特殊:Badtitle/NS100:GmailPostfixFetchmail:修订间差异
小 新页面: {{From|https://help.ubuntu.com/community/GmailPostfixFetchmail}} {{Languages|UbuntuHelp:GmailPostfixFetchmail}} == Introduction == This page is for those who wish to use Postfix and Fe... |
小无编辑摘要 |
||
(未显示同一用户的7个中间版本) | |||
第1行: | 第1行: | ||
{{From|https://help.ubuntu.com/community/GmailPostfixFetchmail}} | {{From|https://help.ubuntu.com/community/GmailPostfixFetchmail}} | ||
{{Languages|UbuntuHelp:GmailPostfixFetchmail}} | {{Languages|UbuntuHelp:GmailPostfixFetchmail}} | ||
<<Include(Tag/ContentCleanup)>> | |||
== Introduction == | == Introduction == | ||
How to use Postfix and Fetchmail to access a single Gmail account using an old-fashioned client such as mutt or Emacs GNUS. | |||
''If you use Evolution or a similar modern e-mail client, you do not | |||
a single Gmail account | need to use this''. Your client has the ability to connect directly to the Gmail POP3 and SMTP services. | ||
*Help with Evolution: [[UbuntuHelp:UsingGmailWithEvolution|UsingGmailWithEvolution]]. | |||
*Help with Thunderbird: http://mail.google.com/support/bin/answer.py?answer=38343 | |||
This setup is intended to be as simple and as close to a standard Ubuntu configuration as possible. | |||
old-fashioned client such as mutt or Emacs GNUS. | This setup does ''not'' verify the Gmail SMTP server certificate. | ||
=== Not For Beginners === | |||
You should be familiar with: | |||
* How to install packages | |||
* How to edit text configuration files. | |||
* Terms like POP3, SMTP and SSL. | |||
If you use Evolution or a similar modern e-mail client, you do not | |||
need to use this | |||
POP3 and SMTP services. | |||
UsingGmailWithEvolution. | |||
=== | |||
You should be familiar with | |||
text configuration files. | |||
=== References === | === References === | ||
* http://prantran.blogspot.com/2007/01/getting-postfix-to-work-on-ubuntu-with.html | * http://prantran.blogspot.com/2007/01/getting-postfix-to-work-on-ubuntu-with.html | ||
* http://souptonuts.sourceforge.net/postfix_tutorial.html | * http://souptonuts.sourceforge.net/postfix_tutorial.html | ||
第38行: | 第21行: | ||
* http://www.postfix.com/SASL_README.html | * http://www.postfix.com/SASL_README.html | ||
* http://www.postfix.com/ADDRESS_REWRITING_README.html | * http://www.postfix.com/ADDRESS_REWRITING_README.html | ||
* http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailservers.html | |||
* http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html | |||
== Packages needed == | == Packages needed == | ||
You will need the postfix and fetchmail packages. See | You will need the postfix and fetchmail packages. See | ||
InstallingSoftware for more on installing packages. | [[UbuntuHelp:InstallingSoftware|InstallingSoftware]] for more on installing packages. Postfix will work on Ubuntu as is from apt-get without any compilation necessary | ||
== Setting up your Gmail account == | == Setting up your Gmail account == | ||
You will need to enable POP access for your Gmail account. This is done through the google website. See | |||
You will need to enable POP access for your Gmail account. See | [[UbuntuHelp:UsingGmailWithEvolution|UsingGmailWithEvolution]] for more. Gnus queues mail to postfix, postfix forwards to Google. An openssl certificate is made by a CA signing authority signing a request to generate a server-side certificate. Although to encrypt the connection between Gnus and postfix is possible, this is not necessary if mail is being sent from gnus to postix at the local machine. The connection between postfix and google will be encrypted. This is like https but by the smtp protocol which is by emails. So it is not always necessary to use postfix to do this because some A Mail User Agents can do this itselves : a MUA is a client like gnus or evolution. Postfix will be a client when is connects to google, and the variables pertaining by this are beginning as smtp-the-something. Where postfix is the daemon it receives mails, into our case from the localhost, and the variables pertaining by this mode commence as smtpd-something. Don't forget! | ||
UsingGmailWithEvolution for more. | A "mail delivery agent" is the back end used to store mails, which can be postfix. A "mail transfer agent" is a server talking SMTP : it receives mail via SMTP, and it can pass it on via SMTP. Postfix is a combination of MTA and MDA. | ||
to send every mail through Google you also need to set option as | |||
relayhost[smtp.gmail.com]:587 | |||
Another option is to use a transport map. | |||
transport_maps = hash:/etc/postfix/transport | |||
The easiest is to just use a mail client, and nothing inter-locuting, but we are not doing this by using postfix at all. | |||
Postfix may and can be used as a storage mail retrieval of fetchmail exclusively, and let the mail client perform the smtp encryption to google directly. So this is available as an alternative plan, when this one does work. It is very time-consuming, awkward, frustrating, and annoying. | |||
== Example username == | == Example username == | ||
In all the examples below, I've assumed that the username on the | In all the examples below, I've assumed that the username on the | ||
Ubuntu system is <code><nowiki>jane</nowiki></code>, and that the Gmail username is | Ubuntu system is <code><nowiki>jane</nowiki></code>, and that the Gmail username is | ||
第56行: | 第42行: | ||
replace these with your local username, your Gmail username and Gmail | replace these with your local username, your Gmail username and Gmail | ||
password as appropriate. | password as appropriate. | ||
== Configuring Postfix == | == Configuring Postfix == | ||
To setup Postfix, you will need to create 5 files: | To setup Postfix, you will need to create 5 files: | ||
* /etc/postfix/main.cf | * /etc/postfix/main.cf | ||
第65行: | 第49行: | ||
* /etc/postfix/passwd | * /etc/postfix/passwd | ||
* /etc/postfix/passwd.db | * /etc/postfix/passwd.db | ||
You will need root access to create and edit these files; see RootSudo | You will need root access to create and edit these files; see [[UbuntuHelp:RootSudo|RootSudo]] | ||
for more on gaining root access. | for more on gaining root access. | ||
=== Stop Postfix === | === Stop Postfix === | ||
It's not necessary to do so, but if you wish to stop Postfix while | It's not necessary to do so, but if you wish to stop Postfix while | ||
configuring, run (as root) | configuring, run (as root) | ||
<pre><nowiki> | <pre><nowiki> | ||
/etc/init.d/postfix stop | /etc/init.d/postfix stop | ||
</nowiki></pre> | </nowiki></pre> | ||
=== /etc/postfix/main.cf === | === /etc/postfix/main.cf === | ||
When you install Postfix you will be prompted to make configurative | |||
When you install Postfix you will be prompted to make | |||
choices. You can choose "No configuration"; in this case no | choices. You can choose "No configuration"; in this case no | ||
configuration file will be created, and you can use the contents | configuration file will be created, and you can use the contents | ||
below. The configuration choices used to create it are listed in the | below. The configuration choices used to create it are listed in the | ||
Appendix. | Appendix. | ||
This is the Postfix configuration file /etc/postfix/main.cf: | This is the Postfix configuration file /etc/postfix/main.cf: | ||
<pre><nowiki> | <pre><nowiki> | ||
# See /usr/share/postfix/main.cf.dist for a commented, more complete version | # See /usr/share/postfix/main.cf.dist for a commented, more complete version | ||
第98行: | 第76行: | ||
biff = no | biff = no | ||
# appending .domain is the MUA's job. | # appending .domain is the MUA's job. | ||
append_dot_mydomain = no | append_dot_mydomain = no | ||
第118行: | 第96行: | ||
alias_database = hash:/etc/aliases | alias_database = hash:/etc/aliases | ||
mydestination = localhost, localhost.localdomain | mydestination = localhost, localhost.localdomain | ||
mynetworks = 127.0.0.0/8 | mynetworks = 127.0.0.0/8 | ||
mailbox_size_limit = 0 | mailbox_size_limit = 0 | ||
第136行: | 第113行: | ||
relayhost=[smtp.gmail.com]:587 | relayhost=[smtp.gmail.com]:587 | ||
</nowiki></pre> | </nowiki></pre> | ||
An explanation of each non-standard line (following the comment "non | An explanation of each non-standard line (following the comment "non | ||
debconf entries start here") is given in the Appendix. | debconf entries start here") is given in the Appendix. | ||
=== /etc/postfix/generic and /etc/postfix/generic.db === | === /etc/postfix/generic and /etc/postfix/generic.db === | ||
The generic file tells Postfix how to map local e-mail addresses to | The generic file tells Postfix how to map local e-mail addresses to | ||
Internet addresses when mail is sent via SMTP. Postfix rewrites | Internet addresses when mail is sent via SMTP. Postfix rewrites | ||
"From:" headers to make e-mail appear to come from | "From:" headers to make e-mail appear to come from | ||
<code><nowiki>[email protected]</nowiki></code> instead of <code><nowiki>jane@localhost</nowiki></code>. | <code><nowiki>[email protected]</nowiki></code> instead of <code><nowiki>jane@localhost</nowiki></code>. | ||
The /etc/postfix/generic is a plain text file, and should look as | The /etc/postfix/generic is a plain text file, and should look as | ||
follows: | follows: | ||
第152行: | 第125行: | ||
jane@localhost [email protected] | jane@localhost [email protected] | ||
</nowiki></pre> | </nowiki></pre> | ||
/etc/postfix/generic.db is generated from this using the postmap command: | /etc/postfix/generic.db is generated from this using the postmap command: | ||
<pre><nowiki> | <pre><nowiki> | ||
第158行: | 第130行: | ||
postmap generic | postmap generic | ||
</nowiki></pre> | </nowiki></pre> | ||
=== /etc/postfix/sasl/passwd and /etc/postfix/sasl/passwd.db === | === /etc/postfix/sasl/passwd and /etc/postfix/sasl/passwd.db === | ||
The passwd file contains your Gmail password. Like | The passwd file contains your Gmail password. Like | ||
/etc/postfix/generic file discussed above, it is a plain text file; | /etc/postfix/generic file discussed above, it is a plain text file; | ||
第167行: | 第137行: | ||
[smtp.gmail.com]:587 [email protected]:doeadeer | [smtp.gmail.com]:587 [email protected]:doeadeer | ||
</nowiki></pre> | </nowiki></pre> | ||
To create passwd.db, and set ownership and permissions appropriately, | To create passwd.db, and set ownership and permissions appropriately, | ||
run the following commands: | run the following commands: | ||
第176行: | 第145行: | ||
chmod 600 passwd passwd.db | chmod 600 passwd passwd.db | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Start or reload Postfix === | === Start or reload Postfix === | ||
If you previously stopped Postfix, restart it with | If you previously stopped Postfix, restart it with | ||
<pre><nowiki> | <pre><nowiki> | ||
/etc/init.d/postfix start | /etc/init.d/postfix start | ||
</nowiki></pre> | </nowiki></pre> | ||
If you didn't stop Postfix, force it to reload its configuration with | If you didn't stop Postfix, force it to reload its configuration with | ||
<pre><nowiki> | <pre><nowiki> | ||
postfix reload | postfix reload | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Testing === | === Testing === | ||
Postfix provides a means of testing its address rewriting rules using | Postfix provides a means of testing its address rewriting rules using | ||
the sendmail command with the '-bv' option. If the mail would be sent | the sendmail command with the '-bv' option. If the mail would be sent | ||
第196行: | 第160行: | ||
to connect and authenticate to smtp.gmail.com, which makes it a | to connect and authenticate to smtp.gmail.com, which makes it a | ||
convenient way to test the Postfix setup. | convenient way to test the Postfix setup. | ||
One possibly inconvenient feature of sendmail -bv is that the result | One possibly inconvenient feature of sendmail -bv is that the result | ||
is mailed to the user who ran the command; thus, if mail is utterly | is mailed to the user who ran the command; thus, if mail is utterly | ||
misconfigured, you will never receive the result. If you suspect this | misconfigured, you will never receive the result. If you suspect this | ||
is the case, you can check /var/log/mail.log to see what went wrong. | is the case, you can check /var/log/mail.log to see what went wrong, or you can type mail within the same account as the sender. | ||
Alternatively do <code><nowiki>echo 'test mail' | mail -s 'testing this' [email protected] </nowiki></code> | |||
To check that basic delivery works, run the following command as a | To check that basic delivery works, run the following command as a | ||
normal user (replacing "jane", as elsewhere, with your username): | normal user (replacing "jane", as elsewhere, with your username): | ||
第213行: | 第176行: | ||
Enclosed is the mail delivery report that you requested. | Enclosed is the mail delivery report that you requested. | ||
The mail system | The mail system | ||
<jane@localhost> (expanded from <jane>): delivery via local: delivers to mailbox | <jane@localhost> (expanded from <jane>): delivery via local: delivers to mailbox | ||
</nowiki></pre> | </nowiki></pre> | ||
If this didn't work, make sure that Postfix is running. | If this didn't work, make sure that Postfix is running. | ||
To check that Postfix can successfully connect to gmail, run | To check that Postfix can successfully connect to gmail, run | ||
<pre><nowiki> | <pre><nowiki> | ||
第229行: | 第191行: | ||
Enclosed is the mail delivery report that you requested. | Enclosed is the mail delivery report that you requested. | ||
The mail system | The mail system | ||
<[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: 250 2.1.5 OK | <[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: 250 2.1.5 OK | ||
</nowiki></pre> | </nowiki></pre> | ||
Potential problems with this are discussed in the following section. | Potential problems with this are discussed in the following section. | ||
=== Potential Postfix problems === | === Potential Postfix problems === | ||
==== Cannot find password ==== | ==== Cannot find password ==== | ||
If you get an error message like this: | If you get an error message like this: | ||
<pre><nowiki> | <pre><nowiki> | ||
<[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: | <[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: | ||
host smtp.gmail.com[66.249.91.109] said: 530 5.5.1 Authentication Required | host smtp.gmail.com[66.249.91.109] said: 530 5.5.1 Authentication Required | ||
c24sm1773006ika (in reply to MAIL FROM command) | c24sm1773006ika (in reply to MAIL FROM command) | ||
</nowiki></pre> | </nowiki></pre> | ||
then Postfix cannot figure out what password to send gmail; make sure | then Postfix cannot figure out what password to send gmail; make sure | ||
that the smtp_sasl_password_maps entry in /etc/postfix/main.cf is | that the smtp_sasl_password_maps entry in /etc/postfix/main.cf is | ||
correct, that /etc/postfix/sasl/passwd is correct, and that you've | correct, that /etc/postfix/sasl/passwd is correct, and that you've | ||
created /etc/postfix/sasl/passwd.db. | created /etc/postfix/sasl/passwd.db. | ||
==== No mechanism available ==== | ==== No mechanism available ==== | ||
If you get an error message like this: | If you get an error message like this: | ||
<pre><nowiki> | <pre><nowiki> | ||
SASL authentication failed; cannot authenticate to server | SASL authentication failed; cannot authenticate to server | ||
smtp.gmail.com[66.249.91.109]: no mechanism available | smtp.gmail.com[66.249.91.109]: no mechanism available | ||
</nowiki></pre> | </nowiki></pre> | ||
you have probably forgotten the smtp_sasl_security_options line in | you have probably forgotten the smtp_sasl_security_options line in | ||
/etc/postfix/main.cf. | /etc/postfix/main.cf. | ||
== Configuring Fetchmail == | == Configuring Fetchmail == | ||
The setup presented here configures the system-wide fetchmail service, | The setup presented here configures the system-wide fetchmail service, | ||
which is by default always running; for this use /etc/fetchmailrc is | which is by default always running; for this use /etc/fetchmailrc is | ||
第268行: | 第222行: | ||
user you should use ~/.fetchmailrc; that case is not further discussed | user you should use ~/.fetchmailrc; that case is not further discussed | ||
here. | here. | ||
Unlike the Postfix setup above, the fetchmail configuration presented here ''will'' | Unlike the Postfix setup above, the fetchmail configuration presented here ''will'' | ||
verify the Gmail POP3 server's certificate. | verify the Gmail POP3 server's certificate. | ||
=== Stop the fetchmail service === | === Stop the fetchmail service === | ||
To stop fetchmail while configuring it, run | To stop fetchmail while configuring it, run | ||
<pre><nowiki> | <pre><nowiki> | ||
/etc/init.d/fetchmail stop | /etc/init.d/fetchmail stop | ||
</nowiki></pre> | </nowiki></pre> | ||
=== /etc/fetchmail.rc === | === /etc/fetchmail.rc === | ||
The file /etc/fetchmailrc should look as follows: | The file /etc/fetchmailrc should look as follows: | ||
<pre><nowiki> | <pre><nowiki> | ||
第288行: | 第237行: | ||
poll pop.gmail.com | poll pop.gmail.com | ||
with nodns, | with nodns, | ||
with protocol POP3 | with protocol POP3 | ||
user "[email protected]" there is jane here, | user "[email protected]" there is jane here, | ||
with password doeadeer, | with password doeadeer, | ||
with ssl, sslcertck; | with ssl, sslcertck; | ||
</nowiki></pre> | </nowiki></pre> | ||
A detailed explanation is given in the appendix, though fetchmail's | A detailed explanation is given in the appendix, though fetchmail's | ||
configuration language hopefully makes it clear. | configuration language hopefully makes it clear. | ||
Since this file contains your Gmail password, you may wish to give it | Since this file contains your Gmail password, you may wish to give it | ||
restrictive read permission: | restrictive read permission: | ||
第303行: | 第250行: | ||
chmod 600 /etc/fetchmailrc | chmod 600 /etc/fetchmailrc | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Testing === | === Testing === | ||
To test your configuration, run fetchmail as below; this should be run | To test your configuration, run fetchmail as below; this should be run | ||
as root, since it reads /etc/fetchmailrc. | as root, since it reads /etc/fetchmailrc. | ||
第311行: | 第256行: | ||
fetchmail -v -d0 -f /etc/fetchmailrc | fetchmail -v -d0 -f /etc/fetchmailrc | ||
</nowiki></pre> | </nowiki></pre> | ||
Take a look at /var/log/mail.log (e.g., using <code><nowiki>less /var/log/mail.log</nowiki></code>) | Take a look at /var/log/mail.log (e.g., using <code><nowiki>less /var/log/mail.log</nowiki></code>) | ||
to see that the connection was successful. | to see that the connection was successful. | ||
=== Restart fetchmail === | === Restart fetchmail === | ||
Once your configuration is working, you can restart fetchmail with | Once your configuration is working, you can restart fetchmail with | ||
<pre><nowiki> | <pre><nowiki> | ||
/etc/init.d/fetchmail start | /etc/init.d/fetchmail start | ||
</nowiki></pre> | </nowiki></pre> | ||
== Appendix == | == Appendix == | ||
=== Debconf choices for main.cf above === | === Debconf choices for main.cf above === | ||
For the record, the main.cf above was created with | For the record, the main.cf above was created with | ||
dpkg-reconfigure postfix | dpkg-reconfigure postfix | ||
with the following selections: | with the following selections: | ||
<pre><nowiki> | <pre><nowiki> | ||
General type of configuration: Satellite system | General type of configuration: Satellite system | ||
第344行: | 第280行: | ||
Internet protocols to use: all (default) | Internet protocols to use: all (default) | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Explanation of /etc/postfix/main.cf === | === Explanation of /etc/postfix/main.cf === | ||
Only the non-debconf lines are explained. For much more, run | Only the non-debconf lines are explained. For much more, run | ||
<code><nowiki>man 5 postconf</nowiki></code> or visit [http://www.postfix.com/documentation.html]. | <code><nowiki>man 5 postconf</nowiki></code> or visit [http://www.postfix.com/documentation.html]. | ||
<pre><nowiki> | <pre><nowiki> | ||
smtp_tls_loglevel=1 | smtp_tls_loglevel=1 | ||
</nowiki></pre> | </nowiki></pre> | ||
Basic logging of connections to smtp.gmail.com. | Basic logging of connections to smtp.gmail.com. | ||
<pre><nowiki> | <pre><nowiki> | ||
smtp_tls_security_level=encrypt | smtp_tls_security_level=encrypt | ||
</nowiki></pre> | </nowiki></pre> | ||
Require an encrypted TLS connection to smtp.gmail.com. It would be | Require an encrypted TLS connection to smtp.gmail.com. It would be | ||
preferable to use the verify level | preferable to use the verify level. | ||
<pre><nowiki> | <pre><nowiki> | ||
smtp_sasl_auth_enable=yes | smtp_sasl_auth_enable=yes | ||
</nowiki></pre> | </nowiki></pre> | ||
Enable SMTP authentication. | Enable SMTP authentication. | ||
<pre><nowiki> | <pre><nowiki> | ||
smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd | smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd | ||
</nowiki></pre> | </nowiki></pre> | ||
Where the SMTP authentication data is to be found. | Where the SMTP authentication data is to be found. | ||
<pre><nowiki> | <pre><nowiki> | ||
smtp_sasl_security_options = noanonymous | smtp_sasl_security_options = noanonymous | ||
</nowiki></pre> | </nowiki></pre> | ||
This one is a bit obscure: by specifying noanonymous, one allows | This one is a bit obscure: by specifying noanonymous, one allows | ||
plaintext passwords to be sent (I think noplaintext is the next level | plaintext passwords to be sent (I think noplaintext is the next level | ||
"up" from noanonymous). Gmail's SMTP server apparently accepts | "up" from noanonymous). Gmail's SMTP server apparently accepts | ||
plaintext authentication only. | plaintext authentication only. | ||
<pre><nowiki> | <pre><nowiki> | ||
smtp_generic_maps=hash:/etc/postfix/generic | smtp_generic_maps=hash:/etc/postfix/generic | ||
</nowiki></pre> | </nowiki></pre> | ||
Where the generic mapping data is to be found. | Where the generic mapping data is to be found. | ||
<pre><nowiki> | <pre><nowiki> | ||
relayhost=[smtp.gmail.com]:587 | relayhost=[smtp.gmail.com]:587 | ||
</nowiki></pre> | </nowiki></pre> | ||
Address and port number for SMTP connections. Putting the hostname in | Address and port number for SMTP connections. Putting the hostname in | ||
square brackets means it is interpreted as a hostname, rather than a | square brackets means it is interpreted as a hostname, rather than a | ||
mail name (as I understand it, Postfix uses "normal" DNS records | mail name (as I understand it, Postfix uses "normal" DNS records | ||
rather than MX records when square brackets are used). | rather than MX records when square brackets are used). | ||
=== Explanation of /etc/fetchmailrc === | === Explanation of /etc/fetchmailrc === | ||
Run <code><nowiki>man fetchmail</nowiki></code> for details. Fetchmail's configuration | Run <code><nowiki>man fetchmail</nowiki></code> for details. Fetchmail's configuration | ||
language has the interesting property of ignoring some words (like | language has the interesting property of ignoring some words (like | ||
"with") and punctuation (like the comma and semicolon). | "with") and punctuation (like the comma and semicolon). | ||
<pre><nowiki> | <pre><nowiki> | ||
set syslog | set syslog | ||
</nowiki></pre> | </nowiki></pre> | ||
Log messages to syslog; fetchmail messages will appear in | Log messages to syslog; fetchmail messages will appear in | ||
/var/log/mail.log. | /var/log/mail.log. | ||
<pre><nowiki> | <pre><nowiki> | ||
set daemon 240 | set daemon 240 | ||
</nowiki></pre> | </nowiki></pre> | ||
Check for mail every 240 seconds. | Check for mail every 240 seconds. | ||
<pre><nowiki> | <pre><nowiki> | ||
poll pop.gmail.com | poll pop.gmail.com | ||
第423行: | 第336行: | ||
Each account entry starts with keyword "poll", followed by the server | Each account entry starts with keyword "poll", followed by the server | ||
hostname. | hostname. | ||
<pre><nowiki> | <pre><nowiki> | ||
with nodns, | with nodns, | ||
</nowiki></pre> | </nowiki></pre> | ||
This is probably unnecessary. | This is probably unnecessary. | ||
<pre><nowiki> | <pre><nowiki> | ||
with protocol POP3 | with protocol POP3 | ||
</nowiki></pre> | </nowiki></pre> | ||
Connect to pop.gmail.com mail using the POP3 protocol. | Connect to pop.gmail.com mail using the POP3 protocol. | ||
<pre><nowiki> | <pre><nowiki> | ||
user "[email protected]" there is jane here, | user "[email protected]" there is jane here, | ||
</nowiki></pre> | </nowiki></pre> | ||
Login to the POP3 server with username "[email protected]"; deliver | Login to the POP3 server with username "[email protected]"; deliver | ||
mail to local user "jane". | mail to local user "jane". | ||
<pre><nowiki> | <pre><nowiki> | ||
with password doeadeer, | with password doeadeer, | ||
</nowiki></pre> | </nowiki></pre> | ||
The POP3 password is "doeadeer". | The POP3 password is "doeadeer". | ||
<pre><nowiki> | <pre><nowiki> | ||
with ssl, sslcertck; | with ssl, sslcertck; | ||
</nowiki></pre> | </nowiki></pre> | ||
Use SSL in communicating to the POP3 server, and verify that the | Use SSL in communicating to the POP3 server, and verify that the | ||
certificate is valid. fetchmail uses the certificates provided by the | certificate is valid. fetchmail uses the certificates provided by the | ||
ca-certificates packages for this. | ca-certificates packages for this. | ||
=== Verifying the Gmail SMTP server certificate === | === Verifying the Gmail SMTP server certificate === | ||
The configuration above does ''not'' verify the certificate of the | The configuration above does ''not'' verify the certificate of the | ||
Gmail SMTP server. This would be very easy to do but for | Gmail SMTP server. This would be very easy to do but for | ||
[https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/118963 Bug 118963] | [https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/118963 Bug 118963] | ||
If you need this verification, you can either read | If you need this verification, you can either read | ||
[http://souptonuts.sourceforge.net/postfix_tutorial.html reference 2] | [http://souptonuts.sourceforge.net/postfix_tutorial.html reference 2] | ||
above, which shows you how to download and install the certificate | above, which shows you how to download and install the certificate | ||
yourself, or you can do something like this: | yourself, or you can do something like this: | ||
<pre><nowiki> | <pre><nowiki> | ||
mkdir /var/spool/postfix/certs | mkdir /var/spool/postfix/certs | ||
cp /etc/ssl/certs/* /var/spool/postfix/certs | cp -R /etc/ssl/certs/* /var/spool/postfix/certs | ||
mkdir -p /var/spool/postfix/usr/share/ca-certificates | |||
cp -R /usr/share/ca-certificates /var/spool/postfix/usr/share/ca-certificates | |||
</nowiki></pre> | </nowiki></pre> | ||
Then, in main.cf, change the smtp_tls_security_level line and add an | Then, in main.cf, change the smtp_tls_security_level line and add an | ||
smtp_tls_CApath line as follows: | smtp_tls_CApath line as follows: | ||
第475行: | 第379行: | ||
smtp_tls_CApath=/certs | smtp_tls_CApath=/certs | ||
</nowiki></pre> | </nowiki></pre> | ||
This might need to be redone if you upgrade postfix (e.g., when | This might need to be redone if you upgrade postfix (e.g., when | ||
upgrading Ubuntu). | upgrading Ubuntu). | ||
=== If Nothing Is Working === | === If Nothing Is Working === | ||
If possible, check that you can access the Gmail SMTP and POP3 | If possible, check that you can access the Gmail SMTP and POP3 | ||
services with a client like Thunderbird; Google provide complete | services with a client like Thunderbird; Google provide complete | ||
instructions for setting up Thunderbird | instructions for setting up Thunderbird | ||
[http://mail.google.com/support/bin/answer.py?answer=38343 here]. | [http://mail.google.com/support/bin/answer.py?answer=38343 here]. | ||
You can try port 465 instead of 587 for SMTP. | You can try port 465 instead of 587 for SMTP. | ||
You can do a check that SMTP connections can be made using stunnel, as | You can do a check that SMTP connections can be made using stunnel, as | ||
follows: | follows: | ||
第493行: | 第392行: | ||
stunnel -v 2 -c -n smtp -f -r smtp.gmail.com:587 | stunnel -v 2 -c -n smtp -f -r smtp.gmail.com:587 | ||
</nowiki></pre> | </nowiki></pre> | ||
You should see something like this: | You should see something like this: | ||
<pre><nowiki> | <pre><nowiki> | ||
第507行: | 第405行: | ||
ia/L=Mountain View/O=Google Inc/CN=smtp.gmail.com | ia/L=Mountain View/O=Google Inc/CN=smtp.gmail.com | ||
</nowiki></pre> | </nowiki></pre> | ||
Terminate this connection with Ctrl-C. | Terminate this connection with Ctrl-C. | ||
You can also try testing the POP3 connection, though I had no success | You can also try testing the POP3 connection, though I had no success | ||
with this: | with this: | ||
第515行: | 第411行: | ||
stunnel -v 2 -c -n pop3 -f -r pop.gmail.com:995 | stunnel -v 2 -c -n pop3 -f -r pop.gmail.com:995 | ||
</nowiki></pre> | </nowiki></pre> | ||
Note that you ''cannot'' use openssl's s_client to test the SMTP | Note that you ''cannot'' use openssl's s_client to test the SMTP | ||
connection; Gmail's SMTP server requires the client to begin | connection; Gmail's SMTP server requires the client to begin | ||
communications with HELO (or EHLO), while s_client jumps straight to | communications with HELO (or EHLO), while s_client jumps straight to | ||
STARTTLS. | STARTTLS. | ||
== Why is everything still broken? == | |||
<pre><nowiki> | |||
smtpd_recipient_restrictions = | |||
permit_mynetworks | |||
permit_sasl_authenticated | |||
reject_unauth_destination | |||
smtpd_sasl_authenticated_header = yes | |||
</nowiki></pre> | |||
Now you MUST MUST MUST alter the master.cf file as demonstrated in [http://souptonuts.sourceforge.net/postfix_tutorial.html reference 2]. If you do not you might experience looking at a server certificate error in your mailq. | |||
Another, and THE MOST IMPORTANT, thing is that probably your $mydomain, $myhostname, and a load of other things are not concurring with register user accounts on your local computer. The solution is within /usr/share/postfix/main.cf.dist which is a commented, more complete version of a main.cf | |||
The clue lies in the fall_transport variable. This permits postfix to work far less rigidly on machines which have spoof domains established within /etc/hosts by the benefit til the operation of nntp servers like leafnode. | |||
<pre><nowiki> | |||
inet_interfaces = all | |||
mynetworks_style = host | |||
local_recipient_maps = | |||
fallback_transport = | |||
</nowiki></pre> | |||
If you are still having problems with authorisation and certificate recognition, forget the above about the snakeoil certificate, and follow the most excellent instructions to make your own certificate at | |||
[http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html reference 7] | |||
This page is more useful than this whole venture by postfix itself. If it works it feels rewarding, but it can take one week of effort and worthwhile learning. | |||
---- | ---- | ||
[[category: | [[category:CategoryEmail]] | ||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] |
2009年11月17日 (二) 19:15的最新版本
文章出处: |
{{#if: | {{{2}}} | https://help.ubuntu.com/community/GmailPostfixFetchmail }} |
点击翻译: |
English {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/af | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Afrikaans| [[::GmailPostfixFetchmail/af|Afrikaans]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ar | • {{#if: UbuntuHelp:GmailPostfixFetchmail|العربية| [[::GmailPostfixFetchmail/ar|العربية]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/az | • {{#if: UbuntuHelp:GmailPostfixFetchmail|azərbaycanca| [[::GmailPostfixFetchmail/az|azərbaycanca]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/bcc | • {{#if: UbuntuHelp:GmailPostfixFetchmail|جهلسری بلوچی| [[::GmailPostfixFetchmail/bcc|جهلسری بلوچی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/bg | • {{#if: UbuntuHelp:GmailPostfixFetchmail|български| [[::GmailPostfixFetchmail/bg|български]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/br | • {{#if: UbuntuHelp:GmailPostfixFetchmail|brezhoneg| [[::GmailPostfixFetchmail/br|brezhoneg]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ca | • {{#if: UbuntuHelp:GmailPostfixFetchmail|català| [[::GmailPostfixFetchmail/ca|català]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/cs | • {{#if: UbuntuHelp:GmailPostfixFetchmail|čeština| [[::GmailPostfixFetchmail/cs|čeština]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/de | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Deutsch| [[::GmailPostfixFetchmail/de|Deutsch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/el | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Ελληνικά| [[::GmailPostfixFetchmail/el|Ελληνικά]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/es | • {{#if: UbuntuHelp:GmailPostfixFetchmail|español| [[::GmailPostfixFetchmail/es|español]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/fa | • {{#if: UbuntuHelp:GmailPostfixFetchmail|فارسی| [[::GmailPostfixFetchmail/fa|فارسی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/fi | • {{#if: UbuntuHelp:GmailPostfixFetchmail|suomi| [[::GmailPostfixFetchmail/fi|suomi]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/fr | • {{#if: UbuntuHelp:GmailPostfixFetchmail|français| [[::GmailPostfixFetchmail/fr|français]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/gu | • {{#if: UbuntuHelp:GmailPostfixFetchmail|ગુજરાતી| [[::GmailPostfixFetchmail/gu|ગુજરાતી]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/he | • {{#if: UbuntuHelp:GmailPostfixFetchmail|עברית| [[::GmailPostfixFetchmail/he|עברית]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/hu | • {{#if: UbuntuHelp:GmailPostfixFetchmail|magyar| [[::GmailPostfixFetchmail/hu|magyar]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/id | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Bahasa Indonesia| [[::GmailPostfixFetchmail/id|Bahasa Indonesia]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/it | • {{#if: UbuntuHelp:GmailPostfixFetchmail|italiano| [[::GmailPostfixFetchmail/it|italiano]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ja | • {{#if: UbuntuHelp:GmailPostfixFetchmail|日本語| [[::GmailPostfixFetchmail/ja|日本語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ko | • {{#if: UbuntuHelp:GmailPostfixFetchmail|한국어| [[::GmailPostfixFetchmail/ko|한국어]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ksh | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Ripoarisch| [[::GmailPostfixFetchmail/ksh|Ripoarisch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/mr | • {{#if: UbuntuHelp:GmailPostfixFetchmail|मराठी| [[::GmailPostfixFetchmail/mr|मराठी]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ms | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Bahasa Melayu| [[::GmailPostfixFetchmail/ms|Bahasa Melayu]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/nl | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Nederlands| [[::GmailPostfixFetchmail/nl|Nederlands]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/no | • {{#if: UbuntuHelp:GmailPostfixFetchmail|norsk| [[::GmailPostfixFetchmail/no|norsk]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/oc | • {{#if: UbuntuHelp:GmailPostfixFetchmail|occitan| [[::GmailPostfixFetchmail/oc|occitan]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/pl | • {{#if: UbuntuHelp:GmailPostfixFetchmail|polski| [[::GmailPostfixFetchmail/pl|polski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/pt | • {{#if: UbuntuHelp:GmailPostfixFetchmail|português| [[::GmailPostfixFetchmail/pt|português]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ro | • {{#if: UbuntuHelp:GmailPostfixFetchmail|română| [[::GmailPostfixFetchmail/ro|română]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/ru | • {{#if: UbuntuHelp:GmailPostfixFetchmail|русский| [[::GmailPostfixFetchmail/ru|русский]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/si | • {{#if: UbuntuHelp:GmailPostfixFetchmail|සිංහල| [[::GmailPostfixFetchmail/si|සිංහල]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/sq | • {{#if: UbuntuHelp:GmailPostfixFetchmail|shqip| [[::GmailPostfixFetchmail/sq|shqip]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/sr | • {{#if: UbuntuHelp:GmailPostfixFetchmail|српски / srpski| [[::GmailPostfixFetchmail/sr|српски / srpski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/sv | • {{#if: UbuntuHelp:GmailPostfixFetchmail|svenska| [[::GmailPostfixFetchmail/sv|svenska]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/th | • {{#if: UbuntuHelp:GmailPostfixFetchmail|ไทย| [[::GmailPostfixFetchmail/th|ไทย]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/tr | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Türkçe| [[::GmailPostfixFetchmail/tr|Türkçe]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/vi | • {{#if: UbuntuHelp:GmailPostfixFetchmail|Tiếng Việt| [[::GmailPostfixFetchmail/vi|Tiếng Việt]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/yue | • {{#if: UbuntuHelp:GmailPostfixFetchmail|粵語| [[::GmailPostfixFetchmail/yue|粵語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/zh | • {{#if: UbuntuHelp:GmailPostfixFetchmail|中文| [[::GmailPostfixFetchmail/zh|中文]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/zh-hans | • {{#if: UbuntuHelp:GmailPostfixFetchmail|中文(简体)| [[::GmailPostfixFetchmail/zh-hans|中文(简体)]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GmailPostfixFetchmail | UbuntuHelp:GmailPostfixFetchmail | {{#if: | :}}GmailPostfixFetchmail}}/zh-hant | • {{#if: UbuntuHelp:GmailPostfixFetchmail|中文(繁體)| [[::GmailPostfixFetchmail/zh-hant|中文(繁體)]]}}|}} |
{{#ifeq:UbuntuHelp:GmailPostfixFetchmail|:GmailPostfixFetchmail|请不要直接编辑翻译本页,本页将定期与来源同步。}} |
{{#ifexist: :GmailPostfixFetchmail/zh | | {{#ifexist: GmailPostfixFetchmail/zh | | {{#ifeq: {{#titleparts:GmailPostfixFetchmail|1|-1|}} | zh | | }} }} }} {{#ifeq: {{#titleparts:GmailPostfixFetchmail|1|-1|}} | zh | | }}
<<Include(Tag/ContentCleanup)>>
Introduction
How to use Postfix and Fetchmail to access a single Gmail account using an old-fashioned client such as mutt or Emacs GNUS. If you use Evolution or a similar modern e-mail client, you do not need to use this. Your client has the ability to connect directly to the Gmail POP3 and SMTP services.
- Help with Evolution: UsingGmailWithEvolution.
- Help with Thunderbird: http://mail.google.com/support/bin/answer.py?answer=38343
This setup is intended to be as simple and as close to a standard Ubuntu configuration as possible. This setup does not verify the Gmail SMTP server certificate.
Not For Beginners
You should be familiar with:
- How to install packages
- How to edit text configuration files.
- Terms like POP3, SMTP and SSL.
References
- http://prantran.blogspot.com/2007/01/getting-postfix-to-work-on-ubuntu-with.html
- http://souptonuts.sourceforge.net/postfix_tutorial.html
- http://www.postfix.com/TLS_README.html
- http://www.postfix.com/SASL_README.html
- http://www.postfix.com/ADDRESS_REWRITING_README.html
- http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailservers.html
- http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html
Packages needed
You will need the postfix and fetchmail packages. See InstallingSoftware for more on installing packages. Postfix will work on Ubuntu as is from apt-get without any compilation necessary
Setting up your Gmail account
You will need to enable POP access for your Gmail account. This is done through the google website. See UsingGmailWithEvolution for more. Gnus queues mail to postfix, postfix forwards to Google. An openssl certificate is made by a CA signing authority signing a request to generate a server-side certificate. Although to encrypt the connection between Gnus and postfix is possible, this is not necessary if mail is being sent from gnus to postix at the local machine. The connection between postfix and google will be encrypted. This is like https but by the smtp protocol which is by emails. So it is not always necessary to use postfix to do this because some A Mail User Agents can do this itselves : a MUA is a client like gnus or evolution. Postfix will be a client when is connects to google, and the variables pertaining by this are beginning as smtp-the-something. Where postfix is the daemon it receives mails, into our case from the localhost, and the variables pertaining by this mode commence as smtpd-something. Don't forget! A "mail delivery agent" is the back end used to store mails, which can be postfix. A "mail transfer agent" is a server talking SMTP : it receives mail via SMTP, and it can pass it on via SMTP. Postfix is a combination of MTA and MDA. to send every mail through Google you also need to set option as relayhost[smtp.gmail.com]:587 Another option is to use a transport map. transport_maps = hash:/etc/postfix/transport The easiest is to just use a mail client, and nothing inter-locuting, but we are not doing this by using postfix at all. Postfix may and can be used as a storage mail retrieval of fetchmail exclusively, and let the mail client perform the smtp encryption to google directly. So this is available as an alternative plan, when this one does work. It is very time-consuming, awkward, frustrating, and annoying.
Example username
In all the examples below, I've assumed that the username on the
Ubuntu system is jane
, and that the Gmail username is
[email protected]
, with password doeadeer
. You obviously need to
replace these with your local username, your Gmail username and Gmail
password as appropriate.
Configuring Postfix
To setup Postfix, you will need to create 5 files:
- /etc/postfix/main.cf
- /etc/postfix/generic
- /etc/postfix/generic.db
- /etc/postfix/passwd
- /etc/postfix/passwd.db
You will need root access to create and edit these files; see RootSudo for more on gaining root access.
Stop Postfix
It's not necessary to do so, but if you wish to stop Postfix while configuring, run (as root)
/etc/init.d/postfix stop
/etc/postfix/main.cf
When you install Postfix you will be prompted to make configurative choices. You can choose "No configuration"; in this case no configuration file will be created, and you can use the contents below. The configuration choices used to create it are listed in the Appendix. This is the Postfix configuration file /etc/postfix/main.cf:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = localhost alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = localhost, localhost.localdomain mynetworks = 127.0.0.0/8 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only inet_protocols = all smtp_tls_loglevel=1 smtp_tls_security_level=encrypt smtp_sasl_auth_enable=yes smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd smtp_sasl_security_options = noanonymous smtp_generic_maps=hash:/etc/postfix/generic relayhost=[smtp.gmail.com]:587
An explanation of each non-standard line (following the comment "non debconf entries start here") is given in the Appendix.
/etc/postfix/generic and /etc/postfix/generic.db
The generic file tells Postfix how to map local e-mail addresses to
Internet addresses when mail is sent via SMTP. Postfix rewrites
"From:" headers to make e-mail appear to come from
[email protected]
instead of jane@localhost
.
The /etc/postfix/generic is a plain text file, and should look as
follows:
jane@localhost [email protected]
/etc/postfix/generic.db is generated from this using the postmap command:
cd /etc/postfix postmap generic
/etc/postfix/sasl/passwd and /etc/postfix/sasl/passwd.db
The passwd file contains your Gmail password. Like /etc/postfix/generic file discussed above, it is a plain text file; it should look as follows:
[smtp.gmail.com]:587 [email protected]:doeadeer
To create passwd.db, and set ownership and permissions appropriately, run the following commands:
cd /etc/postfix/sasl postmap passwd chown root.root passwd passwd.db chmod 600 passwd passwd.db
Start or reload Postfix
If you previously stopped Postfix, restart it with
/etc/init.d/postfix start
If you didn't stop Postfix, force it to reload its configuration with
postfix reload
Testing
Postfix provides a means of testing its address rewriting rules using
the sendmail command with the '-bv' option. If the mail would be sent
externally (i.e., via smtp.gmail.com), the command will cause sendmail
to connect and authenticate to smtp.gmail.com, which makes it a
convenient way to test the Postfix setup.
One possibly inconvenient feature of sendmail -bv is that the result
is mailed to the user who ran the command; thus, if mail is utterly
misconfigured, you will never receive the result. If you suspect this
is the case, you can check /var/log/mail.log to see what went wrong, or you can type mail within the same account as the sender.
Alternatively do echo 'test mail' | mail -s 'testing this' [email protected]
To check that basic delivery works, run the following command as a
normal user (replacing "jane", as elsewhere, with your username):
sendmail -bv jane
You should receive a mail starting with:
This is the mail system at host localhost. Enclosed is the mail delivery report that you requested. The mail system <jane@localhost> (expanded from <jane>): delivery via local: delivers to mailbox
If this didn't work, make sure that Postfix is running. To check that Postfix can successfully connect to gmail, run
sendmail -bv [email protected]
You should receive a mail starting with:
This is the mail system at host localhost. Enclosed is the mail delivery report that you requested. The mail system <[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: 250 2.1.5 OK
Potential problems with this are discussed in the following section.
Potential Postfix problems
Cannot find password
If you get an error message like this:
<[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: host smtp.gmail.com[66.249.91.109] said: 530 5.5.1 Authentication Required c24sm1773006ika (in reply to MAIL FROM command)
then Postfix cannot figure out what password to send gmail; make sure that the smtp_sasl_password_maps entry in /etc/postfix/main.cf is correct, that /etc/postfix/sasl/passwd is correct, and that you've created /etc/postfix/sasl/passwd.db.
No mechanism available
If you get an error message like this:
SASL authentication failed; cannot authenticate to server smtp.gmail.com[66.249.91.109]: no mechanism available
you have probably forgotten the smtp_sasl_security_options line in /etc/postfix/main.cf.
Configuring Fetchmail
The setup presented here configures the system-wide fetchmail service, which is by default always running; for this use /etc/fetchmailrc is the configuration file. If you want to run fetchmail as your normal user you should use ~/.fetchmailrc; that case is not further discussed here. Unlike the Postfix setup above, the fetchmail configuration presented here will verify the Gmail POP3 server's certificate.
Stop the fetchmail service
To stop fetchmail while configuring it, run
/etc/init.d/fetchmail stop
/etc/fetchmail.rc
The file /etc/fetchmailrc should look as follows:
set syslog set daemon 240 poll pop.gmail.com with nodns, with protocol POP3 user "[email protected]" there is jane here, with password doeadeer, with ssl, sslcertck;
A detailed explanation is given in the appendix, though fetchmail's configuration language hopefully makes it clear. Since this file contains your Gmail password, you may wish to give it restrictive read permission:
chmod 600 /etc/fetchmailrc
Testing
To test your configuration, run fetchmail as below; this should be run as root, since it reads /etc/fetchmailrc.
fetchmail -v -d0 -f /etc/fetchmailrc
Take a look at /var/log/mail.log (e.g., using less /var/log/mail.log
)
to see that the connection was successful.
Restart fetchmail
Once your configuration is working, you can restart fetchmail with
/etc/init.d/fetchmail start
Appendix
Debconf choices for main.cf above
For the record, the main.cf above was created with dpkg-reconfigure postfix with the following selections:
General type of configuration: Satellite system Mail for root: <blank> (default) Mail name: localhost (default) SMTP relay host: <blank> (default is smtp.localdomain) Other destinations to accept mail for: localhost, localhost.localdomain, localhost (default) Synchronous updates: no (default) Local networks: 127.0.0.0/8 (default) Mailbox size limit: 0 (default) Local address extension character: + (default) Internet protocols to use: all (default)
Explanation of /etc/postfix/main.cf
Only the non-debconf lines are explained. For much more, run
man 5 postconf
or visit [1].
smtp_tls_loglevel=1
Basic logging of connections to smtp.gmail.com.
smtp_tls_security_level=encrypt
Require an encrypted TLS connection to smtp.gmail.com. It would be preferable to use the verify level.
smtp_sasl_auth_enable=yes
Enable SMTP authentication.
smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd
Where the SMTP authentication data is to be found.
smtp_sasl_security_options = noanonymous
This one is a bit obscure: by specifying noanonymous, one allows plaintext passwords to be sent (I think noplaintext is the next level "up" from noanonymous). Gmail's SMTP server apparently accepts plaintext authentication only.
smtp_generic_maps=hash:/etc/postfix/generic
Where the generic mapping data is to be found.
relayhost=[smtp.gmail.com]:587
Address and port number for SMTP connections. Putting the hostname in square brackets means it is interpreted as a hostname, rather than a mail name (as I understand it, Postfix uses "normal" DNS records rather than MX records when square brackets are used).
Explanation of /etc/fetchmailrc
Run man fetchmail
for details. Fetchmail's configuration
language has the interesting property of ignoring some words (like
"with") and punctuation (like the comma and semicolon).
set syslog
Log messages to syslog; fetchmail messages will appear in /var/log/mail.log.
set daemon 240
Check for mail every 240 seconds.
poll pop.gmail.com
Each account entry starts with keyword "poll", followed by the server hostname.
with nodns,
This is probably unnecessary.
with protocol POP3
Connect to pop.gmail.com mail using the POP3 protocol.
user "[email protected]" there is jane here,
Login to the POP3 server with username "[email protected]"; deliver mail to local user "jane".
with password doeadeer,
The POP3 password is "doeadeer".
with ssl, sslcertck;
Use SSL in communicating to the POP3 server, and verify that the certificate is valid. fetchmail uses the certificates provided by the ca-certificates packages for this.
Verifying the Gmail SMTP server certificate
The configuration above does not verify the certificate of the Gmail SMTP server. This would be very easy to do but for Bug 118963 If you need this verification, you can either read reference 2 above, which shows you how to download and install the certificate yourself, or you can do something like this:
mkdir /var/spool/postfix/certs cp -R /etc/ssl/certs/* /var/spool/postfix/certs mkdir -p /var/spool/postfix/usr/share/ca-certificates cp -R /usr/share/ca-certificates /var/spool/postfix/usr/share/ca-certificates
Then, in main.cf, change the smtp_tls_security_level line and add an smtp_tls_CApath line as follows:
smtp_tls_security_level=verify smtp_tls_CApath=/certs
This might need to be redone if you upgrade postfix (e.g., when upgrading Ubuntu).
If Nothing Is Working
If possible, check that you can access the Gmail SMTP and POP3 services with a client like Thunderbird; Google provide complete instructions for setting up Thunderbird here. You can try port 465 instead of 587 for SMTP. You can do a check that SMTP connections can be made using stunnel, as follows:
stunnel -v 2 -c -n smtp -f -r smtp.gmail.com:587
You should see something like this:
2007.10.15 22:10:13 LOG5[9230:3083238176]: Using 'smtp.gmail.com.587' as tcpwrap per service name 2007.10.15 22:10:13 LOG5[9230:3083238176]: stunnel 3.26 on i486-pc-linux-gnu PTH READ+LIBWRAP with OpenSSL 0.9.8c 05 Sep 2006 220 mx.google.com ESMTP b30sm3913237ika 2007.10.15 22:10:15 LOG5[9230:3083238176]: VERIFY OK: depth=1, /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Th awte Premium Server CA/[email protected] 2007.10.15 22:10:15 LOG5[9230:3083238176]: VERIFY OK: depth=0, /C=US/ST=Californ ia/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
Terminate this connection with Ctrl-C. You can also try testing the POP3 connection, though I had no success with this:
stunnel -v 2 -c -n pop3 -f -r pop.gmail.com:995
Note that you cannot use openssl's s_client to test the SMTP connection; Gmail's SMTP server requires the client to begin communications with HELO (or EHLO), while s_client jumps straight to STARTTLS.
Why is everything still broken?
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_authenticated_header = yes
Now you MUST MUST MUST alter the master.cf file as demonstrated in reference 2. If you do not you might experience looking at a server certificate error in your mailq. Another, and THE MOST IMPORTANT, thing is that probably your $mydomain, $myhostname, and a load of other things are not concurring with register user accounts on your local computer. The solution is within /usr/share/postfix/main.cf.dist which is a commented, more complete version of a main.cf The clue lies in the fall_transport variable. This permits postfix to work far less rigidly on machines which have spoof domains established within /etc/hosts by the benefit til the operation of nntp servers like leafnode.
inet_interfaces = all mynetworks_style = host local_recipient_maps = fallback_transport =
If you are still having problems with authorisation and certificate recognition, forget the above about the snakeoil certificate, and follow the most excellent instructions to make your own certificate at reference 7 This page is more useful than this whole venture by postfix itself. If it works it feels rewarding, but it can take one week of effort and worthwhile learning.