Configuring sendmail to forward through Gmail

posted on Sep 5, 2016

These days we get Gmail to manage mail servers (in my case this happened due to the large amount of spam filtering that my email server had to do). However many Linux services may need to send email and yet I don't usually check the local email accounts on each machine. The best way to have those automated emails to work is to have the machine forward email through Gmail. This post describes how I set this up on Slackware 14.2.

Step 1 create Gmail authentication file

  1. mkdir -m 700 /etc/mail/authinfo/
  2. cd /etc/mail/authinfo/
  3. create new file gmail-auth with the following content:
    AuthInfo: "U:root" "I:address@gmail.com" "P:password"
  4. chmod 600 gmail-auth
    (because it has your password!)
  5. makemap hash gmail-auth < gmail-auth

Step 2 configure sendmail

In Slackware 14.2 the sendmail configuration files are kept in /usr/share/sendmail/cf/cf/. We will create a new configuration file by expanding the base slackware sendmail configuration. This will have to be compiled and deployed in /etc/mail, then sendmail needs to be restarted to reload the new configuration (or as in my case, activated for the first time).

  1. cd /usr/share/sendmail/cf/cf
  2. cp sendmail-slackware.mc sendmail-local-fwd-gmail.mc
    (but you can use a different base configuration in that folder if it is more appropriate)
  3. edit sendmail-local-fwd-gmail.mc to include the following code instead of the line dnl define(`SMART_HOST',`mailserver.example.com'):
    (`SMART_HOST',`[smtp.gmail.com]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash -o /etc/mail/authinfo/gmail-auth.db')dnl
  4. Now we compile the configuration and put it in /etc/mail:
    m4 sendmail-local-fwd-gmail.mc > /etc/mail/configure.cf

Step 3 enable or restart sendmail

If you already have sendmail running, you need to restart it, otherwise you need to enable it and start it (my case):

  1. cd /etc/rc.d
  2. chmod a+x rc.sendmail
  3. ./rc.sendmail start

Step 4 enable Gmail to accept messages

In older days the above would be enough, but these days Gmail does not want to accept other applications connecting other than Google apps themselves. So we have to setup the Gmail account to allow "unsecure" connections. (These may be indeed less secure, but note that the configuration above is using TLS to encrypt the connection.)

  1. Login to your Gmail account at https://myaccount.google.com/
  2. On the account homepage, click Sign-in & security (or navigate to https://myaccount.google.com/security)
  3. Turn on Allow less secure apps
  4. Go to the page https://accounts.google.com/DisplayUnlockCaptcha and press Continue
  5. Now, back on the command line on your server send a message like this:
    echo "Testing mail forwarding through Gmail" | mail -s "Forward test" someother@email.address
    (we're sending to a different email address so that we can check how all forwarded messages arrive; essentially they come from your address@gmail.com (added in step 1.3). Note that all accounts on your machine now forward email through this adress@gmail.com!)

Your test message should have arrived at your test email account. It seems that if the machine forwarding mail to Gmail does not have a reverse DNS entry, the messages may take quite some time to be processed (Gmail slowing down machines that may be suspect of sending spam, as these days most bona fide mail servers would have a reverse DNS entry).

permalink