How to properly setup Postfix email notifications?

[jsalas424]

I followed the steps outlined here: https://www.reddit.com/r/homelab/comments/5nzmm3/setting_up_the_proxmox_email_alerts/ and these https://forum.proxmox.com/threads/proxmox-setup-for-gmail.13405/ to no avail

I got a 2FA password from google as well and that is included here, but don't worry I've revoked it already. Here is my full setup.

root@TracheServ:~# apt-get install libsasl2-modules
Reading package lists... Done
Building dependency tree       
Reading state information... Done
libsasl2-modules is already the newest version (2.1.27+dfsg-1+deb10u1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@TracheServ:~# cat /etc/postfix/sasl_passwd
smtp.gmail.com myemail@gmail.com:pbscstudmxhrfofz

root@TracheServ:~# postmap hash:/etc/postfix/sasl_passwd

root@TracheServ:~# chmod 600 /etc/postfix/sasl_passwd
root@TracheServ:~#
root@TracheServ:~# cat /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

compatibility_level = 2

myhostname=TracheServ.TracheNet

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
recipient_delimiter = +

# Adding gmail compatibility

 relayhost = smtp.gmail.com:587
 smtp_use_tls = yes
 smtp_sasl_auth_enable = yes
 smtp_sasl_security_options =
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem
 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
 smtp_tls_session_cache_timeout = 3600s
 
root@TracheServ:~# postfix status
postfix/postfix-script: the Postfix mail system is running: PID: 44147

root@TracheServ:~# echo "testing" | mail -s "test message" myemail@gmail.com

And here is what my logs say is going on.

Nov 28 17:38:05 TracheServ postfix/smtp[20336]: connect to alt4.gmail-smtp-in.l.google.com[66.102.1.27]:25: Connection timed out
Nov 28 17:38:05 TracheServ postfix/smtp[20336]: 7B1FF36AA9: to=<myemail@gmail.com>, relay=none, delay=39302, delays=39151/0.03/150/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[66.102.1.27]:25: Connection timed out)
Nov 28 17:38:10 TracheServ systemd-logind[2613]: Session 448 logged out. Waiting for processes to exit.
Nov 28 17:38:10 TracheServ systemd[1]: session-448.scope: Succeeded.
Nov 28 17:38:10 TracheServ systemd-logind[2613]: Removed session 448.
Nov 28 17:38:10 TracheServ pvedaemon[40656]: <root@pam> end task UPID:TracheServ:0000499C:07F094BA:5FC2D086:vncshell::root@pam: OK
Nov 28 17:38:19 TracheServ postfix/smtp[24098]: connect to gmail-smtp-in.l.google.com[172.217.215.26]:25: Connection timed out

 

[Stoiko Ivanov]

alt4.gmail-smtp-in.l.google.com[66.102.1.27]:25: Connection timed out

seems like your system cannot connect to the google mail-servers ...

can you ping the ips successfully?
does networking in general work? (can you ping google.com, 8.8.8.8)

 

[jsalas424]

seems like your system cannot connect to the google mail-servers ...

can you ping the ips successfully?
does networking in general work? (can you ping google.com, 8.8.8.8)

All of my networking works fine other than this.

root@TracheServ:~# ping google.com
PING google.com (172.217.12.206) 56(84) bytes of data.
64 bytes from lga25s63-in-f14.1e100.net (172.217.12.206): icmp_seq=1 ttl=117 time=16.9 ms
64 bytes from lga25s63-in-f14.1e100.net (172.217.12.206): icmp_seq=2 ttl=117 time=16.10 ms
64 bytes from lga25s63-in-f14.1e100.net (172.217.12.206): icmp_seq=3 ttl=117 time=16.1 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 16.085/16.649/16.998/0.416 ms

root@TracheServ:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=16.6 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=117 time=16.6 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=117 time=17.3 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 16.599/16.852/17.328/0.368 ms

root@TracheServ:~# ping alt4.gmail-smtp-in.l.google.com
PING alt4.gmail-smtp-in.l.google.com (74.125.128.26) 56(84) bytes of data.
64 bytes from ec-in-f26.1e100.net (74.125.128.26): icmp_seq=1 ttl=104 time=92.2 ms
64 bytes from ec-in-f26.1e100.net (74.125.128.26): icmp_seq=2 ttl=104 time=93.3 ms
^C
--- alt4.gmail-smtp-in.l.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 92.201/92.743/93.286/0.622 ms

root@TracheServ:~# ping 66.102.1.27
PING 66.102.1.27 (66.102.1.27) 56(84) bytes of data.
64 bytes from 66.102.1.27: icmp_seq=1 ttl=105 time=89.8 ms
64 bytes from 66.102.1.27: icmp_seq=2 ttl=105 time=89.5 ms
64 bytes from 66.102.1.27: icmp_seq=3 ttl=105 time=89.0 ms
^C
--- 66.102.1.27 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 89.006/89.457/89.821/0.417 ms

root@TracheServ:~# traceroute alt4.gmail-smtp-in.l.google.com
traceroute to alt4.gmail-smtp-in.l.google.com (74.125.128.26), 30 hops max, 60 byte packets
 1  pfSense.TracheNet (192.168.1.1)  0.823 ms  1.026 ms  0.558 ms
 2  96.120.77.61 (96.120.77.61)  9.353 ms  9.443 ms  9.584 ms
 3  24.124.232.161 (24.124.232.161)  11.839 ms  11.954 ms  14.186 ms
 4  68.86.208.146 (68.86.208.146)  14.243 ms  14.339 ms  14.436 ms
 5  be25-rar01.coatesville.pa.panjde.comcast.net (68.86.208.41)  16.402 ms  17.680 ms  16.502 ms
 6  be-201-ar03.ivyland.pa.panjde.comcast.net (96.108.181.21)  19.738 ms  17.357 ms  17.196 ms
 7  69.241.64.98 (69.241.64.98)  18.425 ms  14.788 ms  14.694 ms
 8  10.252.173.30 (10.252.173.30)  17.109 ms 10.23.167.126 (10.23.167.126)  16.124 ms 10.23.168.94 (10.23.168.94)  16.903 ms
^X^C
root@TracheServ:~#

 

[Stoiko Ivanov]

Can you connect to the google mx servers on port 25 (some providers do block outbound access to port 25, to prevent spamming from their ip-ranges)?

since your config suggest that it should try already to connect to port 587 - I would check the journal after starting postfix - maybe something is mistyped/misformatted in your config (it looks like you have spaces in front of the settings, try removing them)

I hope this helps!

 

[jsalas424]

It was the spaces in the "Adding gmail compatibility" section - problem solved!