I am trying to send email through gmail via postfix, but it shows me the following error:
Must issue a STARTTLS command first.
Sep 6 01:11:34 NovusTec postfix/smtp[10889]: 1284460D68: to=<[email protected]>, relay=smtp.gmail.com[64.233.190.108]:587, delay=2882, delays=2881/0.02/0.83/0.19, dsn=5.7.0, status=bounced (host smtp.gmail.com[64.233.190.108] said: 530 5.7.0 Must issue a STARTTLS command first. k65sm16819558qkf.7 - gsmtp (in reply to MAIL FROM command))
/etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localdomain, localhost, localhost.localdomain, localhost
relayhost = [smtp.gmail.com]:587
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtp_use_tls=yes
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_tls_CAfile = /etc/ssl/certs
I tried several configurations informed on other sites without success = \
Can anybody help me?
But what is StartTLS? StartTLS is a protocol command used to inform the email server that the email client wants to upgrade from an insecure connection to a secure one using TLS or SSL. StartTLS is used with SMTP and IMAP, while POP3 uses the slightly different command for encryption, STLS.
STARTTLS is required when trying to send an email within SQL Server.
Your problem is your ca certificates. exactly on line smtp_tls_CAfile = /etc/ssl/certs
to confirm that, add the following to main.cf
and restart postfix service.
debug_peer_list=smtp.gmail.com
debug_peer_level=3
Now send another email and look at /var/log/mail.log
.
You will see this message: cannot load Certificate Authority data: disabling TLS support
.
Now change smtp_tls_CAfile = /etc/ssl/certs
to smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
. This is for Debian/Ubuntu, you should find the file path for your respective distribution.
Restart postfix service and test send again. You should be up and running.
Remember to remove logging lines after the issue is fixed.
#debug_peer_list=smtp.gmail.com
#debug_peer_level=3
I kept getting that error until I added in main.cf
smtp_tls_security_level=encrypt
not sure what the default is...
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With