Utilizar SMTP server de gmail para servers en linux

Quien no se ha encontrado que cuando instala un paquete de crm,cms, e-commerce o cualquier herramienta/portal basado en Linux opensource ha querido tener las funcionalidades de envío de correo y no se ha visto capaz por varios motivos. Eso se puede solucionar utilizando el servidor SMTP de Gmail, que no se puede configurar como un postfix /relay normal, ya que pide conexiones seguras y certificado. No nos dejemos asustar, el proceso es fácil y lo detallo a continuación (nota: sobre Ubuntu):

Módulos necesarios:

Postfix y libsasl2-2 (instalables con apt-get install paquete )

Pasos:

1. Instalación de libsasl2-2
• sudo apt-get install libsasl2-2
  sudo apt-get install libsasl2-modules
2.  Creación certificados

En raiz con usuario normal

/usr/lib/ssl/misc/CA.pl –newca

Esto creará el certificado, apuntar los diferentes apartados para después, ejemplo:

Making CA certificate
Generating a 1024 bit RSA private key
writing new private key to ?./demoCA/private/cakey.pem?
Enter PEM pass phrase: password
Verifying ? Enter PEM pass phrase: password
??
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ?.?, the field will be left blank.
??
Country Name (2 letter code) [US]: SP
State or Province Name (full name) []:Castillalamancha
Locality Name (eg, city) []:Albacete
Organization Name (eg, company) []:mycompany


Organizational Unit Name (eg, section) []:GRI
Common Name (eg, YOUR name) []:Miguel
Email Address []:username@gmail.com


Please enter the following “extra” attributes
to be sent with your certificate request
A challenge password []: [blanco a proposito]
An optional company name []:[blanco a proposito]
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem: password
Check that the request matches the signature
Signature ok

3. Creación de servidor de certificación

Introducir en una sola línea y con los datos adecuados :

openssl req -new -nodes –subj '/CN=miguel/O=mycompany/C=SP/ST=Castillalamancha/L=Albacete/emailAddress=username@gmail.com' -keyout YOURSERVER-key.pem -out YOURSERVER-req.pem -days 3650

4. Firmar el certificado

openssl ca -out YOURSERVER-cert.pem -infiles YOURSERVER-req.pem

Using configuration from
/usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem: [blanco a proposito]
Check that the request matches the signature
Signature ok

5. Copiar los certificados a la carpeta de Postfix como root o sudo

# cd /home/youruserid/
# cp demoCA/cacert.pem YOURSERVER-key.pem YOURSERVER-cert.pem /etc/postfix
# chmod 644 /etc/postfix/YOURSERVER-cert.pem /etc/postfix/cacert.pem
# chmod 400 /etc/postfix/YOURSERVER-key.pem

6. Modificación de fichero /etc/postfix/main.cf

## TLS Settings
#
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/YOURSERVER-cert.pem
smtp_tls_key_file = /etc/postfix/YOURSERVER-key.pem
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/YOURSERVER-cert.pem
smtpd_tls_key_file = /etc/postfix/YOURSERVER-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/run/smtpd_tls_session_cache
smtp_tls_loglevel = 2
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
#
## SASL Settings
# This is going in to THIS server
smtpd_sasl_auth_enable = no
# We need this
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_application_name = smtpd


#Make sure the following lines are also in main.cf
relayhost = [smtp.gmail.com]:587
transport_maps = hash:/etc/postfix/transport

7. Creación del fichero transport en /etc/postfix/

# vi /etc/postfix/transport


# Contents of /etc/postfix/transport
#
# This sends mail to Gmail
gmail.com smtp:[smtp.gmail.com]:587
#

8. Crear el password SALS, poniendo nuestros datos de la cuenta gmail (crear una generica)

# cd /etc/postfix/sasl
# vi /etc/postfix/sasl/sasl_passwd


#contents of sasl_passwd
#
gmail-smtp.l.google.com youruser@gmail.com:password
smtp.gmail.com youruser@gmail.com:password

9. Hashear los siguiente ficheros (los convertirá a .db)

# postmap /etc/postfix/sasl/sasl_passwd && postmap /etc/postfix/transport

10. Reiniciar postfix y comprobar

# /etc/init.d/postfix restart


Instalar  mailutils
# which mails
# apt-get install mailutils
# which mailx
# echo "testing" |mailx -s "testing" youruser@gmail.com


Los errores se pueden ver en:
# tail -f /var/log/mail.log