October 4, 2008

Using gmail for outbound smtp on Mac OS X Leopard

Posted by Paul at 12:50

You might want to use Google apps mail or Gmail for your outbound SMTP server on on your Apple Macintosh running Mac OS X Leopard 10.5.2. Postfix can be configured easily for this and then scripts and applications can send mail outside your Apple computer. There is no need to configure the server portion of SMTP (smtpd), just configure the smtp client. You do not need to create any certificates either. You can use the anonymous ciphers but you will need to validate the Google Thawte certificate presented in the TLS handshake. This post will show how to do it.

First create /etc/postfix/relay_password with the server name, email account name and password as shown below. This cofiguration works with Gmail accounts as well as with Google hosted personal domain email accounts. It also works with both Google smtp servers shown below. You will most likely need to preface all these commands with "sudo" to gain the needed privileges.

smtp.googlemail.com youremail@gmail.com:yourpassword
smtp.gmail.com youremail@googlehosteddomain.com:yourpassword
Then use postmap to create a .db file.
postmap /etc/postfix/relay_password
Make sure the map is ok with
postmap -q smtp.gmail.com /etc/postfix/relay_password

You will need to retrieve the Thawte Premium Server CA from https://www.verisign.com/support/roots.html.

unzip -j roots.zip
cd /etc/postfix/certs
openssl x509 -inform der -in ThawtePremiumServerCA.cer -out
          ThawtePremiumServerCA.pem
c_rehash /etc/postfix/certs

Now you are ready to configure postfix. Add these lines to the bottom of /etc/postfix/main.cf

relayhost = smtp.googlemail.com:587
# auth
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay_password
smtp_sasl_security_options = noanonymous
# tls
smtp_tls_security_level = may
smtp_tls_CApath = /etc/postfix/certs
smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
smtp_tls_session_cache_timeout = 3600s
smtp_tls_loglevel = 1
tls_random_source = dev:/dev/urandom

Test now by using /usr/bin/mail to send an email. You can check /var/log/mail.log to see if it worked without errors. Leopard enables postfix by default. Launchd watches a directory and will startup when the test email is sent.

You may need to let postfix re-read the config files.  Use launchctl to stop the process. It will automatically restart and read the config edits. sudo launchctl stop org.postfix.master

Many references were used to finally get this figured out. One of the best was imamba.

Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)