Use Postfix With AWS SES or Gmail

  • Works on Centos, Amazon Linux and Ubuntu
  • Execute all steps on root account

Before you start:

Generate your SMTP username and password on AWS SES; Gmail, will need App password
Verify the domain and email addresses
Check if your certificate exists
- Centos or Amazon Linux: */etc/pki/tls/certs/ca-bundle.crt*
- Ubuntu: */etc/ssl/certs/ca-certificates.crt*
This tutorial was made for us-east region, just change the endpoint for other regions

Installation

  • Centos or Amazon Linux
$ yum install postfix mailx cyrus-sasl cyrus-sasl-plain cyrus-sasl-lib cyrus-imapd cyrus-imapd-utils
  • Ubuntu
$ apt-get install postfix mailutils libsasl2–2 ca-certificates libsasl2-modules

Edit the postfix configuration with SMTP settings and insert this lines on the botton of the /etc/postfix/main.cf file (On Ubuntu, just change the *.crt* directory)

  • Gmail
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
relayhost = smtp.gmail.com:587
  • AWS SES
relayhost = email-smtp.us-east-1.amazonaws.com:25
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_use_tls = yes
smtp_tls_security_level = encrypt
smtp_tls_note_starttls_offer = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt

Create the sasl_passwd file with SMTP username and password

  • Gmail
$ touch /etc/postfix/sasl_passwd
$ cat << EOF >/etc/postfix/sasl_passwd
[smtp.gmail.com]:587 USERNAME@gmail.com:PASSWORD
EOF
  • AWS SES
$ touch /etc/postfix/sasl_passwd
$ cat << EOF >/etc/postfix/sasl_passwd
email-smtp.us-east-1.amazonaws.com:25 SMTP_USERNAME:SMTP_PASSWORD
ses-smtp-prod-335357831.us-east-1.elb.amazonaws.com:25 SMTP_USERNAME:SMTP_PASSWORD
EOF

Change the permission and generate the password file for postfix

sudo chmod 400 /etc/postfix/sasl_passwd
sudo postmap /etc/postfix/sasl_passwd

Restart postfix

service postfix restart

Check if email are sent

You can check your log for more information ( /var/log/maillog )
  • Gmail
echo “Test mail from postfix” | mail -s “Test Postfix” you@example.com
  • AWS SES
sendmail -f from@example.com to@example.com
From: from@example.com
Subject: Test
This email was sent through Amazon SES!
.
Cool, It’s done (I hope so)

If you have some question or update about this procedure, please contact me.

See ya!
One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.