Configure a device running LEDE to accept SMTP messages unauthenticated and relay them to a Gmail / G Suite SMTP server with credentials.
Configure a Gmail / G Suite Account
Direct access to google’s SMTP servers is rarely needed by the average user and less secure, so you will have to enable access to less secure apps. I HIGHLY recommend creating a new gmail account or user in your G Suite organization. Allow less secure apps: Gmail or G Suite.
The postfix package will take up ~3.75MB of space on your device. If your device does not have enough internal storage, you may have to install packages to an external storage device.
Backup your existing configuration, copy it to a remote device, and delete it:
sysupgrade --create-backup ~/backup.tar.gz scp ~/backup.tar.gz [email protected]:/path rm ~/backup.tar.gz
Install and then stop postfix:
opkg upate opkg install postfix /etc/init.d/postfix stop
Create a file called
/etc/postfix/sasl_passwd and add the following line to it. If you are using G Suite, replace gmail.com with your domain.
Edit the file
By default postfix listens on port 25 of all internal interfaces. Override that by adding:
inet_interfaces = ipaddress
Add the settings from the Gmail SMTP server section of this document.
relayhost = [smtp.gmail.com]:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = texthash:/etc/postfix/sasl_passwd smtp_sasl_security_options =
Postfix grants the ability to relay mail to clients defined in the variable
mynetworks. By default
/etc/postfix/main.cf contains the line
mynetworks_style = subnet which causes postfix to define mynetworks as any subnet that postfix has an interface on, including the WAN.
To see what is currently in mynetworks, run:
postconf | grep mynetworks\ =
Manually defining mynetworks causes postfix to ignore mynetworks_style. Do so by adding the following line:
mynetworks = 192.168.1.1 192.168.2.0/24 192.168.0.0/16
Harden your system by adding the following line:
disable_vrfy_command = yes
Apply these changes by running:
By default the password file we created (
/etc/postfix/sasl_passwd) will not be backed up or preserved after a firmware upgrade.
To add it to manifest of files that will be backed up run:
echo '/etc/postfix/sasl_passwd' >> /etc/sysupgrade.conf
Show queued, delayed, and pending messages:
Process queued mail:
Delete all queued mail:
postsuper -d ALL