Postfix gmail relay

Hi,

I'm trying to setup postfix on my server to relay outgoing emails to smtp.gmail.com.

Here's my configuration

/etc/postfix/main.cf

/etc/postfix/sasl_passwd

/etc/postfix/transport

/etc/hosts

When I try to send an email, it looks successful

/var/log/maillog

Jun 15 12:13:47 myhostname postfix/smtp[17854]: 54030249809E: to=<[email protected]>, relay=smtp.gmail.com[72.14.205.111]:587, delay=15, delays=0.06/0.05/1.5/14, dsn=2.0.0, status=sent (250 2.0.0 OK 1213546427 27sm882051qbw.19)

But in my gmail, I receive a bounce because google filters my email as spam

Since I saw a lot of posts saying that postfix relay to gmail works for them, the only reason I can think that can cause my mail to be rejected by google is DNS.

For those of you that were able to make this work, did you have to create an A record in DNS for myhostname.mydomain.com and a PTR record for reverse DNS.

If it's not DNS, any idea why my setup is not working

Thanks

 

You should definitely create an A record and also an SPF record for your hostname. Also make sure that the PTR record is ok.

 

Thank you. I will try that.

 

I created an A record and a PTR record for the host I use to relay emails from to my gmail account and an SPF record for my domain name
v=spf1 include:aspmx.googlemail.com ~all

and I still can't send emails from my server using my gmail account. I see the email I sent in my gmail account but I don't see any bounce.

In my logs, all looks ok

HTML:

Jun 30 15:44:31 store postfix/smtp[26109]: 649BA24980B5: to=<[email protected]>, relay=smtp.gmail.com[72.14.205.109]:587, delay=1364, delays=1362/0.05/0.75/1.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1214855071 k8sm6697487qba.5)

Can you please help me find out why my setup still does not work

 

Your spf record is not correct, you are claiming you only send mail from gmail and yet your server is not on googles network.

 

I thought that I needed to put include:aspmx.googlemail.com so that mail from my domain that comes from gmail will be accepted since I'm relaying all my outgoing mails with my gmail account.

But you are correct. There is a mistake in my SPF. I forgot to put my own domain name as an authorized sender. So I changed it to

v=spf1 a:mydomain.com include:aspmx.googlemail.com -all

But mail still is not delivered by gmail, no bounce.

I don't understand what's wrong, can someone please help.

 

Can someone please help

 

I just tried to send an email from my server to my gmail account and it worked. Does that mean that gmail allow only relaying mails if the destination of the email is my own gmail email adrress or any gmail email adresses. Can you please confirm if you were able to relay email through gmail to non gmail destination emails.

Thanks

 

The purpose of relaying is that you can send emails also to non-gmail addresses, so there's still something wrong.

 

So I found the problem.

I made a mistake when I typed my domain in

myhostname = myhostname.mydomain.com
mydomain = mydomain.com

Now it works well.

The only things to fix now are:

1- how to send an alias as the originator of the mail instead of the local unix account to replace

From: root <[email protected]> by

From: xxx <[email protected]>

I tried to add in my main.cf

alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases

and I run

postalias /etc/postfix/aliases

Here's the content of /etc/postfix/aliases

root: xxx

I also tried to use the generic file. Here's the content

[email protected] [email protected]

But neither works.

2- how to deliver local mail like logwatch locally instead of through gmail since I gmailis not able to deliver mail to my domain because I don't have an MX record in DNS and I'm not sure if I can create one that points to google MX.

Here's my transport file

mydomain.com local:
.mydomain.com local:
* smtp:[smtp.gmail.com]:587

3- When I check the message header in the recepient account, I see

Received: from myhostname.mydomain.com ( [my public ip address])
by mx.google.com with ESMTPS id p31sm2455504qbp.6.2008.07.05.05.40.57
(version=TLSv1/SSLv3 cipher=RC4-MD5);
Sat, 05 Jul 2008 05:40:58 -0700 (PDT)
Received: from myhostname.mydomain.com (unknown [127.0.0.1])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by myhostname.mydomain.com (Postfix) with ESMTP id 829F524980AC
for <[email protected]>; Sat, 5 Jul 2008 08:40:18 -0400 (EDT)
Received: (from root@localhost)
by myhostname.mydomain.com (8.14.2/8.14.2/Submit) id m65CeI0s006336
for [email protected]; Sat, 5 Jul 2008 08:40:18 -0400
Date: Sat, 5 Jul 2008 08:40:18 -0400
From: root <[email protected]>

How can I fix my configuration to get rid of references to unknown [127.0.0.1] and (from root@localhost).

Im my /etc/hosts, I only put my public ip address. I removed localhost and 127.0.0.1.

4- Each time I reboot my server, postfix fails to start. I don't know why. When I execute the script manually to start the service, it works.

Here's my init script

#!/bin/bash

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

[ -x /usr/sbin/postfix ] || exit 0
[ -d /etc/postfix ] || exit 0
[ -d /var/spool/postfix ] || exit 0

RETVAL=0

start() {
# Start daemons.
echo -n "Starting postfix: "
alias_database=$(postconf -h alias_database 2>/dev/null)
RETVAL=1
[ -z "$alias_database" ] && {
failure "determination of alias_database"
echo
return 0
}
/usr/sbin/postalias ${alias_database//,} 2>/dev/null
RETVAL=$?
[ $RETVAL -ne 0 ] && {
failure "postalias $alias_database"
echo
return 0
}
/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix
echo
return $RETVAL
}

stop() {
# Stop daemons.
echo -n "Shutting down postfix: "
/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix
echo
return $RETVAL
}

reload() {
echo -n "Reloading postfix: "
/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure
RETVAL=$?
echo
return $RETVAL
}

abort() {
/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure
return $?
}

flush() {
/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure
return $?
}

check() {
/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure
return $?
}

restart() {
stop
start
}

# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
abort)
abort
;;
flush)
flush
;;
check)
check
;;
status)
status master
;;
condrestart)
[ -f /var/lock/subsys/postfix ] && restart || :
;;
*)
echo "Usage: postfix {start|stop|restart|reload|abort|flush|check|status|condrestart}"
exit 1
esac

exit $?

Here's the chkconfig output

# chkconfig --list | grep postfix
postfix 0ff 1ff 2n 3n 4n 5n 6ff

Thank you for heping me resolve these issues.

 

You must set the correct sender address in your email client.

Which distribution are you using? Any errors in your mail logs?

 

Thank you Falko for your answer.

1- So there is no way to force my gmail email address as the sender of all the emails from all accounts of my server.

The only way is to do it on the client. Is that it ?

I thought smtp_generic_maps = hash:/etc/postfix/generic is supposed to do just that as per the doc. But the from field in the message header at the receipient shows root <[email protected]>. So the email adress is correct but the name is still the local user account.

4- I use fedora FC 8. I checked /var/log/messages and it looks like the issue is related to selinux policy.

setroubleshoot: SELinux is preventing master (postfix_master_t) "read write" to ./master.pid (var_run_t). For complete SELinux messages. run sealert -l a907be07-4f94-4f07-87b5-f09524a884ec

Raw Audit Messages

host=myhostname.mydomain.com type=AVC msg=audit(1215395831.39:10): avc: denied { read write } for pid=2214 comm="master" name="master.pid" dev=dm-1 ino=38371404 scontext=system_u:system_rostfix_master_t:s0 tcontext=system_ubject_r:var_run_t:s0 tclass=file

host=myhostname.mydomain.com type=SYSCALL msg=audit(1215395831.39:10): arch=c000003e syscall=2 success=no exit=-13 a0=2aaaaacf57a0 a1=2 a2=0 a3=0 items=0 ppid=2213 pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="master" exe="/usr/libexec/postfix/master" subj=system_u:system_rostfix_master_t:s0 key=(null)

Here's what I have in maillog when I restart the server

postfix/postfix-script[14004]: stopping the Postfix mail system
postfix/postfix-script[14007]: waiting for the Postfix mail system to terminate
postfix/postfix-script[14010]: waiting for the Postfix mail system to terminate
postfix/postfix-script[14013]: waiting for the Postfix mail system to terminate
postfix/postfix-script[14016]: waiting for the Postfix mail system to terminate
postfix/postfix-script[14019]: waiting for the Postfix mail system to terminate
postfix/postfix-script[14021]: warning: stopping the Postfix mail system with force
postfix/postfix-script[2215]: fatal: the Postfix mail system is already running

I'm not sure what to do to fix this. I don't know selinux that well.

Any answer for 2 and 4, anybody.

 

Please disable SELinux (see chapter 7 on http://www.howtoforge.com/fedora-8-server-lamp-email-dns-ftp-ispconfig-p3 ).

 

I updated selinix package to update the policies and restarted the server.

Now postfix starts correctly.

Does anyone have an answer for my other questions.

Special thanks for Falko for his help to fix my issues.