Postfix Using Gmail Relay: Must issue a STARTTLS command first

postfix gmail smtp
34,684

Solution 1

You should use smtp_enforce_tls = yes

Solution 2

It seems that your postfix tries to issue AUTH before issuing STARTTLS (-> it does not issue STARTTLS). AFAIK Gmail offers SMTP AUTH on ports 25 and 587 only after STARTTLS.

Have you restarted postfix daemon after adding smtp_use_tls=yes?

http://mhawthorne.net/posts/postfix-configuring-gmail-as-relay.html

Solution 3

I can confirm that setting smtp_tls_security_level = encrypt in /etc/postfix.main.cf resolves this issue.

Share:
34,684

Related videos on Youtube

user312837
Author by

user312837

Updated on September 18, 2022

Comments

  • user312837
    user312837 almost 2 years

    I get this error: Must issue a STARTTLS command first with all sent mail.

    Can anyone see why?

    main.cf:

    relayhost=[smtp.gmail.com]:587
smtp_connection_cache_destinations= [smtp.gmail.com]:587

#TLS parameters
smtpd_use_tls = yes
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_security_level = encrypt
# SASL Configuration
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_enforce_tls = no
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = plain
smtp_sasl_tls_security_options = noanonymous

    tls_policy

    [smtp.gmail.com]:587 encrypt

    sasl_passwd

    smtp.gmail.com:587 [email protected]:password

    And, yes, I have run postmap on all the data files and have reloaded postfix after making changes.

    TIA

  • Janus Troelsen
    Janus Troelsen over 9 years
    you don't need to specify smtp_use_tls=yes if you use the policymap (as you seemingly have to with gmail)
  • Cbhihe
    Cbhihe over 8 years
    @JanusTroelsen: No, a policy map for TLS encryption isn't compulsory to access Gmail services. It just specifies an optional lookup table ( viz. postfix.org/postconf.5.html#smtp_tls_policy_maps) . OP just uses them because he/she/it wants to. Anyway smtp_use_tls=yes is obsolete and superseded by smtp_tls_security_level = encrypt. OP could do without it.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Gmail smtp SASL authentication
Postfix as SMTP server for Gmail. ("Send mail as" google option)
Sending mail from Postfix via Gmail: unable to get local issuer certificate, certificate not trusted, No worthy mechs found
Postfix & Gmail: Authentication Required error
unable to connect gmail and hotmail via telnet
Why does gmail block my postfix relay?
E-mail sent with postfix are marked as spam
Postfix relays via gmail, FROM email is wrong
Postfix forwarding to GMail address
SMTP relay through GMail overrides "from:" address with "[me]@gmail.com"