When your homelab suddenly becomes critical, isn’t it nice to get notifications if something happens? Indeed, and it’s nice to have an SMTP-host in your network that can relay all email without tinkering with your Google account every single time you need to configure email in your apps and services.
Starting with a Debian 11 LXC (from the templates in Proxmox) you only need to make a few steps to have Postfix working
First you need the sasl2-libs
# apt install libsasl2-modules
Add the following to /etc/postfix/main.cf
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes
inet_interfaces = all
Regarding inet_interfaces it may be set to «loopback-only» by default, thus not accepting incoming traffic on port 25. If you have multiple ports/IPs and want different config for these – check Postfix documentation.
Add the Verisign Certificate Authority to Postfix’s CA file:
# tee -a will append contents to file if file already exists
cat /etc/ssl/certs/VeriSign_Universal_Root_Certification_Authority.pem | tee -a /etc/postfix/cacert.pem
Next you need to generate a Gmail App Password for use with the sasl_password file. Go to App Passwords on your Google Security Tab and create one. Select “Other (Custom name)” and copy the 16 characters.
Then edit /etc/postfix/sasl_password and add the following info
[smtp.gmail.com]:587 USERNAME@gmail.com:APP_PASSWORD
Replace USERNAME with your gmail username and APP_PASSWORD with the 16 characters you just copied (remove any spaces!)
Set the correct permissions on the file
chmod 400 /etc/postfix/sasl_passwd
Use Postmap to generate the sasl_passwd.db file
/usr/sbin/postmap sasl_passwd
Restart the Postfix service
/etc/init.d/postfix reload
If you did all steps correctly you should be able to send email from this LXC without issues
echo "Subject: Test mail from postfix" | sendmail -v USERNAME@gmail.com
Verify the logs and see if you did everything correctly
root@Postfix:/etc/postfix# tail -f /var/log/mail.log
May 3 06:31:23 Postfix postfix/postfix-script[1279]: starting the Postfix mail system
May 3 06:31:23 Postfix postfix/master[1281]: daemon started -- version 3.5.6, configuration /etc/postfix
May 3 06:32:11 Postfix postfix/pickup[1283]: CCFC45E1B: uid=0 from=<root>
May 3 06:32:11 Postfix postfix/cleanup[1296]: CCFC45E1B: message-id=20220503063211.CCFC45E1B@Postfix.localdomain
May 3 06:32:11 Postfix postfix/qmgr[1284]: CCFC45E1B: from=<root@Postfix.localdomain>, size=268, nrcpt=1 (queue active)
May 3 06:32:13 Postfix postfix/smtp[1298]: CCFC45E1B: to=<USERNAME@gmail.com>, relay=smtp.gmail.com[64.233.164.108]:587, delay=7, delays=5.3/0.04/0.5/1.1, dsn=2.0.0, status=sent (250 2.0.0 OK 1651559533 n21-20020a2e86d5000000b0024cac53a82csm1248338ljj.0 – gsmtp)
Bjartolini's Blog 