Today I had to test e-mail delivery of an app I was working on from home. Annoyingly, my ISP (O2) block outgoing port 25 because they don't trust their users not to run open mail relays. This meant that e-mails sent from my app were not being delivered.
So I needed to set up Postfix (the native Sendmail implementation running on OS X Lion) to relay all outgoing mails to another mail server. It turned out to be quite difficult to configure Postfix to connect to Gmail.
Gmail requires an authenticated TLS session to relay mail. But the instructions I found across the web did not seem to work, in that the Gmail CA certificates were not trusted even after adding them.
The easy solution was to simply stop Postfix from requiring a trusted CA altogether. Below are instructions to replicate my setup.
First edit the Postfix configuration file as below:
$ sudo vim /etc/postfix/main.cf
Edit the file as below:
relayhost = [smtp.gmail.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_sasl_mechanism_filter = plain smtp_use_tls = yes smtp_tls_security_level = may
The 'may' security level settings tells Postfix to ignore untrusted CAs and continue delivery.
Create a new file containing your Gmail account credentials:
$ sudo vim /etc/postfix/sasl_passwd
Then load the account credentials into Postfix:
sudo postmap /etc/postfix/sasl_passwd sudo rm /etc/postfix/sasl_passwd
Then restart Postfix:
sudo launchctl unload -w /System/Library/LaunchDaemons/org.postfix.master.plist sudo launchctl load -w /System/Library/LaunchDaemons/org.postfix.master.plist
Now you can send a test e-mail:
mail -s "Testing, Testing" email@example.com
Type the body of your message then
Ctrl-D to send the e-mail.
/var/log/mail.log to see the status of your delivery.