matthew hawthorne

Postfix: Configuring Gmail as Relay

I recently had to re-provision a VM which I use to run a bunch of cron jobs and email me reports. I use Ubuntu as my OS, Postfix as my mail server, and Gmail for my email account.

The details to make this happen can be found in quite a few places online, but the information was a bit scattered and didn’t match my situation exactly.

Step 1. Edit /etc/postfix/

# sets gmail as relay
relayhost = []:587

#  use tls

# use sasl when authenticating to foreign SMTP servers
smtp_sasl_auth_enable = yes

# path to password map file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

# list of CAs to trust when verifying server certificate
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

# eliminates default security options which are imcompatible with gmail
smtp_sasl_security_options =

If you need further debugging you can add these:

Step 2. Add Gmail creds to /etc/postfix/sasl_passwd

[]:587  username:password

Step 3. Run sudo postmap /etc/postfix/sasl_passwd

Make sure the /etc/sasl_passwd* files are owned by the postfix user:

sudo chown postfix sasl_passwd*

Step 4. Run /etc/init.d/postfix reload


1. No TLS

status=bounced (host[] said: 530 5.7.0 Must issue a STARTTLS command first. s9sm727762ybm.8 (in reply to MAIL FROM command))

You're missing smtp_use_tls=yes in

2. Unknown CA

certificate verification failed for[]:587: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

You're missing smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt in

© matthew hawthorne 2011-2023