Postfix Using Gmail Relay: Must issue a STARTTLS command first

I get this error: Must issue a STARTTLS command first with all sent mail.

Can anyone see why?

main.cf:

relayhost=[smtp.gmail.com]:587
smtp_connection_cache_destinations= [smtp.gmail.com]:587
#TLS parameters
smtpd_use_tls = yes
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_security_level = encrypt
# SASL Configuration
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_enforce_tls = no
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = plain
smtp_sasl_tls_security_options = noanonymous

tls_policy

[smtp.gmail.com]:587 encrypt

sasl_passwd

smtp.gmail.com:587 :password

And, yes, I have run postmap on all the data files and have reloaded postfix after making changes.

TIA

3 Answers

You should use smtp_enforce_tls = yes

0

It seems that your postfix tries to issue AUTH before issuing STARTTLS (-> it does not issue STARTTLS). AFAIK Gmail offers SMTP AUTH on ports 25 and 587 only after STARTTLS.

Have you restarted postfix daemon after adding smtp_use_tls=yes?

2

I can confirm that setting smtp_tls_security_level = encrypt in /etc/postfix.main.cf resolves this issue.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like