Send Emails on Mac OS X with Postfix and a Gmail Relay
A quick howto setup Mac OS X and Postfix to use Gmail as a relay. Everything will need to be executed as root using sudo. If you just need to send emails try running sudo postfix start, and make sure to check your spam for emails – they will likely be flagged as they originate from a local mail server.
SASL Authentication
Connecting to the Gmail SMTP server requires both SSL and authentication. To set up authentication you will need to edit the /etc/postfix/sasl_passwd file.
sudu vi /etc/postfix/sasl_passwd
Update the contents to include the following. Note that enclosing hostnames with square brackets – [] – tells Postfix to avoid doing an MX lookup. Make sure to replace EMAIL with your email address, and PASSWORD with your Gmail password, properly escaping any colons in it.
[smtp.gmail.com]:587 [email protected]:PASSWORD
Use the postmap command to update the SASL credentials in Postfix.
sudo postmap /etc/postfix/sasl_passwd
Postfix Relay Configuration
Next we need to edit the Postfix configuration found in /etc/postfix/main.cf.
sudo vi /etc/postfix/main.cf
I was not able to route mail to the Gmail SMTP servers over IPv6, so force only IPv4 connections by searching for the inet_protocols key and updating the value.
inet_protocols = ipv4
If any of the following keys already exist in your configuration comment them out, and include the following at the bottom of the config file.
# Gmail SMTP relay relayhost = [smtp.gmail.com]:587 # Enable SASL authentication in the Postfix SMTP client. smtpd_sasl_auth_enable = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_sasl_mechanism_filter = AUTH LOGIN # Enable Transport Layer Security (TLS), i.e. SSL. smtp_use_tls = yes smtp_tls_security_level = encrypt tls_random_source = dev:/dev/urandom
Restart Postfix & Test
Restart Postfix as root, then send a test email.
sudo postfix stop && sudo postfix start date | mail -s "Test Email" [email protected]
If you don’t receive the test email, check the Postfix queue by running mailq or looking at the contents of /var/log/mail.log. Any errors that mention “SASL authentication failed” indicate that you may have entered an incorrect email/password combination, forgot to run postmap after updating the credentials, or need to Turn On Access for less secure apps in Gmail for your account.
Thanks for sharing
“Turn On Access for less secure apps in Gmail” is not available any more. Are there any alternatives?
I haven’t tried them, but these seem to be the recommended upgrade paths – https://wpmailsmtp.com/gmail-less-secure-apps/. Good luck!
Ok it’s a year or so old, but I’d like to add to Daniel (https://www.justinsilver.com/technology/osx/send-emails-mac-os-x-postfix-gmail-relay/#comment-2683) – reply isn’t working for me!
I got the same “the Postfix mail system is not running” error. But, if all you want to do is send email from your local machine (generated by cron or what have you) then this isn’t a problem. I’m sending mail fine from the mail command line. having Postfix not running will, from my understanding, just not let you receive mail, or other services of that nature. I’m not an expert, but I know that I’m on Catalina, and these instructions worked for me (albeit with the Not Working error) and I am now the happy recipient of cron job emails to my gmail account which is all I was needing.
Thanks Justin for documenting your set up.
This actually worked for me. Thanks!
Somewhere (https://apple.stackexchange.com/questions/229331/how-to-modify-a-launch-daemon-permanently-under-os-x-el-capitan) I also read that starting with El Capitan you have the SIP problem. The solution would be to put a copy of your daemon plist with a slightly different name (maybe adding local before the daemon name) in /Library/LaunchDaemons (instead of /System/Library/Lau..). Then you can make your edits. Ownership must be set to root:wheel, and permissions to 644. After disabling SIP, you should deactivate the original plist with `sudo launchctl unload -w /System/Library/LaunchDaemons/org.postfix.master.plist` and activate the new one with `sudo launchctl load /Library/LaunchDaemons/local.org.postfix.master.plist`. Don’t forget to reenable the SIP.
Well, I did all that in Catalina, but postfix is still not sending my message. I hope I don’t have a typo in my password or something as silly as that. 😀
Hi,
I’ve done everything suggested in this post but I still get the message ‘the Postfix mail system is not running’. In some other page there was a recommendation to add a few parameters to /System/Library/LaunchDaemons/com.apple.postfix.master.plist namely, add:
RunAtLoad
KeepAlive
before
The problem is (I’m on MacOS Catalina) that the file is write protected and Terminal changes to /System/Library are restricted even with SIP disabled. So my question is: are these additions to com.apple.postfix.master.plist even necessary? or is the problem somewhere else?
All the very best,
Daniel
Hi Daniel – I set up Postfix way back when I made this post, and fwiw it is still running on Mojave on my machine (I have not updated to Catalina). I did just check the status and there is a note about “compatibility” mode, so perhaps this needs to be disabled in newer versions of the OS? My only suggestion is to try running
postconf compatibility_level=2followed bypostfix reloadto disable it. Good luck!Total lifesaver! Thanks man.
Works perfectly !! Thanks
Justin, I followed your tutorial, to the letter, and got this:
(TLS is required, but our TLS engine is unavailable)
What do I do now?
Sorry, I’m not a Postfix expert this was mostly just a note to myself about how to set it up. A quick Google search of the error returns this: https://thespecter.net/blog/technology/postfix-tls-required-tls-engine-unavailable/
Good luck!
Hi,
I have followed all the instructions, but it always gave me this error every time I try to reboot the service:
fatal: the Postfix mail system is not running
I’m using MacOS High Sierra 10.13.4.
Thanks.
You probably need to change the default SMTP port. Run
sudo vi /etc/postfix/master.cfand look for a line that starts with “smtp inet” near the top. Try making it look like to following to use port 587:Then run
sudo postfix restart.Good stuff
Tried many other tutorials but this is the first that worked for me, thank you!
If you’ve configured 2-Factor authentication with Google, you’ll need to create an app password to bypass the 2FA. See this article for assistance https://support.google.com/accounts/answer/185833. When entering the password on the sasl_passwd file, you’ll need to supply the app password instead of your personal password. If you have already entered your personal password and are now entering the app password, dont forget to run the “sudo postmap /etc/postfix/sasl_passwd” prior to restarting postfix.
Also, postfix on OSX Sierra is version 3.1.X which may have issues leading to log entries stating it can’t find the md5 algorithm. Upgrading to OSX High Sierra also does an upgrade to postfix 3.2.X which solves the issue.
hello,
can you help me, im getting below error. MacOS Sierra
-Queue ID- –Size– —-Arrival Time—- -Sender/Recipient——-
CA284E3B870 355 Thu Sep 28 00:06:37 [email protected]
(Host or domain name not found. Name service error for name=smtp.gmail.com type=A: Host not found, try again)
[email protected]
— 0 Kbytes in 1 Request.
Hi Fasil,
It sounds like you might be having DNS issues – I am able to resolve that hostname.
Thanks for the tutorial. It worked for me too.
I can’t thank you enough for this post. I have been searching everywhere for the answer to this. Thank you again!!! 🙂
On macOS Sierra (10.12.5) it did not work. From gmail I received an “Undelivered Mail Returned to Sender” with a message:
Action: failed
Status: 5.5.1
Remote-MTA: dns; smtp.gmail.com
Diagnostic-Code: smtp; 530-5.5.1 Authentication Required. Learn more at 530
5.5.1 https://support.google.com/mail/?p=WantAuthError i42sm247714ede.5 –
gsmtp
The main.cf is updated, the sass_passwd is created, The postmap /etc/postfix/sasl_passwd and the postfix has been restarted.
What can I do more?
My first guess would be that the username or password is incorrect – just to double check the auth info goes into
/etc/postfix/sasl_passwd(you havesass_passwdin your comments as well as the correct spelling). If the file is named correctly you might need to escape your password if it has any special characters (dollar sign, asterisk, etc) as they might not be interpreted correctly. Also check out the link in the error you are getting – there are a few troubleshooting steps on that page regarding two factor authentication, allowing “less secure” apps, or possibly unlocking your account.Good luck!
@ J.J Boomsma – are you running MacOS Server too?
Check over your files, I see in one instance you type sass_passwd.
Next line you speaking about sasl_passwd.
I’m not seeing
sass_passwdanywhere in the post, but it should besasl_passwd.I’ve been looking EVERYWHERE for an answer to this problem. I’ve tried so many different configurations. Yours is the one that worked. Thank you so much!
Thanks for the tutorial. It worked!