Configuring Postfix as a Gmail Relay on CentOS
This tutorial should work on any distro based on RedHat, but I have
only tested it on CentOS 6.4.
You will need to run the commands as root.
I found a ton of how-tos and tutorials on how to set up Postfix as a Gmail relay, but most of them required making a client certificate or were incomplete. After fighting with getting Postfix set up on CentOS 6.1, and browsing the internet for many, many days, I finally got it working. Part of the configuration is based on the pages found here and here.
Installing Postfix is easy, just run this command as root:
yum install postfix mailx cyrus-sasl-plain
Thanks to Jonathan for pointing that out.
Basically, you need to create a password file so that Postfix can authenticate to Gmail's servers. You do this by creating a file named sasl_passwd in /etc/postfix. Replace smtp_user and smtp_passwd with their respective values.
echo "smtp.gmail.com smtp_user:smtp_passwd" > /etc/postfix/sasl_passwd
You then hash that file so that the password is not stored in clear text. This command will create a file named sasl_passwd.db in the /etc/postfix/ directory.
After that is done, add these to the bottom of /etc/postfix/main.cf. This is assuming that your root certificates installed from openssl are located in /etc/pki/tls/certs/ca-bundle.crt.
smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous # Secure channel TLS with exact nexthop name match. smtp_tls_security_level = secure smtp_tls_mandatory_protocols = TLSv1 smtp_tls_mandatory_ciphers = high smtp_tls_secure_cert_match = nexthop smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt relayhost = smtp.gmail.com:587
After that is done, restart postfix:
service postfix restart
Now test it to make sure it is working. Run this:
Fill in the subject, put something in the body and then type a . and hit enter.
If all went well, you should get an email at the email address you entered. If you do, you can delete the file that has the password.
If it did not work, check the log to see what happened.
Everything should be good after you get everything set up, so enjoy your new SMTP relay!