Configure Postfix to Use Gmail SMTP on Ubuntu

If you want to use a Gmail account as a free SMTP server on your Ubuntu-Linux server, you will find this article useful. This guide is tested with Ubuntu 12.04. If you face any issue, feel free to use comments-section below.

Relaying Postfix mails via smtp.gmail.com:

First, install all necessary packages:

sudo aptitude install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules

If you do not have postfix installed before, postfix configuration wizard will ask you some questions. Just select your server as Internet Site and for FQDN use something like mail.example.com

Then open your postfix config file:

vim /etc/postfix/main.cf

and following lines to it:

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

You might have noticed that we haven’t specified our Gmail username and password in above lines. They will go into a different file. Open/Create

vim /etc/postfix/sasl_passwd

And add following line:

[smtp.gmail.com]:587    USERNAME@gmail.com:PASSWORD

If you want to use your Google App’s domain, please replace @gmail.com with your @domain.com

Fix permission and update postfix config to use sasl_passwd file:

sudo chmod 400 /etc/postfix/sasl_passwd
sudo postmap /etc/postfix/sasl_passwd

Next, validate certificates to avoid running into error. Just run following command:

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

Finally, reload postfix config for changes to take effect:

sudo /etc/init.d/postfix reload

Testing if mails are sent via Gmail SMTP server:

If you have configured everything correctly, following command should generate a test mail from your server to your mailbox.

echo "Test mail from postfix" | mail -s "Test Postfix" you@example.com

To further verify, if mail sent from above command is actually sent via Gmail’s SMTP server, you can log into Gmail account USERNAME@gmail.com with PASSWORD and check “Sent Mail” folder in that Gmail account. By default, Gmail always keeps a copy of mail being sent through its web-interface as well as SMTP server. This logging is one strong reason that we often use Gmail when mail delivery is critical.

Once configured, all emails from your server will be sent via Gmail. This method will be useful if you have many sites on your server and want them all to send emails via Gmail’s SMTP server.

Blocking domain names with bind

Create zone file with name "poison"

@ IN SOA ( ns1.domain.com. hostmaster.domain.com.
           1 10800 3600 86400 21600 )
  IN NS  ns1.domain.com.

save and exit

After setting up the "poison" zone file, you need to direct the domains to this file in your named.conf file. You should add lines (or blocks, if you prefer to keep things on multiple lines) to named.conf which look like this:
named.conf

zone "virus.com" in { type master; file "poison"; };
zone "irfan.com"      in { type master; file "poison"; };
zone "pathan.com" in { type master; file "poison"; };

save and exit

#rndc reload
       or
#service named restart

IPV6

                                                   ***  IPv6 Addressing  ***

IPv6 Basics

The most widespread implementation of IP currently is IPv4, which utilizes 

a 32-bit address. Mathematically, a 32-bit address can provide roughly 4 

billion unique IP addresses (232= 4,294,967,296). Practically, the number of 

usable IPv4 addresses is much lower, as many addresses are reserved for 

diagnostic, experimental, or multicast purposes. 

The explosive growth of the Internet and corporate networks quickly led to 

an IPv4 address shortage. Various solutions were developed to alleviate this 

shortage, including CIDR, NAT, and Private Addressing. However, these 

solutions could only serve as temporary fixes. 

In response to the address shortage, IPv6 was developed. IPv6 increases the 

address size to 128 bits, providing a nearly unlimited supply of addresses 

(340,282,366,920,938,463,463,374,607,431,768,211,456 to be exact). This 

provides roughly 50 octillion addresses per person alive on Earth today, or 

roughly 3.7 x 1021 addresses per square inch of the Earth’s surface.

IPv6 offers the following features: 

• Increased Address Space and Scalability – providing the absurd

number of possible addresses stated previously.

• Simplified Configuration – allows hosts to auto-configure their IPv6

addresses, based on network prefixes advertised by routers.

• Integrated Security – provides built-in authentication and encryption

into the IPv6 network header

• Compatibility with IPv4 – simplifies address migration, as IPv6 is

backward-compatible with IPv4

The IPv6 Address

The IPv6 address is 128 bits, as opposed to the 32-bit IPv4 address. Also

unlike IPv4, the IPv6 address is represented in hexadecimal notation,

separate by colons.

An example of an IPv6 address would be:

1254:1532:26B1:CC14:0123:1111:2222:3333

Each “grouping” (from here on called fields) of hexadecimal digits is 16

bits, with a total of eight fields. The hexadecimal values of an IPv6 address

are not case-sensitive.

We can drop any leading zeros in each field of an IPv6 address. For

example, consider the following address:

1423:0021:0C13:CC1E:3142:0001:2222:3333

We can condense that address to: 1423:21:C13:CC1E:3142:1:2222:3333

Only leading zeros can be condensed. If we have an entire field comprised of

zeros, we can further compact the following address:

F12F:0000:0000:CC1E:2412:1111:2222:3333

The condensed address would be: F12F::CC1E:2412:1111:2222:3333

Notice the double colons (::). We can only condense one set of contiguous

zero fields. Thus, if we had the following address:

F12F:0000:0000:CC1E:2412:0000:0000:3333

We could not condense that to: F12F::CC1E:2412::3333

The address would now be ambiguous, as we wouldn’t know

The IPv6 Address Hierarchy

IPv4 separated its address space into specific classes. The class of an IPv4

address was identified by the high-order bits of the first octet:

• Class A - (00000001 – 01111111, or 1 - 127)

• Class B - (10000000 – 10111111, or 128 - 191)

• Class C - (11000000 – 11011111, or 192 - 223)

• Class D - (11100000 – 11101111, or 224 - 239)

IPv6’s addressing structure is far more scalable. Less than 20% of the IPv6

address space has been designated for use, currently. The potential for

growth is enormous.

The address space that has been allocated is organized into several types,

determined by the high-order bits of the first field:

• Special Addresses – addresses begin 00xx:

• Link Local – addresses begin FE8x:

• Site Local – addresses begin FECx:

• Aggregate Global – addresses begin 2xxx: or 3xxx:

• Multicasts – addresses begin FFxx:

• Anycasts

Vim Tip: Comment out multiple lines

ommenting out a bunch of lines without a vim plugin:

Select your lines with VISUAL BLOCK (CTRL-V), then press I to insert before all highlighted lines. Next type your comment character, # (for python, shell, etc). Last press ESC.

I forget not frequently used, but helpful VIM commands from time to time.

You can alternatively select your lines with VISUAL LINE (SHIFT-V), then type : s/^/#
This tells the selected lines that you wish to substitute the start of the line with the # char.