Relay Mails Using Gmail on RHEL6.1

0
4932

This article explains the use of Postfix as a mail transfer agent to relay mails using Gmail.

In this article, lets explore how to configure RHEL 6.1 [x86] to relay emails using Gmail. In order to do so, we need to configure Postfix in RHEL 6.1. Postfix is a free and open source mail transfer agent [MTA] that routes and delivers emails. It’s an alternative to Sendmail, which, to date, is the most widely used MTA that routes and delivers emails. It supports various mail transfer and delivery methods, which includes SMTP (Simple Mail Transfer Protocol).

Prerequisites
The settings given below are configured.
1. The operating system, host name and IP address used are RHEL 6.1, PILOTVM01.linuxrocks.org and 192.168.1.15, respectively.
2. The /etc/hosts configuration file should look like what’s shown below:

#cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.15 PILOTVM01 PILOTVM01.linuxrocks.org

3. To set the IP address, type:

[GUI – System -> Preferences -> Network Connection;
4. Now, turn ‘OFF’ the firewall:
[GUI – System -> Administration -> Firewall.
If you want to stop the firewall using command, we can run:

service iptables stop
chkconfig iptables off

5. Next, disable SELinux.

6. Now change the system’s date and time [optional].
To change date and time go to System -> Administration -> Date & Time and modify the value.

Postfix configuration on RHEL 6.1 x86
Before we start with the configuration, here are some points to consider. For office users, Internet connectivity to Postfix Server is a must. In case of limited Internet connectivity as part of organisational policy, at least Gmail must be accessible.
For home users, Internet connectivity to Postfix Server should not be an issue.
Since, in my environment, I have a separate colour coded cable for free Internet, I just needed to configure the IP address mode to be dynamic so as to receive the IP address automatically. In my case, the IP address received is 192.168.1.15
So, the network configuration depends upon the environment in which you are configuring Postfix Server.
Verify if the Postfix package is already installed, as follows:

#rpm -qa | grep postfix*
postfix-2.6.6-2.1.el6_0.i686

As observed, the package is already installed.

If not installed, please install the package from the RHEL 6.1 DVD with the following command:

#rpm --ivh --aid --force postfix-2.6.6-2.1.el6_0.i686.rpm

In case of package dependencies, keep appending the dependent package name with the above command till all dependencies are resolved and Postfix is installed.
Once the package is installed, open the primary configuration file of Postfix with the Vi Editor:

#vi /etc/postfix/main.cf

Now add the following lines at the end of the configuration file [precisely after Line 676]:

#EDITED BY ARINDAM MITRA
smtp_sasl_security_options = noanonymous
#sasl [Simple Authentication and Secure Layer] #option, no anonymous login.
relayhost = smtp.gmail.com:587
#Setting Gmail as relay
smtp_use_tls = yes
#Use TLS [Transport Layer Security]
smtp_tls_CAfile = /etc/postfix/cacert.pem
#Trusted Server Certificate while verifying
smtp_sasl_auth_enable = yes
#Use of sasl [Simple Authentication and Secure Layer]
#while authenticating to foreign SMTP Server, in our
#case, it is GMAIL
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
#Location of Hash Password File [as its more Secure]

Now follow the steps given below:

[root@pilotvm01 ~]#cd /etc/postfix/

Verify if the directory named sasl exists:

[root@pilotvm01 postfix]#ll
total 140
-rw-r--r--. 1 root root 19579 Mar 9 2011 access
-rw-r--r--. 1 root root 11681 Mar 9 2011 canonical
-rw-r--r--. 1 root root 9904 Mar 9 2011 generic
-rw-r--r--. 1 root root 18287 Mar 9 2011 header_checks
-rw-r--r-- 1 root root 27256 May 18 10:51 main.cf
-rw-r--r--. 1 root root 5113 Mar 9 2011 master.cf
-rw-r--r--. 1 root root 6816 Mar 9 2011 relocated
-rw-r--r--. 1 root root 12500 Mar 9 2011 transport
-rw-r--r--. 1 root root 12494 Mar 9 2011 virtual

As observed, no directory named sasl exists.
Proceed further by creating a directory named sasl and re-verify:

[root@pilotvm01 postfix]#mkdir sasl
[root@pilotvm01 postfix]#ll
total 144
-rw-r--r--. 1 root root 19579 Mar 9 2011 access
-rw-r--r--. 1 root root 11681 Mar 9 2011 canonical
-rw-r--r--. 1 root root 9904 Mar 9 2011 generic
-rw-r--r--. 1 root root 18287 Mar 9 2011 header_checks
-rw-r--r-- 1 root root 27256 May 18 10:51 main.cf
-rw-r--r--. 1 root root 5113 Mar 9 2011 master.cf
-rw-r--r--. 1 root root 6816 Mar 9 2011 relocated
drwxr-xr-x 2 root root 4096 May 18 11:03 sasl
-rw-r--r--. 1 root root 12500 Mar 9 2011 transport
-rw-r--r--. 1 root root 12494 Mar 9 2011 virtual

Browse to directory sasl, create a 0 byte file named passwd, open it with the Vi editor and add the following lines:

[root@pilotvm01 postfix]#cd sasl/
[root@pilotvm01 sasl]#touch passwd
[root@pilotvm01 sasl]#cat passwd
[root@pilotvm01 sasl]# vi passwd
[root@pilotvm01 sasl]#

[root@pilotvm01 sasl]#cat passwd
smtp.gmail.com:587 arindam0310018@gmail.com:GMAIL PASSWORD
[root@pilotvm01 sasl]#

Now change the permissions so that only the owner [in our case, root] can read and write the passwd file:

[root@pilotvm01 sasl]#chmod 600 passwd
[root@pilotvm01 sasl]#ll
total 4
-rw------- 1 root root 52 May 18 11:08 passwd
[root@pilotvm01 sasl]#

HASH the passwd file so that it is more secure.

[root@pilotvm01 sasl]#postmap passwd

As observed, after HASHING, passwd and passwd.db both reside in the same location.

[root@pilotvm01 sasl]#ll
total 12
-rw------- 1 root root 52 May 18 11:08 passwd
-rw------- 1 root root 12288 May 18 11:10 passwd.db
[root@pilotvm01 sasl]#

Now generate the TRUSTED SERVER CERTIFICATE for verification.

[root@pilotvm01 sasl]#cd /etc/pki/tls/certs/
[root@pilotvm01 certs]#ll
total 1220
-rw-r--r--. 1 root root 578465 Apr 7 2010 ca-bundle.crt
-rw-r--r--. 1 root root 658225 Apr 7 2010 ca-bundle.trust.crt
-rwxr-xr-x. 1 root root 610 Feb 10 2011 make-dummy-cert
-rw-r--r--. 1 root root 2242 Feb 10 2011 Makefile
[root@pilotvm01 certs]#

[root@pilotvm01 certs]#make pilotvm01.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 > pilotvm01.pem ; \
echo “” >> pilotvm01.pem ; \
cat $PEM2 >> pilotvm01.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
...........+++
..............+++
writing new private key to ‘/tmp/openssl.4L2n3J’
-----

You will be asked to enter information that will be incorporated in your certificate request.
What you will enter is called a ‘distinguished name’ or a DN. There are quite a few fields but you can leave some blank. For some fields, there will be a default value. If you enter ‘.’, the field will be left blank.

Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:MAHARASHTRA
Locality Name (eg, city) [Default City]:PUNE
Organization Name (eg, company) [Default Company Ltd]:OSFY
Organizational Unit Name (eg, section) []:PUBLISHING
Common Name (eg, your name or your server›s hostname) []:PILOTVM01
Email Address []:arindam0310018@gmail.com
[root@pilotvm01 certs]#

[root@pilotvm01 certs]#ll
total 1224
-rw-r--r--. 1 root root 578465 Apr 7 2010 ca-bundle.crt
-rw-r--r--. 1 root root 658225 Apr 7 2010 ca-bundle.trust.crt
-rwxr-xr-x. 1 root root 610 Feb 10 2011 make-dummy-cert
-rw-r--r--. 1 root root 2242 Feb 10 2011 Makefile
-rw------- 1 root root 3141 May 18 11:14 pilotvm01.pem
[root@pilotvm01 certs]#

Now rename the certificate from pilotvm01.pem as cacert.pem while copying it to /etc/Postfix/:

[root@pilotvm01 certs]#cp pilotvm01.pem /etc/Postfix/cacert.pem
[root@pilotvm01 certs]#cd
[root@pilotvm01 ~]#

Verify if the Postfix Service is running, as follows:

[root@pilotvm01 ~]#service Postfix status
master (pid 2093) is running...
[root@pilotvm01 ~]#

After verification, restart the Postfix Service:

[root@pilotvm01 ~]#service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
[root@pilotvm01 ~]#

Now, let’s try sending email.
1. To send email as the root user, type:

echo “This is message body” | mail -s “This is Subject” <VALID EMAIL ADDRESS>

Example:

[root@pilotvm01 ~]#echo “This is the message body” | mail -s “This is the Subject” mail2arindam2003@yahoo.com

Observation:
On receiving email, the ‘From Address’ is displayed as root arindam0310018@gmail.com’.
2. Now let’s create a normal user ‘adminlinux’ and then send email:

[root@pilotvm01 ~]#useradd adminLinux
[root@pilotvm01 ~]#su - adminLinux

[adminLinux@pilotvm01 ~]$pwd
/home/adminLinux
[adminLinux@pilotvm01 ~]$

[adminLinux@pilotvm01 ~]$echo «This is the message body» | mail -s «This is the Subject» mail2arindam2003@yahoo.com
[adminLinux@pilotvm01 ~]$

Observation:
On receiving email, the ‘From Address’ is displayed as <arindam0310018@gmail.com>.
3. To send email with attachments as user adminlinux, type:

[adminLinux@pilotvm01 ~]$echo “This is message body” | mail -s “This is Subject” -r “Arindam<arindam0310018@gmail.com>” -a /root/df.txt mail2arindam2003@yahoo.com
Note: 1. With the -r option, the ‘from’ name and address can be specified.
2. With the -a option, attachments can be added.

LEAVE A REPLY

Please enter your comment!
Please enter your name here