Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Postfix: sender-dependent SASL authentication — relay to multiple SMTP hosts, or relay to the same host but authenticate as different users (e.g., two Gmail accounts)

This is a sequel to "Postfix: relay to authenticated SMTP".

I would like to send mail from two different Gmail accounts using Postfix. Here is the relevant section in the Postfix documentation: Configuring Sender-Dependent SASL authentication.

As a concrete example, here's how to set up two Gmail accounts (only relevant sections of the config files are listed below):

/etc/postfix/main.cf:
    # sender-dependent sasl authentication
    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
    
    # default relayhost setting
    relayhost = [smtp.gmail.com]:587
    
    # smtp authentication settings
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options = noanonymous
    smtp_sasl_mechanism_filter = plain
    smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
    smtp_use_tls = yes
    smtp_tls_security_level = encrypt
    
/etc/postfix/sasl_passwd:
    # per-sender authentication
    account1@gmail.com account1@gmail.com:passwd1
    account2@gmail.com account2@gmail.com:passwd2
    
    # default relayhost
    [smtp.gmail.com]:587 default_account@gmail.com:default_passwd
    
/etc/postfix/sender_relay:
    account1@gmail.com [smtp.gmail.com]:587
    account2@gmail.com [smtp.gmail.com]:587

After editing the config files (sudo su), do

chmod 600 /etc/postfix/sasl_passwd
postmap sasl_passwd sender_relay
postfix reload

And you're all set.

To send an email from account1@gmail.com, use sendmail with the -f sender option (set the envelope sender address):

sendmail -f account1@gmail.com -t <<EOF
To: webmaster@example.com
Subject: Hey, I successfully configured Postfix with sender-dependent SASL authentication!
Content-type: text/html

<b>Isn't this awesome?</b>
EOF
@craigp

This comment has been minimized.

Copy link

craigp commented Feb 17, 2015

you saved my life with this one, thanks :)

@dlarchikov

This comment has been minimized.

Copy link

dlarchikov commented Feb 22, 2015

relayhost = [smtp.gmail.com]:587

why do we need the brackets?

@ferricoxide

This comment has been minimized.

Copy link

ferricoxide commented Feb 16, 2016

Took me a number of search iterations to find this gist. Glad I did: we needed a way to let tenants relay into a system only used for notification-events but their mail should otherwise relay to a generic smart-host. This did the trick.

@MrFent

This comment has been minimized.

Copy link

MrFent commented Jul 31, 2016

Thank you so much! Just what I needed. several other similar "methods" I found on the internet didnt work.

@SipriusPT

This comment has been minimized.

Copy link

SipriusPT commented Nov 4, 2016

Anyone knows what means this account? it is a regular account? if its one dedicated to forwarding mail, how can i set it?

default relayhost

[smtp.gmail.com]:587 default_account@gmail.com:default_passwd
@SipriusPT

This comment has been minimized.

Copy link

SipriusPT commented Nov 4, 2016

After testing with sendmail, i was unable to send and after that i check mail log and notice that there was several warnings and my mail got in the send queue:

Nov 4 11:42:01 remote.X.pt postfix/smtpd[43489]: 33072DE1DB: client=localhost[127.0.0.1]
Nov 4 11:42:01 remote.X.pt postfix/cleanup[43485]: 33072DE1DB: message-id=20161104114201.1C942DE1D5@remote.X.pt
Nov 4 11:42:01 remote.X.pt postfix/smtpd[43489]: disconnect from localhost[127.0.0.1]
Nov 4 11:42:01 remote.X.pt postfix/qmgr[43387]: 33072DE1DB: from=teste@X.pt, size=787, nrcpt=1 (queue active)
Nov 4 11:42:01 remote.X.pt postfix/trivial-rewrite[43486]: warning: hash:/Library/Server/Mail/Config/postfix/sasl/relayhost/maps is unavailable. open database /Library/Server/Mail/Config/postfix/sasl/relayhost/maps.db: No such file or directory
Nov 4 11:42:01 remote.X.pt postfix/trivial-rewrite[43486]: warning: hash:/Library/Server/Mail/Config/postfix/sasl/relayhost/maps lookup error for "teste@X.pt"
Nov 4 11:42:01 remote.X.pt postfix/trivial-rewrite[43486]: warning: sender_dependent_relayhost_maps lookup failure
Nov 4 11:42:01 remote.X.pt postfix/error[43490]: 33072DE1DB: to=X@gmail.com, relay=none, delay=0, delays=0/0/0/0, dsn=4.3.0, status=deferred (address resolver failure)
Nov 4 11:42:01 remote.X.pt postfix/smtp[43487]: 1C942DE1D5: to=X@gmail.com, relay=127.0.0.1[127.0.0.1]:10024, delay=0.1, delays=0.01/0/0/0.09, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 33072DE1DB)
Nov 4 11:42:01 remote.X.pt postfix/qmgr[43387]: 1C942DE1D5: removed

@SipriusPT

This comment has been minimized.

Copy link

SipriusPT commented Nov 4, 2016

I already solve my problem after looking carefully at the previous log, i notice that i have written the path of maps aka relay badly.

Thanks any way for the explanation!

@subhomay

This comment has been minimized.

Copy link

subhomay commented Nov 14, 2016

With your solution I can send mail with the "sendmail -t account1@gmail.com -f" and it is getting delivered, but if I am using mail command in CentOS 6.5 or any php mail script then the mails are not getting delivered inspite of mentioning "TO" address. Please suggest.

@Taliez

This comment has been minimized.

Copy link

Taliez commented Dec 13, 2016

Hi All,

will this solve the Google smtp-relay sending limits? how are the two account set up to send alternately? or if the other one uses its limit the other one is activated?

thank you
Taliez

@zmwangx

This comment has been minimized.

Copy link
Owner Author

zmwangx commented Dec 19, 2016

Folks: There are no notifications for comments on gist, so I most likely won't see your questions. Go ask questions on Server Falt or Super User.

As for existing ones, although you most likely won't see my answers:

@subhomay: I don't use CentOS or any PHP mail script, so no idea.
@Taliez: This solution is for the honest use case of needing to send emails from multiple accounts for different purposes. This is not meant to be used for spamming from a fleet of accounts. If you're relaying more than 10k messages a day, you're apparently abusing the free service. If you're sending spam, stop it, right now. If you're sending legitimate email, having to send more than 10k messages a day probably means you're some kind of business, so you should be using a proper business solution like SendGrid.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.