-
SSL on Post fix

 
I have given a task to relay post fix mail with g mail. I have post fix installed and working on y local system and delivering mail to my local user test1 and test2.

Following is log for mail delivery .



Feb 21 15:16:06 localhost postfix/smtpd[3149]: 102C4C42F9C: client=localhost[::1]
Feb 21 15:16:23 localhost postfix/cleanup[3153]: 102C4C42F9C: message-id=<20190221094606.102C4C42F9C@mail.example.com>
Feb 21 15:16:23 localhost postfix/qmgr[3141]: 102C4C42F9C: from=<test1@example.com>, size=305, nrcpt=1 (queue active)
Feb 21 15:16:23 localhost postfix/local[3154]: 102C4C42F9C: to=<test2@example.com>, orig_to=<test2>, relay=local, delay=24, delays=24/0.02/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)
Feb 21 15:16:23 localhost postfix/qmgr[3141]: 102C4C42F9C: removed

Step:Now i am going to use gmail id as relay.

For this first i create:tls policy file

#vim /etc/postfix/tls_policy
following entry in the file:

[smtp.gmail.com]:587 encrypt

Step:then create sasl_posswd file./etc/postfix/sasl_passwd

#vim /etc/postfix/sasl_passwd
following entry in this file
[smtp.gmail.com]:587 qayoom2009@gmail.com:xxxxxxx(password)


step:Then add db of above file with postmap:
#postmap hash:/etc/postfix/tls_policy
#postmap hash:/etc/postfix/sasl_passwd

Step:then make following at ent of the /etc/postfix/main.cf

smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
#smtp_sasl_security_options = noanonymous, noplaintext
smtp_tls_CApath = /etc/ssl/certs
smtp_use_tls = yes
#debug_peer_level=3


  also make relay gmail as

relayhost = [smtp.gmail.com]:587




step:Then restart the postfix.

Make my g mail less secure. In google account security.




 
Step:Also two way verification turn off.







Step:Test mail with telnet as below.face lot of issue in this step trouble shoot and avoid relayhost error.then following error is coming .

Error







Mail defered as in log:

[root@mail ~]# grep DE0E2C42F9C /var/log/maillog
Feb 21 16:34:04 localhost postfix/smtpd[3868]: DE0E2C42F9C: client=localhost[127.0.0.1]
Feb 21 16:34:15 localhost postfix/cleanup[3871]: DE0E2C42F9C: message-id=<20190221110404.DE0E2C42F9C@mail.example.com>
Feb 21 16:34:15 localhost postfix/qmgr[3866]: DE0E2C42F9C: from=<test2@example.com>, size=318, nrcpt=1 (queue active)
Feb 21 16:34:20 localhost postfix/smtp[3872]: DE0E2C42F9C: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.24.109]: no mechanism available
Feb 21 16:34:25 localhost postfix/smtp[3872]: DE0E2C42F9C: to=<qayoom2009@gmail.com>, relay=smtp.gmail.com[74.125.24.108]:587, delay=41, delays=31/0.03/9.4/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.24.108]: no mechanism available)

after lot of R&D i found following commnad:

Solution


step:#yum install cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain
its work and issue resolved. Now i can send mail to any one by using my google id.

Success log:
Feb 21 16:43:03 localhost postfix/smtpd[4030]: AB329C42F9C: client=localhost[127.0.0.1]
Feb 21 16:43:14 localhost postfix/cleanup[4032]: AB329C42F9C: message-id=<20190221111303.AB329C42F9C@mail.example.com>
Feb 21 16:43:14 localhost postfix/qmgr[4025]: AB329C42F9C: from=<test2@example.com>, size=318, nrcpt=1 (queue active)
Feb 21 16:43:18 localhost postfix/smtp[4027]: AB329C42F9C: to=<qayoom2009@gmail.com>, relay=smtp.gmail.com[74.125.68.109]:587, delay=29, delays=26/0/2.1/1.1, dsn=2.0.0, status=sent (250 2.0.0 OK 1550747598 u13sm33812937pfa.169 - gsmtp)
Feb 21 16:43:18 localhost postfix/qmgr[4025]: AB329C42F9C: removed



Comments

Post a Comment

Popular posts from this blog

-
Image
ELK Step by Step Guide  Following is detail of elk ,how we install,start  and run. and prepare report I install elk on Docker with following step: Step1 Check the status of docker:   Step2    I have created "docker" folder on my machine. Step3   I have created three folder in docker folder:   config    data  docker-compose.yml Step4 Then configure these folder with following is the step and data: we can change these configration with our requirement,  First Configure docker-compose.yml  version: "2.0" services:  elk:   image: sebp/elk:latest   ports:     - "5601:5601"     - "9200:9200"     - "5044:5044"     - "9300:9300"   volumes:         - "/home/keenable/docker/data:/tmp/in_data"         - "/home/keenable/...
Read more

Docker Private Registery

-
Image
 Docker private registry Why we need pvt registry "Security, minimize internet load, speed, control We need to setup registry in three stage , stage one  simple stage two  secure (with ssl)  stage three with authentication Stage one: Step: create directories, need to create below directories a. Create a directory to store docker image b. create a certificate directory c. Auth directory Step :Run a docker registry container Create a container without volume with below command sudo  docker run -d -p 5000:5000 --name local-registry registry:2 below is screen shot check in browser:  tag the image, command to tag image sudo docker tag centos:7 127.0.0.1:5000/centos:7 Step Push image and check the browser again In ss centos is available, also in container it show as below  Stage two Step:  create a directory with the name of "docker-registry" then create two direcotries inside it  certs  data Step: then generate certificate inside certs direct...
Read more
-
Image
Postfix installation Step by step I have already posted on Zimbra mail service, now i am going to share  how to install and configure postfix mail server using devocot and squrell mail service, suggest you go into detail study of post fix and other mail server before going to install and use, and different mail protocol i will publish all these on my later edition.Here i  am  going to tell you some future of post fix mail server,and why we choose postfix. What is post fix? Postfix is an open-source Mail Transport Agent ( MTA ), which supports protocols like LDAP, SMTP AUTH (SASL), and TLS. Operating systems: Postfix runs on every Unix and Linux Operating syst em,It is the default MTA of Linux and Ubuntu  operating systems.To install Post fix first we need to uninstall default post fix. Architecture: Postfix consists of a combination of server programs that run in the background, and client pr...
Read more