mariusv.com

One of the biggest pains in monitoring is the alerting & routing system. Now as you saw yesterday the routing issue was fixed by introducing Flapjack but the alerting issue was still in place as for some reason Gmail SMTP doesn’t like Flapjack so is refusing to send any emails and in my case I had to use Gmail as a relay. After trying to make Flapjack work with Gmail I decided to take a different route and implement Gmail SMTP in Postfix and in Flapjack use the localhost settings for postfix.

Here is the workaround just in case somebody else will have the same issue:

$ apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules

If you do not have postfix installed before, postfix configuration wizard will ask you some questions. Just select your server as Internet Site and for FQDN use something like mail.example.com

Then open your postfix config file:

$ vim /etc/postfix/main.cf

and add the following lines to it:

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

You might have noticed that we haven’t specified our Gmail username and password in above lines. They will go into a different file.

Create:

$ vim /etc/postfix/sasl_passwd

And add the following line:

[smtp.gmail.com]:587    USERNAME@gmail.com:PASSWORD

If you want to use your Google App’s domain, please replace @gmail.com with your @domain.com

Fix permission and update postfix config to use sasl_passwd file:

$ chmod 400 /etc/postfix/sasl_passwd
$ postmap /etc/postfix/sasl_passwd

Next, validate certificates to avoid running into error and restart postfix for changes to take effect. Just run following command:

$ cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem
$ service postfix restart