Configuring gmail as a mail relay with two factor authentication - Ubuntu
Whilst I was looking through the syslog on my home server on an unrelated matter, I noticed some messages along the lines of:
Jan 5 11:36:54 localhost postfix/smtp[29391]: 75858A424AC: SASL authentication failed; server smtp.gmail.com[64.233.184.109] said: 534-5.7.9 Appl ication-specific password required. Learn more at?534 5.7.9 https://support.google.com/mail/?p=InvalidSecondFactor f67sm99639626wmd.13 - gsmtp
The key part of the messages being SASL authentication failed and Appl ication-specific password required . Come to think of it, I hadn't had any emails from the server for a while. In fact, from around about the time I turned on two factor authentication.
After some research I managed to piece together what needed to be done to allow two factor authentication for postfix on Ubuntu. In case you haven't to set up gmail as a SMTP relay before, here's the steps to set it up.
Configure /etc/postfix/main.cf as follows:
# Relaying Postfix SMTP via GMAIL relayhost = [smtp.gmail.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_use_tls = yes
Add you gmail credentials to /etc/postfix/sasl_passwd
[smtp.gmail.com]:587 MUYSER@gmail.com:MYPASSWD
Make sure perms of this file are secure, i.e.
r-------- 1 root root 65 Jan 5 11:36 sasl_passwd
Compile and hash contents of /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
Restart postfix
systemctl restart posfix
You'll need to set up gmail to allow less secure apps. The procedure is here: https://support.google.com/accounts/answer/6010255
If you have enabled two factor authentication on your google account, these are the extra steps required:
Go to https://security.google.com/settings/security/apppasswords
select app > Mail , select device > Other (Custom Name) > create a name > Generate
Add the application specific pssword generated to sasl_passwd replacing the one already there:
run: postmap /etc/postfix/sasl_passwd
restart postfix and you're done.
Recent Changes
Contribute to this wiki
Why not help others by sharing your knowledge? Contribute something to this wiki and
join out hall of fame!
Contact us for a user name and password