[opensuse] smtp gmail STARTTLS
Server imploded and replaced. Trying to get sane setting but roadblocks appearing. Need and appreciate any help with following: Cannot send mail using smtp.gmail.com and cannot figure out problem using google search. Exhausted. debug output from postfix and "postconf -n" are here: https://drive.google.com/file/d/0Bz_BSwX3EmaZWmxyYUo4ZUJBY0k/view?usp=sharin... any and all help appreciated. -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/photos -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/27/2015 09:54 PM, Patrick Shanahan wrote:
Server imploded and replaced. Trying to get sane setting but roadblocks appearing. Need and appreciate any help with following:
Cannot send mail using smtp.gmail.com and cannot figure out problem using google search. Exhausted.
debug output from postfix and "postconf -n" are here:
https://drive.google.com/file/d/0Bz_BSwX3EmaZWmxyYUo4ZUJBY0k/view?usp=sharin...
any and all help appreciated.
if you post it here I can look at it but I don't use a google drives of anything else. Ruben -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/27/2015 09:54 PM, Patrick Shanahan wrote:
Server imploded and replaced. Trying to get sane setting but roadblocks appearing. Need and appreciate any help with following:
Cannot send mail using smtp.gmail.com and cannot figure out problem using google search. Exhausted.
debug output from postfix and "postconf -n" are here:
https://drive.google.com/file/d/0Bz_BSwX3EmaZWmxyYUo4ZUJBY0k/view?usp=sharin...
any and all help appreciated.
PERSONALLY, I think this is a bad idea but... Relay mail via Google SMTP with Postfix <https://blog.wormly.com/2008/11/05/relay-gmail-google-smtp-postfix/> Using Google’s SMTP service to relay your outbound mail is a handy way to be able to send mail from Amazon EC2 instances, or other machines running IP addresses considered to be of dubious quality in the spam fighting world. It’s also quite valuable in that your outbound emails will appear in your GMail sent messages folder and hence appear inline in conversations when your users reply. Setup Instructions These instructions are developed for Centos 5.2 – but no doubt they can be applied to other distributions with minimal modification. Ensure that you have Postfix: |yum install postfix -y| We need to create the client keys for the TLS connection to Google’s SMTP service – and to do that we first need to become our own certificate authority (CA): |/etc/pki/tls/misc/CA -newca| Follow the prompts and make intelligent responses. Now, create the client keys/certs (again with intelligent responses, and ensuring you use the same common name and country code): |cd /etc/postfix openssl genrsa -out postfixclient.key 1024 openssl req -new -key postfixclient.key -out postfixclient.csr openssl ca -out ./postfixclient.pem -infiles postfixclient.csr | Now you can configure Postfix accordingly. Add these to the top of /etc/postfix/main.cf |relayhost = [smtp.gmail.com]:587 smtp_connection_cache_destinations = smtp.gmail.com relay_destination_concurrency_limit = 1 default_destination_concurrency_limit = 5 smtp_sasl_auth_enable=yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_use_tls = yes smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_tls_note_starttls_offer = yes tls_random_source = dev:/dev/urandom smtp_tls_scert_verifydepth = 5 smtp_tls_key_file=/etc/postfix/postfixclient.key smtp_tls_cert_file=/etc/postfix/postfixclient.pem smtp_tls_enforce_peername = no smtpd_tls_req_ccert =no smtpd_tls_ask_ccert = yes soft_bounce = yes | And store your password in /etc/postfix/sasl_passwd |gmail-smtp.l.google.com username@yourdomain.com:password smtp.gmail.com username@yourdomain.com:password | (Note that if you’re using a regular gmail account instead of /Google Apps For Your Domain/, you would use username@gmail.com above) Get Postfix to parse the password file: |postmap /etc/postfix/sasl_passwd| Optionally configure Postfix to run on a different port (so as not to clash with your regular SMTP relay): Open /etc/postfix/master.cf and change the first line to: |10025 inet n - n - - smtpd | Now start Postfix! |service postfix start| And add it to your startup scripts: |ln -s /etc/init.d/postfix /etc/rc3.d/S96postfix| Filed under: Servers <https://blog.wormly.com/category/servers/> — Jules @ 5:06 pm - November 5, 2008 :: Read comments » <https://blog.wormly.com/2008/11/05/relay-gmail-google-smtp-postfix/#comments> ~~~~~~~~~~~~~~~~~~~~~~~~~~~ I'm sure you've need this -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat 27 Jun 2015 09:54:12 PM CDT, Patrick Shanahan wrote:
Server imploded and replaced. Trying to get sane setting but roadblocks appearing. Need and appreciate any help with following:
Cannot send mail using smtp.gmail.com and cannot figure out problem using google search. Exhausted.
debug output from postfix and "postconf -n" are here:
https://drive.google.com/file/d/0Bz_BSwX3EmaZWmxyYUo4ZUJBY0k/view?usp=sharin...
any and all help appreciated.
Hi You have smtp_use_tls = no this needs to be yes -- Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890) SUSE Linux Enterprise Desktop 12 GNOME 3.10.1 Kernel 3.12.43-52.6-default up 1 day 1:55, 4 users, load average: 0.19, 0.17, 0.17 CPU AMD A4-5150M APU @ 3.3GHz | GPU Richland Radeon HD 8350G -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, Jun 27, 2015 at 10:07 PM, Malcolm <malcolmlewis@cableone.net> wrote:
You have smtp_use_tls = no this needs to be yes
Thanks, I had corrected that previous but failed to edit. The change did not stop the STARTTLS errs tks, -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/photos -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 27 Jun 2015 21:54:12 -0400 Patrick Shanahan wrote:
Server imploded and replaced. Trying to get sane setting but roadblocks appearing. Need and appreciate any help with following:
Cannot send mail using smtp.gmail.com and cannot figure out problem using google search. Exhausted.
debug output from postfix and "postconf -n" are here:
https://drive.google.com/file/d/0Bz_BSwX3EmaZWmxyYUo4ZUJBY0k/view?usp=sharin...
any and all help appreciated.
Hi Patrick, smtp.gmail.com:587 "5.7.0 Must issue a STARTTLS command first." I think you've specified the wrong port. From my notes on GMail: Sending Hostname/Server: smtp.gmail.com Use SSL and port 465 for SMTP If you're stuck using STARTTLS, my understanding is you'd want to initiate that on port 25. hth & regards, Carl -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, Jun 27, 2015 at 10:10 PM, Carl Hartung <opensuse@cehartung.com> wrote:
smtp.gmail.com:587 "5.7.0 Must issue a STARTTLS command first."
I think you've specified the wrong port. From my notes on GMail:
Sending Hostname/Server: smtp.gmail.com Use SSL and port 465 for SMTP
which fails with: CLIENT wrappermode (port smtps/465) is unimplemented instead, send to (port submission/587) with STARTTLS
If you're stuck using STARTTLS, my understanding is you'd want to initiate that on port 25.
which also fails with: TLS is required, but our TLS engine is unavailable tks, -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/photos -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 27 Jun 2015 22:38:01 -0400 Patrick Shanahan wrote:
On Sat, Jun 27, 2015 at 10:10 PM, Carl Hartung <opensuse@cehartung.com> wrote:
smtp.gmail.com:587 "5.7.0 Must issue a STARTTLS command first."
I think you've specified the wrong port. From my notes on GMail:
Sending Hostname/Server: smtp.gmail.com Use SSL and port 465 for SMTP
which fails with: CLIENT wrappermode (port smtps/465) is unimplemented instead, send to (port submission/587) with STARTTLS
If you're stuck using STARTTLS, my understanding is you'd want to initiate that on port 25.
which also fails with: TLS is required, but our TLS engine is unavailable
tks,
Could this be the solution? https://forums.opensuse.org/showthread.php/424815-Postfix-TLS-Engine-unavail... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-06-28 03:54, Patrick Shanahan wrote:
any and all help appreciated.
I have: /etc/postfix/sender_relayhost myemail@gmail.com [smtp.gmail.com] myemail@opensuse.org [smtp.gmail.com] and postfix figures out what to do on its own with gmail. /etc/postfix/master.cf #CER: tlsmgr hace falta para enviar a gmail tlsmgr unix - - n 1000? 1 tlsmgr /etc/postfix/main.cf # OJO: Gmail necesita TLS, si no, falla: # Jun 19 01:30:11 Elessar postfix/smtp[6263]: 295253D585: to=<....@telefonica.net>, relay=smtp.gmail.com [209.85.227.109]:25, delay=0.73, delays=0.09/0.01/0.53/0.1, dsn=5.7.0, status=boun # Necesita "tlsmgr unix - - n 1000? 1 tlsmgr" en master.cf # <http://lists.opensuse.org/opensuse/2007-04/msg02220.html> #-- Passwords: server #smtpd_sasl_auth_enable = yes # Transporte encriptado # ~/doc/packages/postfix/README_FILES/TLS_README #smtp_use_tls = yes obsoleto #smtpd_use_tls = no obsoleto smtp_tls_security_level = may smtp_tls_loglevel = 1 #....... # 0 Disable logging of TLS activity. # 1 Log TLS handshake and certificate information. # 2 Log levels during TLS negotiation. # 3 Log hexadecimal and ASCII dump of TLS negotiation process. # 4 Log hexadecimal and ASCII dump of complete transmission after STARTTLS. #smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache # postfix 2.5.0, <https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/223376> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache #smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_timeout = 3600s # con path, regenerar con "/usr/bin/c_rehash /etc/postfix/certs" smtp_tls_CApath = /etc/postfix/certs #smtp_tls_CAfile = /etc/postfix/smtp_cacerts - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlWPy1kACgkQja8UbcUWM1xGJQD+MElpl6OB0pXfU89twOWsGjny B5ergD7MtPnJCbZ96BoA/2a853G45ujNk8PuVUrKEcJ5MeF1ti98CgH+FFVPv8dP =v7C4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Carlos E. R. <robin.listas@telefonica.net> [06-28-15 06:27]:
On 2015-06-28 03:54, Patrick Shanahan wrote:
any and all help appreciated.
I have:
/etc/postfix/sender_relayhost
myemail@gmail.com [smtp.gmail.com] myemail@opensuse.org [smtp.gmail.com]
postfix-2.9.6 Have no /etc/postfix/sender_relayhost, but do have: /etc/postfix/main.cf relayhost = [smtp.gmail.com] But google shows me "sender_relayhost" is a method for using email addrs other than the google account name for sending, as your opensuse.org addr.
and postfix figures out what to do on its own with gmail.
Didn't turnout to be quite that simple, but nearly :)
/etc/postfix/master.cf
#CER: tlsmgr hace falta para enviar a gmail tlsmgr unix - - n 1000? 1 tlsmgr
same
/etc/postfix/main.cf
# OJO: Gmail necesita TLS, si no, falla: # Jun 19 01:30:11 Elessar postfix/smtp[6263]: 295253D585: to=<....@telefonica.net>, relay=smtp.gmail.com [209.85.227.109]:25, delay=0.73, delays=0.09/0.01/0.53/0.1, dsn=5.7.0, status=boun # Necesita "tlsmgr unix - - n 1000? 1 tlsmgr" en master.cf # <http://lists.opensuse.org/opensuse/2007-04/msg02220.html>
#-- Passwords: server #smtpd_sasl_auth_enable = yes
had to have: smtpd_sasl_auth_enable = no
# Transporte encriptado # ~/doc/packages/postfix/README_FILES/TLS_README #smtp_use_tls = yes obsoleto #smtpd_use_tls = no obsoleto
have: smtp_use_tls = yes smptd_use_tls = no
smtp_tls_security_level = may
don't have
smtp_tls_loglevel = 1
have: #smtp_tls_loglevel = 0
#smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
don't have
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
have: smtp_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
#smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
don't have either
smtp_tls_session_cache_timeout = 3600s
same
smtp_tls_CApath = /etc/postfix/certs #smtp_tls_CAfile = /etc/postfix/smtp_cacerts
have: smtp_tls_CAfile = smtp_tls_CApath = /etc/postfix/ssl/cacerts I removed /etc/sysconfig/postfix, /etc/sysconfig/mail zypper -v rm postfix deleted remaining files in /etc/postfix/ zypper -v in postfix yast mail said use tls open firewall smtp host, user name, password and it appears to have worked :) If you see this, it worked and I can make singular other adjustment with backup to duplicate my previous system. Thanks to all -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-06-28 14:54, Patrick Shanahan wrote:
* Carlos E. R. <robin.listas@telefonica.net> [06-28-15 06:27]:
On 2015-06-28 03:54, Patrick Shanahan wrote:
any and all help appreciated.
I have:
/etc/postfix/sender_relayhost
myemail@gmail.com [smtp.gmail.com] myemail@opensuse.org [smtp.gmail.com]
postfix-2.9.6 Have no /etc/postfix/sender_relayhost, but do have: /etc/postfix/main.cf relayhost = [smtp.gmail.com]
Well, that means that ALL your email will be sent that way.
But google shows me "sender_relayhost" is a method for using email addrs other than the google account name for sending, as your opensuse.org addr.
Yes. I have several accounts with different providers, and postfix chooses the right server to send to each one, based on the FROM address of each email.
and postfix figures out what to do on its own with gmail.
Didn't turnout to be quite that simple, but nearly :)
:-) Let's see.
/etc/postfix/main.cf
#-- Passwords: server #smtpd_sasl_auth_enable = yes
had to have: smtpd_sasl_auth_enable = no
That's for acting as a server, so you do not need it.
# Transporte encriptado # ~/doc/packages/postfix/README_FILES/TLS_README #smtp_use_tls = yes obsoleto #smtpd_use_tls = no obsoleto
have: smtp_use_tls = yes smptd_use_tls = no
They work, but they are deprecated. The smtp_tls_security_level var is what is recommended currently.
smtp_tls_security_level = may
don't have
Add it.
smtp_tls_loglevel = 1
have: #smtp_tls_loglevel = 0
#smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
don't have
I don't remember if it is really necessary. I got those from the howto.
I removed /etc/sysconfig/postfix, /etc/sysconfig/mail zypper -v rm postfix deleted remaining files in /etc/postfix/
zypper -v in postfix
yast mail said use tls open firewall smtp host, user name, password
and it appears to have worked :)
LOL.
If you see this, it worked and I can make singular other adjustment with backup to duplicate my previous system.
Thanks to all
Welcome :-) - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlWP8goACgkQja8UbcUWM1zelQEAlEcERFE4jlaHc9q1W/5V/z8a MI/oQsmNpZID/fiOiN4A/Awa3Cyhh20qKfRyRMf4yR1UJ6HlCtbza6hSFnTtraR2 =q3WC -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Carlos E. R. <robin.listas@telefonica.net> [06-28-15 09:16]:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-06-28 14:54, Patrick Shanahan wrote:
* Carlos E. R. <robin.listas@telefonica.net> [06-28-15 06:27]:
On 2015-06-28 03:54, Patrick Shanahan wrote:
any and all help appreciated.
I have:
/etc/postfix/sender_relayhost
myemail@gmail.com [smtp.gmail.com] myemail@opensuse.org [smtp.gmail.com]
postfix-2.9.6 Have no /etc/postfix/sender_relayhost, but do have: /etc/postfix/main.cf relayhost = [smtp.gmail.com]
Well, that means that ALL your email will be sent that way.
But google shows me "sender_relayhost" is a method for using email addrs other than the google account name for sending, as your opensuse.org addr.
Yes. I have several accounts with different providers, and postfix chooses the right server to send to each one, based on the FROM address of each email.
As do I, and my next adjustments :)
and postfix figures out what to do on its own with gmail.
Didn't turnout to be quite that simple, but nearly :)
:-)
Let's see.
/etc/postfix/main.cf
#-- Passwords: server #smtpd_sasl_auth_enable = yes
had to have: smtpd_sasl_auth_enable = no
That's for acting as a server, so you do not need it.
But I am serving mail, mostly local, but this box sends mail from other local boxes
# Transporte encriptado # ~/doc/packages/postfix/README_FILES/TLS_README #smtp_use_tls = yes obsoleto #smtpd_use_tls = no obsoleto
have: smtp_use_tls = yes smptd_use_tls = no
They work, but they are deprecated. The smtp_tls_security_level var is what is recommended currently.
smtp_tls_security_level = may
don't have
Add it.
Done, tks
smtp_tls_loglevel = 1
have: #smtp_tls_loglevel = 0
#smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
don't have
I don't remember if it is really necessary. I got those from the howto.
I removed /etc/sysconfig/postfix, /etc/sysconfig/mail zypper -v rm postfix deleted remaining files in /etc/postfix/
zypper -v in postfix
yast mail said use tls open firewall smtp host, user name, password
and it appears to have worked :)
LOL.
If you see this, it worked and I can make singular other adjustment with backup to duplicate my previous system.
Thanks to all
Welcome :-)
And thanks again from a working system. Now to apache.... -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (6)
-
Carl Hartung -
Carlos E. R. -
Malcolm -
Patrick Shanahan -
Patrick Shanahan -
Ruben Safir