Unable to send email via Gmail.com since update to 15.3

English Applications
1

Hi,
I have previously followed this tutorial on how to set up a postfix outgoing email server using Gmail.
https://www.howtoforge.com/tutorial/configure-postfix-to-use-gmail-as-a-mail-relay/

Since the update to 15.3 (or around the same time) I initially got an error message with the following line:

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd which was error: unsupported dictionary type: hash

I fixed the error by changing hash: to lmdb: and that error is removed. However, I know get an error stating

“status=deferred (SASL authentication failed; cannot authenticate to server smtp.gmail.com[108.177.15.109]: invalid parameter supplied)”

This is the relevant area that I changed in main.cf. these changes are at the end of the file, and all other occurrences of the parameters have been commented out.

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = lmdb:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/ca-bundle.pem

Does anyone know how to fix this and can help me ?

Thanks

John

2

@buttshill:

You may well be experiencing what KDE Kmail also experienced with GMail – <https://userbase.kde.org/KMail/FAQs_Hints_and_Tips#Configure_GMail_without_OAuth>.

Similar Postfix instructions –

ArchWiki article – <https://wiki.archlinux.org/title/Postfix>.

AFAICS, there’s no current, up-to-date openSUSE Wiki article on this topic – BTW, Google changed their GMail security not so long ago …

3

I have a few relays configured in my postfix configuration, and uncomment the one I require. For Gmail, I remember I had to add a couple of lines and this is what I have now:-

relayhost = [smtp.gmail.com]:465
########### Required for GMail relay ##########
smtp_tls_wrappermode = yes
smtp_tls_security_level = encrypt
###############################################

Can’t remember where I found that I needed these lines.

The move to lmdb from hash is of course another matter.

4

Hi JulinaB,
I tried your code lines and have now got a different error. (Was it deliberate to use port 465 instead of 587? - I tried both).

2021-08-20T11:52:02.405900+01:00 venus postfix/pickup[12607]: 62F64249780: uid=1001 from=<john>
2021-08-20T11:52:02.406161+01:00 venus postfix/cleanup[12703]: 62F64249780: message-id=<20210820105202.62F64249780@localhost>
2021-08-20T11:52:02.408201+01:00 venus postfix/qmgr[12608]: 62F64249780: from=<john@localhost>, size=412, nrcpt=1 (queue active)
2021-08-20T11:52:02.446979+01:00 venus postfix/smtp[12612]: SSL_connect error to smtp.gmail.com[142.251.5.108]:587: -1
2021-08-20T11:52:02.447094+01:00 venus postfix/smtp[12612]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:332:
2021-08-20T11:52:02.449314+01:00 venus postfix/smtp[12612]: 62F64249780: to=<buttshill@gmail.com>, relay=smtp.gmail.com[142.251.5.108]:587, delay=0.05, delays=0.01/0/0.04/0, dsn=4.7.5, status=deferred (Cannot start TLS: handshake failure)

I got tis error message as well

2021-08-20T12:01:15.853880+01:00 venus postfix/smtp[18176]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:332:

I will look this error up.

John

5

Please ignore above. the following is the error message with port 465

2021-08-20T12:04:48.366656+01:00 venus postfix/postfix-script[18549]: starting the Postfix mail system
2021-08-20T12:04:48.377561+01:00 venus postfix/master[18551]: daemon started -- version 3.5.9, configuration /etc/postfix
2021-08-20T12:05:04.044410+01:00 venus clamd[2779]: SelfCheck: Database status OK.
2021-08-20T12:05:06.741016+01:00 venus postfix/pickup[18552]: B4CA124998A: uid=1001 from=<john>
2021-08-20T12:05:06.745173+01:00 venus postfix/cleanup[18606]: B4CA124998A: message-id=<20210820110506.B4CA124998A@localhost>
2021-08-20T12:05:06.747300+01:00 venus postfix/qmgr[18553]: B4CA124998A: from=<john@localhost>, size=412, nrcpt=1 (queue active)
2021-08-20T12:05:06.892441+01:00 venus postfix/smtp[18608]: B4CA124998A: to=<buttshill@gmail.com>, relay=smtp.gmail.com[142.251.5.109]:465, delay=0.15, delays=0.01/0.02/0.09/0.02, dsn=5.7.0, status=bounced (host smtp.gmail.com[142.251.5.109] said: 530-5.7.0 Authentication Required. Learn more at 530 5.7.0  https://support.google.com/mail/?p=WantAuthError q17sm5489860wrr.91 - gsmtp (in reply to MAIL FROM command))
2021-08-20T12:05:06.909521+01:00 venus postfix/cleanup[18606]: DDEC624998C: message-id=<20210820110506.DDEC624998C@localhost>
2021-08-20T12:05:06.911740+01:00 venus postfix/bounce[18610]: B4CA124998A: sender non-delivery notification: DDEC624998C
2021-08-20T12:05:06.911800+01:00 venus postfix/qmgr[18553]: DDEC624998C: from=<>, size=2554, nrcpt=1 (queue active)
2021-08-20T12:05:06.911845+01:00 venus postfix/qmgr[18553]: B4CA124998A: removed
2021-08-20T12:05:06.918007+01:00 venus postfix/local[18611]: DDEC624998C: to=<john@localhost>, relay=local, delay=0.01, delays=0/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
2021-08-20T12:05:06.918097+01:00 venus postfix/qmgr[18553]: DDEC624998C: removed

I will look into the link suggested in the message.

Regards

John

6

OK, haven’t used Gmail as a relay for a while. I will see if I can reconfigure to use it this afternoon and report back.

7

OK, I reconfigured and all was fine. Here’s my log:-

2021-08-20T12:39:02.806453+01:00 cumulus ipop3d[23645]: pop3 service init from 192.168.25.132
2021-08-20T12:39:02.884556+01:00 cumulus ipop3d[23645]: Login user=julian host=soyuz [192.168.25.132] nmsgs=0/0
2021-08-20T12:39:02.929653+01:00 cumulus ipop3d[23645]: Update user=julian host=soyuz [192.168.25.132] nmsgs=0 ndele=0 nseen=0
2021-08-20T12:39:02.929862+01:00 cumulus ipop3d[23645]: Logout user=julian host=soyuz [192.168.25.132]
2021-08-20T12:42:00.344580+01:00 cumulus postfix/pickup[23000]: 54113101F0D: uid=0 from=<root>
2021-08-20T12:42:00.376276+01:00 cumulus postfix/cleanup[24553]: 54113101F0D: message-id=<20210820114200.54113101F0D@cloud.homeip.net>
2021-08-20T12:42:00.379615+01:00 cumulus postfix/qmgr[23001]: 54113101F0D: from=<root@XXXXX.XXXXXX.net>, size=445, nrcpt=1 (queue active)
2021-08-20T12:42:02.916826+01:00 cumulus postfix/smtp[24555]: 54113101F0D: to=<XXXXXXXXX@compuserve.com>, relay=smtp.gmail.com[74.125.133.108]:465, delay=2.6, delays=0.04/0.04/1.6/0.95, dsn=2.0.0, status=sent (250 2.0.0 OK  1629459722 t14sm10007510wmj.2 - gsmtp)
2021-08-20T12:42:02.917296+01:00 cumulus postfix/qmgr[23001]: 54113101F0D: removed

and the message arrived in my Compuserve account with the ‘from’ header rewritten which is what the gmail relay does so I know it went via gmail.

My system configuration is:
Leap 15.2
postfix mail_version = 3.4.7

I also have the following in my main.cf which may be relevant:

############################################################
# SASL stuff
############################################################
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = 
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_auth_enable = no
smtpd_sasl_security_options = noanonymous
############################################################
# TLS stuff
############################################################
#tls_append_default_CA = no 
relay_clientcerts =
#tls_random_source = dev:/dev/urandom
smtp_use_tls = yes
8

Hi,
The issue is “perhaps” with the upgrade to postfix 3.5.9, where hash is no longer acceptable it seems.
I check in one of my backups for 15.2 where the emails were working and I was using hash. The error message received suggests looking at a Google link which I will now do.

Thanks for your help.

Regards

John

9

THe error message says that it is an Authentication Error. Do you have 2 step authentication turned on? If you do then you have to create an app specific password. Not sure of the detail, I have it turned off but here is a link:

https://support.google.com/accounts/answer/185833?hl=en

10

No I have “less secure” turned on.
Still looking.

thanks for your help

11

OK, just did some very basic editing on a vanila Leap 15.3 (postfix 3.5.9). Simply added the relay details to main.cf and added a sasl password file with my gmail details and my normal relay.

Relayed via my normal relay but failed with gmail. Think something has changed in the version for 15.3

12

OK, got it working.

From the basic main.cf I did made some changes and it now works. A diff between the initial installed main.cf and my working one is:

679,687c679< #relayhost = 
< 
< relayhost = [smtp.gmail.com]:465
< ########### Required for GMail relay ##########
< smtp_tls_wrappermode = yes
< smtp_tls_security_level = encrypt
< ###############################################
< 
< 
---
> relayhost = 
717,719c709,711
< smtp_sasl_auth_enable = yes
< smtp_sasl_security_options = noanonymous
< smtp_sasl_password_maps = lmdb:/etc/postfix/gmail
---
> smtp_sasl_auth_enable = no
> smtp_sasl_security_options = 
> smtp_sasl_password_maps =

Note /etc/postfix/gmail is my local version of sasl_passwd.

If you need my working file just ask for it.

13

,Hi JulinaB,
As I don’t quite see how the 679,687… & 717,719… numbers fir into the file.
If I could please request a copy of your working file that would be great.
I have sent a PM.

Many thanks

Regards

John

14

They are just the line numbers in the file generated by “diff”. I’ll respond to your private message with the file.

15

Hi Julina,
I did the folliwng steps

  1. Uninstalled postfix,
  2. Deleted the /etc/postfix folder
  3. Installed Postfix
  4. replaced the main.cf with your copy
  5. Changed my hostname to reflect my hostname venus
  6. copied sasl_passwd to gmail and added the [smtp.gmail.com]:465 user@gmail.com:password
    7 ran postmap /etc/postfix/gmail to produce gmail.lmdb
  7. started postfix and got
2021-08-23T13:58:16.632689+01:00 venus postfix/pickup[17137]: 9A5F1251539: uid=0 from=<root>
2021-08-23T13:58:16.632945+01:00 venus postfix/trivial-rewrite[17140]: using backwards-compatible default setting append_dot_mydomain=yes to rewrite "venus" to "venus.localdomain"
2021-08-23T13:58:16.633150+01:00 venus postfix/cleanup[17139]: warning: lmdb:/etc/postfix/sender_canonical is unavailable. open database /etc/postfix/sender_canonical.lmdb: No such file or directory
2021-08-23T13:58:16.633200+01:00 venus postfix/cleanup[17139]: warning: lmdb:/etc/postfix/sender_canonical lookup error for "root@venus.localdomain"
2021-08-23T13:58:16.633253+01:00 venus postfix/cleanup[17139]: warning: 9A5F1251539: sender_canonical_maps map lookup problem for root@venus.localdomain -- message not accepted, try again later
2021-08-23T13:58:16.633294+01:00 venus postfix/cleanup[17139]: warning: lmdb:/etc/postfix/canonical is unavailable. open database /etc/postfix/canonical.lmdb: No such file or directory
2021-08-23T13:58:16.633344+01:00 venus postfix/cleanup[17139]: warning: lmdb:/etc/postfix/canonical lookup error for "root@venus.localdomain"

As you can see there are lots of unable to find .lmdb type files. Can I ask what other steps you took?

Thanks for the continued help.

John

16

Nothing else but my system has the following in /etc/postfix:

Progress:~ # cd /etc/postfix
Progress:/etc/postfix # ls -al *.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 access.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 canonical.lmdb
-rw-r--r-- 1 root root 12288 Aug 21 15:40 gmail.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 helo_access.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 relay.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 relay_ccerts.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 relocated.lmdb
-rw------- 1 root root  8192 Aug  6 10:50 sasl_passwd.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 sender_canonical.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 transport.lmdb
-rw-r--r-- 1 root root  8192 Aug  6 10:50 virtual.lmdb
Progress:/etc/postfix # ls -al *canonical*
-rw-r--r-- 1 root root 13194 Jun 10 10:25 canonical
-rw-r--r-- 1 root root 12288 Mar  5 10:55 canonical.db
-rw-r--r-- 1 root root  8192 Aug  6 10:50 canonical.lmdb
-rw-r--r-- 1 root root   412 Jun 10 10:25 sender_canonical
-rw-r--r-- 1 root root 12288 Mar  5 10:55 sender_canonical.db
-rw-r--r-- 1 root root  8192 Aug  6 10:50 sender_canonical.lmdb
Progress:/etc/postfix #

The *.db files are redundant now of course but I do have canonical and canonical.lmdb. Only guessing but maybe the .lmdb versions were only created because there was a corresponding .db file or were referenced in your original main.cf.

Anyway to create canonical.lmdb etc, assuming that there is already a canonical file etc:

Progress:/etc/postfix # postmap canonical
Progress:/etc/postfix # postmap sender_canonical
Progress:/etc/postfix #

If you don’t have a base file then I suggest that you just comment out the lines in main.cf - neither file has any contents other than comments on my system.

Good luck.

17

Hi,
I tried commenting out the lmdb file in main.cf and no log was produced, so I put back you original main.cf and

  1. changed hostname
  2. changed inet protocols to ipv4 (previously kept trying to use ipv6)
  3. postmap’ed the missing lmdb files

AND

I thought I was back to square one, biut the error message is slightly different was parameter missing now invalid parameter supplied.

2021-08-24T11:22:49.382965+01:00 venus postfix/cleanup[19145]: 5D4F4253210: message-id=<20210824102249.5D4F4253210@venus.localdomain>
2021-08-24T11:22:49.385707+01:00 venus postfix/qmgr[19089]: 5D4F4253210: from=<root@venus.localdomain>, size=438, nrcpt=1 (queue active)
2021-08-24T11:22:49.505840+01:00 venus postfix/smtp[19092]: 5D4F4253210: to=<theuser@gmail.com>, relay=smtp.gmail.com[142.250.145.109]:465, delay=0.13, delays=0.01/0/0.12/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.gmail.com[142.250.145.109]: invalid parameter supplied)
18

I am going to try creating a vanilla Virtual version of 15.3 and trying from there.

I feel a white surrender flag coming on. :frowning:

Thanks

19

Kind of suggest to me that the email address or password is wrong. Do you have any funny characters in either like punctuation marks. I use only letters and numbers.

20

Hi Julina
I doubled /triple checked the sasl_passwd/gmail file for username and password error and found no problems. - Only text nad numbers no special characters
I deliberately used a wrong password and got the same answer. - possible indication not reading sasl_passwd/gmail file correctly???

Anyway I built a stock 15.3 virtual machine changed the indicated parameters and got the same result.

So now I am completely confused - one last thing to try is to build a 15.2 virtual PC and try original settings and change bits as I go.

whilst installing 15.3 I saw in the release note that due to licenses etc 15.3 was dropping support for Berkeley DB and this affected Postfix

Thanks for the help on this.

John