I am running a Postfix mail server on an Apache web server on Ubuntu 18.04.
Problem:
I am able to send emails to my work email address, but I am unable to send them to my Gmail account. They do not even appear in the Spam folder.
I would like to send emails to my Gmail account from this Postfix mail server.
Error in mail.log:
Setup:
Postfix is configured to use SMTP authentication. I have used the commands below to configure it:
sudo postconf -e 'smtpd_sasl_local_domain ='
sudo postconf -e 'smtpd_sasl_auth_enable = yes'
sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
sudo postconf -e 'broken_sasl_auth_clients = yes'
sudo postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
sudo postconf -e 'inet_interfaces = all'
sudo postconf -e 'smtp_tls_security_level = may'
sudo postconf -e 'smtpd_tls_security_level = may'
sudo postconf -e 'smtpd_tls_auth_only = no'
sudo postconf -e 'smtp_tls_note_starttls_offer = yes'
sudo postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/mailserver.key'
sudo postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/mailserver.crt'
sudo postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
sudo postconf -e 'smtpd_tls_loglevel = 1'
sudo postconf -e 'smtpd_tls_received_header = yes'
sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
sudo postconf -e 'tls_random_source = dev:/dev/urandom'
sudo postconf -e 'myhostname = example.com'
In the file /etc/postfix/sasl/smtpd.conf
I have added the lines below:
pwcheck_method: saslauthd
mech_list: plain login
SASL installation and configuration:
sudo apt-get install libsasl2-2 sasl2-bin libsasl2-modules
Then edit /etc/default/saslauthd
:
START=yes
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
Update the dpkg
state:
sudo dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
Create a symlink for the config file:
sudo ln -s /etc/default/saslauthd /etc/saslauthd
Certificate creation:
I have tried with self signed certificates, created by OpenSSL:
sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout mailserver.key -out mailserver.crt -nodes -days 365
sudo openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 365
I also have tried with my trusted SSL certificate that I also use for port 443 of my website. For that I had to concatenate the intermediate certificate with the domain certificate, but I had no CAcert.pem
file after this process.
Do you see obvious flaws in that configuration? Please let me know if you need more details!
Thanks.