HOW-TO: Quickly Setup Postfix with Gmail
Contents
Overview
When Two-Factor Authentication (2FA) is enabled, Gmail is preconfigured to refuse connections from applications like Postfix that don’t provide the second step of authentication. While this is an important security measure that is designed to restrict unauthorized users from accessing your account, it hinders sending mail through some SMTP clients as you’re doing here. Follow these steps to configure Gmail to create a Postfix-specific password:
- Log in to your email, then click the following link: Manage your account access and security settings. Scroll down to “Password & sign-in method” and click 2-Step Verification. You may be asked for your password and a verification code before continuing. Ensure that 2-Step Verification is enabled.
- Click the following link to an App password for Postfix:
Step-By-Step
sudo apt-get update && sudo apt-get upgrade
sudo apt-get install libsasl2-modules postfix
sudo vi /etc/postfix/sasl/sasl_passwd
[smtp.gmail.com]:587 [email protected]:OneTimePassword
sudo postmap /etc/postfix/sasl/sasl_passwd
sudo vi /etc/postfix/main.cf
relayhost = [smtp.gmail.com]:587
# Enable SASL authentication
smtp_sasl_auth_enable = yes
# Disallow methods that allow anonymous authentication
smtp_sasl_security_options = noanonymous
# Location of sasl_passwd
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
# Enable STARTTLS encryption
smtp_tls_security_level = encrypt
# Location of CA certificates
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
sudo systemctl restart postfix
mail -s "Hello World" [email protected] < /dev/null
# or mutt
sudo apt install mutt
mutt -s "Hello World" [email protected] < /dev/null