Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Postfix: sender-dependent SASL authentication — relay to multiple SMTP hosts, or relay to the same host but authenticate as different users (e.g., two Gmail accounts)

This is a sequel to "Postfix: relay to authenticated SMTP".

I would like to send mail from two different Gmail accounts using Postfix. Here is the relevant section in the Postfix documentation: Configuring Sender-Dependent SASL authentication.

As a concrete example, here's how to set up two Gmail accounts (only relevant sections of the config files are listed below):

/etc/postfix/main.cf:
    # sender-dependent sasl authentication
    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
    
    # default relayhost setting
    relayhost = [smtp.gmail.com]:587
    
    # smtp authentication settings
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options = noanonymous
    smtp_sasl_mechanism_filter = plain
    smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
    smtp_use_tls = yes
    smtp_tls_security_level = encrypt
    
/etc/postfix/sasl_passwd:
    # per-sender authentication
    account1@gmail.com account1@gmail.com:passwd1
    account2@gmail.com account2@gmail.com:passwd2
    
    # default relayhost
    [smtp.gmail.com]:587 default_account@gmail.com:default_passwd
    
/etc/postfix/sender_relay:
    account1@gmail.com [smtp.gmail.com]:587
    account2@gmail.com [smtp.gmail.com]:587

After editing the config files (sudo su), do

chmod 600 /etc/postfix/sasl_passwd
postmap sasl_passwd sender_relay
postfix reload

And you're all set.

To send an email from account1@gmail.com, use sendmail with the -f sender option (set the envelope sender address):

sendmail -f account1@gmail.com -t <<EOF
To: webmaster@example.com
Subject: Hey, I successfully configured Postfix with sender-dependent SASL authentication!
Content-type: text/html

<b>Isn't this awesome?</b>
EOF
@craigp

This comment has been minimized.

Copy link

@craigp craigp commented Feb 17, 2015

you saved my life with this one, thanks :)

@dlarchikov

This comment has been minimized.

Copy link

@dlarchikov dlarchikov commented Feb 22, 2015

relayhost = [smtp.gmail.com]:587

why do we need the brackets?

@ferricoxide

This comment has been minimized.

Copy link

@ferricoxide ferricoxide commented Feb 16, 2016

Took me a number of search iterations to find this gist. Glad I did: we needed a way to let tenants relay into a system only used for notification-events but their mail should otherwise relay to a generic smart-host. This did the trick.

@MrFent

This comment has been minimized.

Copy link

@MrFent MrFent commented Jul 31, 2016

Thank you so much! Just what I needed. several other similar "methods" I found on the internet didnt work.

@failover88

This comment has been minimized.

Copy link

@failover88 failover88 commented Nov 4, 2016

Anyone knows what means this account? it is a regular account? if its one dedicated to forwarding mail, how can i set it?

default relayhost

[smtp.gmail.com]:587 default_account@gmail.com:default_passwd
@failover88

This comment has been minimized.

Copy link

@failover88 failover88 commented Nov 4, 2016

After testing with sendmail, i was unable to send and after that i check mail log and notice that there was several warnings and my mail got in the send queue:

Nov 4 11:42:01 remote.X.pt postfix/smtpd[43489]: 33072DE1DB: client=localhost[127.0.0.1]
Nov 4 11:42:01 remote.X.pt postfix/cleanup[43485]: 33072DE1DB: message-id=20161104114201.1C942DE1D5@remote.X.pt
Nov 4 11:42:01 remote.X.pt postfix/smtpd[43489]: disconnect from localhost[127.0.0.1]
Nov 4 11:42:01 remote.X.pt postfix/qmgr[43387]: 33072DE1DB: from=teste@X.pt, size=787, nrcpt=1 (queue active)
Nov 4 11:42:01 remote.X.pt postfix/trivial-rewrite[43486]: warning: hash:/Library/Server/Mail/Config/postfix/sasl/relayhost/maps is unavailable. open database /Library/Server/Mail/Config/postfix/sasl/relayhost/maps.db: No such file or directory
Nov 4 11:42:01 remote.X.pt postfix/trivial-rewrite[43486]: warning: hash:/Library/Server/Mail/Config/postfix/sasl/relayhost/maps lookup error for "teste@X.pt"
Nov 4 11:42:01 remote.X.pt postfix/trivial-rewrite[43486]: warning: sender_dependent_relayhost_maps lookup failure
Nov 4 11:42:01 remote.X.pt postfix/error[43490]: 33072DE1DB: to=X@gmail.com, relay=none, delay=0, delays=0/0/0/0, dsn=4.3.0, status=deferred (address resolver failure)
Nov 4 11:42:01 remote.X.pt postfix/smtp[43487]: 1C942DE1D5: to=X@gmail.com, relay=127.0.0.1[127.0.0.1]:10024, delay=0.1, delays=0.01/0/0/0.09, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 33072DE1DB)
Nov 4 11:42:01 remote.X.pt postfix/qmgr[43387]: 1C942DE1D5: removed

@failover88

This comment has been minimized.

Copy link

@failover88 failover88 commented Nov 4, 2016

I already solve my problem after looking carefully at the previous log, i notice that i have written the path of maps aka relay badly.

Thanks any way for the explanation!

@subhomay

This comment has been minimized.

Copy link

@subhomay subhomay commented Nov 14, 2016

With your solution I can send mail with the "sendmail -t account1@gmail.com -f" and it is getting delivered, but if I am using mail command in CentOS 6.5 or any php mail script then the mails are not getting delivered inspite of mentioning "TO" address. Please suggest.

@Taliez

This comment has been minimized.

Copy link

@Taliez Taliez commented Dec 13, 2016

Hi All,

will this solve the Google smtp-relay sending limits? how are the two account set up to send alternately? or if the other one uses its limit the other one is activated?

thank you
Taliez

@zmwangx

This comment has been minimized.

Copy link
Owner Author

@zmwangx zmwangx commented Dec 19, 2016

Folks: There are no notifications for comments on gist, so I most likely won't see your questions. Go ask questions on Server Falt or Super User.

As for existing ones, although you most likely won't see my answers:

@subhomay: I don't use CentOS or any PHP mail script, so no idea.
@Taliez: This solution is for the honest use case of needing to send emails from multiple accounts for different purposes. This is not meant to be used for spamming from a fleet of accounts. If you're relaying more than 10k messages a day, you're apparently abusing the free service. If you're sending spam, stop it, right now. If you're sending legitimate email, having to send more than 10k messages a day probably means you're some kind of business, so you should be using a proper business solution like SendGrid.

@derjohn

This comment has been minimized.

Copy link

@derjohn derjohn commented Dec 17, 2019

<3 Thx, dude!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.