Take defaults for everything else and when prompted enter the passphrase from above.<br>
Now a key that is sent to GMail to start the SSL encryption will be created: <br>
+
Now a key that is sent to GMail to start the SSL encryption will be created: <br>
  
# cd /etc/pki/tls<br>
+
    cd /etc/pki/tls<br>
# mkdir gmail_relay<br>
+
    mkdir gmail_relay<br>
# cd gmail_relay<br>
+
    cd gmail_relay<br>
# openssl genrsa -out server.key 1024<br>
+
    openssl genrsa -out server.key 1024<br>
# openssl req -new -key server.key -out server.csr<br>
+
    openssl req -new -key server.key -out server.csr<br>
 
You will be prompted for country etc. like when creating the CA. Enter the same values. <br>
 
You will be prompted for country etc. like when creating the CA. Enter the same values. <br>
 
As Common Name, now enter the name of your server, FQDN or not, your choice. <br>
 
As Common Name, now enter the name of your server, FQDN or not, your choice. <br>
# openssl ca -out server.pem -infiles server.csr<br>
+
    openssl ca -out server.pem -infiles server.csr<br>
 
You will need to enter your passphrase again at this point.<br>
 
You will need to enter your passphrase again at this point.<br>
 
When asked if you want to sign the key, answer  yes, same when asked if to commit it.
 
When asked if you want to sign the key, answer  yes, same when asked if to commit it.
Line 36: Line 36:
 
You do not need to change anything else in it, as the last setting for any option is the one that is saved.
 
You do not need to change anything else in it, as the last setting for any option is the one that is saved.
  
#### GMail SSL SMTP Relay
+
  #### GMail SSL SMTP Relay
relayhost = [smtp.gmail.com]:587
+
  relayhost = [smtp.gmail.com]:587
  
#auth
+
  #auth
smtp_sasl_auth_enable=yes
+
  smtp_sasl_auth_enable=yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+
  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 +
 
 +
  #tls
 +
  smtp_use_tls = yes
 +
  smtp_sasl_security_options = noanonymous
 +
  smtp_sasl_tls_security_options = noanonymous
 +
  smtp_tls_note_starttls_offer = yes
 +
  tls_random_source = dev:/dev/urandom
 +
  smtp_tls_scert_verifydepth = 5
 +
  smtp_tls_key_file=/etc/pki/tls/gmail_relay/server.key
 +
  smtp_tls_cert_file=/etc/pki/tls/gmail_relay/server.pem
 +
  smtpd_tls_ask_ccert = yes
 +
  smtpd_tls_req_ccert =no
 +
  smtp_tls_enforce_peername = no<br>
  
#tls
 
smtp_use_tls = yes
 
smtp_sasl_security_options = noanonymous
 
smtp_sasl_tls_security_options = noanonymous
 
smtp_tls_note_starttls_offer = yes
 
tls_random_source = dev:/dev/urandom
 
smtp_tls_scert_verifydepth = 5
 
smtp_tls_key_file=/etc/pki/tls/gmail_relay/server.key
 
smtp_tls_cert_file=/etc/pki/tls/gmail_relay/server.pem
 
smtpd_tls_ask_ccert = yes
 
smtpd_tls_req_ccert =no
 
smtp_tls_enforce_peername = no
 
 
Create /etc/postfix/sasl_passwd file with your GMail login credentials that looks like below:
 
Create /etc/postfix/sasl_passwd file with your GMail login credentials that looks like below:
  
gmail-smtp.l.google.com user@gmail.com:password<br>
+
  gmail-smtp.l.google.com user@gmail.com:password<br>
smtp.gmail.com user@gmail.com:password<br>
+
  smtp.gmail.com user@gmail.com:password<br>
  
 
Obviously, you need to change ‘’user’’ to your username and ‘’password’’ to your gmail password. <br>
 
Obviously, you need to change ‘’user’’ to your username and ‘’password’’ to your gmail password. <br>
Line 64: Line 65:
 
Create the password  database: <br>
 
Create the password  database: <br>
  
# postmap hash:/etc/postfix/sasl_passwd
+
    postmap hash:/etc/postfix/sasl_passwd
  
  
 
     Protect the files with your GMail login data:
 
     Protect the files with your GMail login data:
  
     # chmod 600 /etc/postfix/sasl_passwd
+
     chmod 600 /etc/postfix/sasl_passwd
     # chmod 600 /etc/postfix/sasl_passwd.db
+
     chmod 600 /etc/postfix/sasl_passwd.db
     # chown postfix /etc/postfix/sasl_passwd
+
     chown postfix /etc/postfix/sasl_passwd
     # chown postfix /etc/postfix/sasl_passwd.db
+
     chown postfix /etc/postfix/sasl_passwd.db<br>
    Restart Postfix and enjoy having your email from your server sent through your GMail account:
+
 
 +
Restart Postfix
 +
 
 +
    /etc/init.d/postfix restart
 +
 
 +
Now try sending a mail, it should reach your gmail account.
  
    # /etc/init.d/postfix restart
+
See also:
 +
[[Amahi_Mail_-_The_Free_Way]], not working on F14, yet.
 +
[[Forward_System_Emails]]
 +
[[Enable_Outgoing_Mail]], not working on F14, yet.
 +
[[Monitor_System_Logs_via_E-mail]]

Revision as of 18:45, 9 March 2011

Send mail through your HDA using your gmail account

Warning: Only try this if you know what you’re doing.

I took the information from this page http://carlton.oriley.net/blog/?p=31 and modified them slightly for Fedora 14 / Amahi 6.

First of all, install postfix and remove sendmail:

   yum -y install postfix
yum -y remove sendmail

Openssl and openssl-perl are needed to generate certificates and create SSL connections to GMail
Openssl should be installed already, but to be sure:

   yum -y install openssl openssl-perl

A Certificate Authority is needed to create the necessary certificates. You can skip the next paragraph if you already have one:

   cd /etc/pki/tls/misc
./CA.pl –newca
  • You will be prompted for the file name, hit enter to create a new CA.
  • You will need to enter a passphrase next, be sure to remember it.
  • Choose the Country Name, State or Province Name, Locality Name, Organization Name, and Organizational Unit Name to your liking. Be sure to remember the values, they will be needed in the key creation later.
  • For the Common Name, type “CA” (without quotes).
  • Take defaults for everything else and when prompted enter the passphrase from above.

Now a key that is sent to GMail to start the SSL encryption will be created:

   cd /etc/pki/tls
mkdir gmail_relay
cd gmail_relay
openssl genrsa -out server.key 1024
openssl req -new -key server.key -out server.csr

You will be prompted for country etc. like when creating the CA. Enter the same values.
As Common Name, now enter the name of your server, FQDN or not, your choice.

   openssl ca -out server.pem -infiles server.csr

You will need to enter your passphrase again at this point.
When asked if you want to sign the key, answer yes, same when asked if to commit it.

Add the following to the bottom of the file /etc/postfix/main.cf. You do not need to change anything else in it, as the last setting for any option is the one that is saved.

 #### GMail SSL SMTP Relay
 relayhost = [smtp.gmail.com]:587
 #auth
 smtp_sasl_auth_enable=yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 #tls
 smtp_use_tls = yes
 smtp_sasl_security_options = noanonymous
 smtp_sasl_tls_security_options = noanonymous
 smtp_tls_note_starttls_offer = yes
 tls_random_source = dev:/dev/urandom
 smtp_tls_scert_verifydepth = 5
 smtp_tls_key_file=/etc/pki/tls/gmail_relay/server.key
 smtp_tls_cert_file=/etc/pki/tls/gmail_relay/server.pem
 smtpd_tls_ask_ccert = yes
 smtpd_tls_req_ccert =no
 smtp_tls_enforce_peername = no

Create /etc/postfix/sasl_passwd file with your GMail login credentials that looks like below:

 gmail-smtp.l.google.com user@gmail.com:password
smtp.gmail.com user@gmail.com:password

Obviously, you need to change ‘’user’’ to your username and ‘’password’’ to your gmail password.

Create the password database:

   postmap hash:/etc/postfix/sasl_passwd


   Protect the files with your GMail login data:
   chmod 600 /etc/postfix/sasl_passwd
   chmod 600 /etc/postfix/sasl_passwd.db
   chown postfix /etc/postfix/sasl_passwd
   chown postfix /etc/postfix/sasl_passwd.db

Restart Postfix

   /etc/init.d/postfix restart

Now try sending a mail, it should reach your gmail account.

See also: Amahi_Mail_-_The_Free_Way, not working on F14, yet. Forward_System_Emails Enable_Outgoing_Mail, not working on F14, yet. Monitor_System_Logs_via_E-mail