I'm trying to setup a mail server with postfix and dovecot using the tutorial from https://library.linode.com/email/postfix/postfix2.9.6-dovecot2.0.19-mysql#sph_prerequisites
I followed every steps and also opened every mail port in the firewall but when i try to setup my email client to connect with IMAP or POP3 it just can't establish the connection.
It appears i can send email to my domain using my private emailbox. Anyway my log /var/log/mail.log is empty.
I guess it has something to do with setting up a hostname (FQDN) and the postfix config. But I'm a bit confused about hostname and FQDN..
In my DNS Manager of linode I've added my domain which in this example is : mydomain.com
Inside mydomain.com i have this:
MX record
mail.mydomain.com
A/AAAA Records
120.120.120.120
www 120.120.120.120
mail 120.120.120.120
donald 120.120.120.120
donald is the FQDN as i followed through the tutorial
Now in my linux server i have a few things :
/etc/hosts
127.0.0.1 localhost
127.0.1.1 ubuntu
120.120.120.120 donald.mydomain.com donald
and
/etc/mailname
donald.mydomain.com
the postfix config
/etc/postfix/main.cf
....
myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
....
As you see i think it's in this config that something is wrong. I don't understand what is myhostname and mydestination and the mailname... Could someone correct me with theses config ?
Thanks!
Edit
I found out that i had an error in the dovecot main config and also that smtp port where already in use.. Well i restarted my server and both of postfix and dovecot are running. I could bind the imap server into my outlook client and receiving mail. Now when i try to reply the email i get this message: 554 5.7.1 : Relay access denied
Also here is my postfix config :
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
mydestination = localhost
myhostname = mail.mydomain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem
smtpd_tls_key_file = /etc/ssl/private/dovecot.pem
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
Please refer postfix configuration parameters for more help.
myorigin = mydomain.com
# The domain name to append when the UNIX user sends out a mail. (For eg. If UNIX user john sends mail, then john#mydomain.com will be the sender address
myhostname = mail.mydomain.com
# The unique FQDN of your mail server. When talking to other SMTP servers, it identifies itself as mail.mydomain.com
mydestination = mydomain.com mail.mydomain.com
# You are instructing postfix to receive mails for the domains mydomain.com mail.mydomain.com, whose valid recipients can be specified using local_recipient_maps
Can you edit your question and paste the output of postconf -n, that will help to identify the issues
Related
I'm unable to send email from my Linux server (3.10.0-514.10.2.el7.x86_64 #1 SMP) as root#TechX.com despite SMTP port 25 Active and Listening.
[root#TechX ~]# hostname
TechX
PostFix version is:
postconf -d | grep mail_version
mail_version = 2.10.1
milter_macro_v = $mail_name $mail_version
I checked the mail log ( /var/log/maillog ) and found the below error.
Aug 16 20:50:05 TechX postfix/pickup[25136]: AEE222A924: uid=0
from= Aug 16 20:50:05 TechX postfix/cleanup[17455]: AEE222A924:
message-id=<20170816205005.AEE222A924#email> Aug 16 20:50:05 TechX
postfix/cleanup[17455]: warning:
proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf lookup error for
"root#email.TechX.com" Aug 16 20:50:05 TechX postfix/cleanup[17455]:
warning: AEE222A924: recipient_bcc_maps lookup problem Aug 16 20:50:05
TechX postfix/pickup[25136]: warning: maildrop/44677A9FE: error
writing AEE222A924: queue file write error Aug 16 20:50:06 TechX
postfix/pickup[25136]: warning: AFA982A927: message has been queued
for 80 days
I'm sharing all the ".cf" files seen in the error log.
[root#TechX ~]# more /etc/postfix/main.cf
# postfix config file
# uncomment for debugging if needed
soft_bounce=yes
# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4
# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
# network settings
inet_interfaces = all
mydomain = TechX.com
myhostname = email
mynetworks = $config_directory/mynetworks
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf
# mail delivery
recipient_delimiter = +
# mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
transport_maps = hash:/etc/postfix/transport
#local_recipient_maps =
# virtual setup
#virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf,
regexp:/etc/postfix/virtual_regexp
virtual_alias_maps = proxy:regexp:/etc/postfix/virtual_regexp
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-
virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-
virtual_mailbox_maps.cf
virtual_minimum_uid = 101
virtual_uid_maps = static:101
virtual_gid_maps = static:12
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
# debugging
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database =
btree:$data_directory/smtp_tls_session_cache
# Change mail.example.com.* to your host name
smtpd_tls_key_file = /etc/pki/tls/private/TechX.key
smtpd_tls_cert_file = /etc/pki/tls/certs/TechX.crt
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
# rules restrictions
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,
reject_unauth_destination, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_rec
ipient_domain
# uncomment for realtime black list checks
# ,reject_rbl_client zen.spamhaus.org
# ,reject_rbl_client bl.spamcop.net
# ,reject_rbl_client dnsbl.sorbs.net
smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
# Other options
# email size limit ~20Meg
message_size_limit = 9000000000
mailbox_size_limit = 2048000000
# Vacation Scripts
vacation_destination_recipient_limit = 1
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf
more /etc/postfix/mysql-virtual_alias_maps.cf
hosts = localhost
user = postfix
password = xxxxxxxxxxx
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND (active = '1' OR active = '3')
more /etc/postfix/mysql-virtual_vacation.cf
user = postfix
password = xxxxxxxxxxx
dbname = postfix
table = vacation
select_field = email
where_field = email
additional_conditions = and active = '9'
result_format = %u#%d#autoreply.TechX
Below are my hosts file entries
more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6
localhost6.localdomain6
127.0.0.1 guest
::1 guest
127.0.0.1 TechX
::1 TechX
127.0.0.1 autoreply.TechX
45.86.72.111 TechX.com
45.86.72.111 jira.TechX.com
45.86.72.111 shop.TechX.com
Can you please suggest what should i do to fix the problem ? Let me know if you need more details.
I had a similar problem, which was resolved by uncommenting the below line from
/etc/postfix/master.cf file...
smtps inet n - - - - smtpd
I have also tried to collate all the steps required to successfully setup a postfix server on RHEL7 configured with Gmail server.
You can quickly glance through these steps and figure out if you missed any step.
Detailed article: http://www.cubicrace.com/2017/11/unauthenticated-mail-server.html
I have a problem with my postfix setup that it allows unauthenticated and non-existing users to send mail. Postfix is configured to use virtual mailboxes.
This is what happens:
telnet hostname.com 25
Connected to hostname.com.
Escape character is '^]'.
220 hostname.com ESMTP Postfix (Debian/GNU)
ehlo server
250-hostname.com
250-PIPELINING
250-SIZE 52428800
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN CRAM-MD5 LOGIN
250-AUTH=PLAIN CRAM-MD5 LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Sending mail
telnet hostname.com 25
Connected to hostname.com.
Escape character is '^]'.
220 hostname.com ESMTP Postfix (Debian/GNU)
mail from: nonexistinguser#virtual-domain.com
250 2.1.0 Ok
rcpt to: legit-user#virtual-domain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
hi this is a mail from fake account
.
250 2.0.0 Ok: queued as BE73115761D
quit
221 2.0.0 Bye
Connection closed by foreign host.
Postfix config:
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_auth_only=no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = hostname.com
mydomain = hostname.com
myorigin=$mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination =
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = permit_sasl_authenticated,
reject_unauthenticated_sender_login_mismatch
smtpd_recipient_restrictions = permit_sasl_authenticated,
reject_unauth_destination,
reject_unknown_sender_domain
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth-client
virtual_mailbox_domains = /etc/postfix/vhosts
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
message_size_limit = 52428800
virtual_mailbox_limit = 0
The question is: how is it that i can send mail without authentication?
Postfix will accept message sent to local domains. They can be specified in number of ways one is mydestination parameter in main.cf.
The mydestination parameter specifies what domains this machine will deliver locally, instead of forwarding to another machine.
If you try to send to non local domain using telnet you will receive Relay access denied after issueing rcpt to command.
I have a recurring problem with postfix (on Debian Squeeze, amavisd-new and fail2ban are also installed) : All of a sudden, often at night (but not always), mail stop being delivered and the queue fulls up. Log shows a bunch of entries of this style :
May 18 19:54:16 ks4000003 postfix/error[6889]: 376352016039: to=<info#xxxxxxx>, relay=none, delay=0.62, delays=0.58/0.01/0/0.04, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Once I reboot the server, it then works (and the queue is all cleared). It remains without any problem until the next time (usally once every 1-2 weeks but recently every morning I have to reboot the server).
Any idea on this would be very appreciated. I should mention I'm really a newbie in server management; I searched for similar problems on google/stackoverflow and couldn't find a real similar one.
My postfix conf :
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
always_add_missing_headers = yes
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_size_limit = 0
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = ks4000003.ip-198-245-60.net, localhost, localhost.localdomain
myhostname = ks4000003.ip-198-245-60.net
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relayhost =
smtp_destination_concurrency_limit = 5
smtp_destination_rate_delay = 1s
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_error_sleep_time = 0
smtpd_recipient_restrictions = check_client_access hash:/etc/postfix/rbl_whitelist, permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unknown_recipient_domain, reject_unauth_destination, reject_unverified_sender, reject_unauth_destination,reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl.spamhaus.org, reject_rbl_client truncate.gbudb.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access mysql:/etc/postfix/mysql-virtual_sender.cf reject_non_fqdn_sender reject_unknown_sender_domain
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
First to the amavis problem:
According to you pastebin: qmgr requests something from amavis and gets a response it does not understand. I assume that qmgr send a mail to amavis that should be checked. Either amavis is down or the mail causes amavis to produce a corrupt response. But how can you check this?
The best method is to stop the amavis service and start it from a console with
# amavisd debug
Then amavis will output to the console.
Here is a link that might help: http://www.amavis.org/#faq
Then the database issues:
According to your pastebin: dovecot and postfix try to connect to the mysql database. postfix uses a tcp socket with the adress localhost or 127.0.0.1, dovecot uses a unix socket. If you did not change the configuration for the mysql port there should be a listening socket at the address 127.0.0.1:3306.
It is possible that the listening adress is an IPv6 address like ::1:3306
you can verify that with: netstat -ltn
If you configered a different port, this port must be shown in the netstat ouput. You might have configured your mysql to your outgoing ip address. Then you find something like 198.245.60.7:3306. Access to 127.0.0.1:3306 will not work in this case.
The "postfix" error message says that there is no listener at that port or you don't have access.
The "dovecot" message says you provided none or a wrong password to the mysql server, so it does not authenticate dovecot. Please check the configurations.
I have Amazon EC2 Linux instance where I have configured Postfix.
(1) Incoming mail from external work is working
(2) Outcoming mail with in domain is working
(3) Outgoing mail to exnter domain (Gmail, Yahoo) is not working
This is my main.cf configuration
I think I am missing something, I have west my two days, I have try various configuration options but not getting any right reason or error and solution
Error:
Aug 3 08:08:07 ip-10-0-0-7 postfix/smtp[10379]: DEE6A26ECD: to=, relay=smtp.mydomin.in[72.167.238.29]:25, delay=35, delays=34/0.01/0.83/0.39, dsn=4.1.1, status=SOFTBOUNCE (host smtp.mydomin.in[72.167.238.29] said: 550 5.1.1 Recipient not found. http://x.co/irbounce (in reply to RCPT TO command))
A
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 4
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain
mydomain = mydomin.in
myhostname = mydomin
mynetworks = 127.0.0.0/8 10.0.0.7 54.xxx.xxx.xxx
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
recipient_delimiter = +
relay_domains = $mydomain
relayhost = smtp.mydomin.in
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_connection_cache_destinations = $relayhost
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/password
smtp_sasl_security_options =
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
soft_bounce = yes
unknown_local_recipient_reject_code = 550
In your main.cf, could you try to change
mynetworks = 127.0.0.0/8 10.0.0.7 54.xxx.xxx.xxx
to
mynetworks = all
Once done, don't forget to reload / restart postfix.
I'm trying to configure the Real Time Monitoring Tool (RTMT) from Cisco against the Postfix mail server in Ubuntu. I have already configured the mail server option in RTMT with the IP address of Postfix and created an alert to send email to a particular address in RTMT.
The aim of this is that I want to get an email everytime that the alarm rises.
I'm able to send mails using the mailutils command, but not able to get work the communication between RTMT and Postfix.
Any ideas?
Here is the main.cf file from post fix.
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = nagiosgp3-desktop
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = zenossfg3.com, nagiosfg3-desktop, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-dovecot-postfix.conf -n -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_received_header = yes
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom
With the current Postfix setup, you should be able to send an email to user#nagiosfg3-desktop and read email with an client when logged in as user. But I understand that is not your aim.
You have to setup Postfix as simple satellite thanks to a relayhost and SMTP protocol. You should use your company SMTP server if there is one.
As you mention a gmail destination, you can also use Google SMTP server as relay, thanks to SASL authentication documentation. As Google requires TLS/SSL to connect to its service, this documentation must be used too:
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
In /etc/postfix/sasl_passwd, you will set your gmail account username and password so that Google allows your Postfix to use its service as relay:
[smtp.gmail.com] username#gmail.com:yourpassword
And the file /etc/postfix/tls_policy to contain:
[smtp.gmail.com]:587 encrypt protocols=TLSv1 ciphers=high