We spend a lot of time gathering metrics for our network, servers, and many things going on within the code that drives Etsy. It’s no secret that this is one of our keys to moving fast. We use a variety of monitoring tools to help us correlate issues across our architecture. But what most monitoring tools achieve is correlating the effects of change, rather than the causes.
Change to application code (deploys) are opportunities for failure. Tweaking pages and features on your web site cause ripples throughout the metrics you monitor, including database load, cache requests, web server requests, and outgoing bandwidth. When you break something on your site, those metrics will typically start to skew up or down.

Click here to download:

main.cf.doc (1 KB)

(download)

Click here to download:

main.cf.doc (1 KB)

Firstly you need postfix compiled with SASL and ssl support.

Enter this command into your shell.


ldd /usr/lib/postfix/smtp


Here is the output:

linux-gate.so.1 => (0xffffe000)
libpostfix-master.so.1 => /usr/lib/libpostfix-master.so.1 (0xb7f43000)
libpostfix-tls.so.1 => /usr/lib/libpostfix-tls.so.1 (0xb7f38000)
libpostfix-dns.so.1 => /usr/lib/libpostfix-dns.so.1 (0xb7f33000)
libpostfix-global.so.1 => /usr/lib/libpostfix-global.so.1 (0xb7f0c000)
libpostfix-util.so.1 => /usr/lib/libpostfix-util.so.1 (0xb7ee6000)
libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0xb7ea9000)
libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 (0xb7d7b000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d67000)
libdb-4.3.so => /usr/lib/libdb-4.3.so (0xb7c8a000)
libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7c75000)
libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7c62000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7b33000)
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7b30000)
libz.so.1 => /usr/lib/libz.so.1 (0xb7b1b000)
/lib/ld-linux.so.2 (0xb7f59000)

If you dont see libssl and libsasl, this wont work, and you’ll need to recompile with support.

Generate a CSR for this server


openssl genrsa -out itchy.key 1024
openssl req -new -key itchy.key -out itchy.csr
openssl ca -out itchy.pem -infiles itchy.csr


Now include these main.cf modifications:

relayhost = [smtp.gmail.com]:587

#auth
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

#tls
smtp_use_tls = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_note_starttls_offer = yes
tls_random_source = dev:/dev/urandom
smtp_tls_scert_verifydepth = 5
smtp_tls_key_file=/etc/postfix/certs/itchy.key
smtp_tls_cert_file=/etc/postfix/certs/itchy.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_req_ccert =no
smtp_tls_enforce_peername = no

Create /etc/postfix/sasl_passwd file

This is the format of the sasl_passwd file.

Copy this text and edit with your account details then highlight and copy.

gmail-smtp.l.google.com user@gmail.com:password
smtp.gmail.com user@gmail.com:password

Enter these commands line by line and press enter after each line.


vim /etc/postfix/sasl_passwd
a
ctr + shift + v
esc
!wq
postmap /etc/postfix/sasl_passwd
/etc/init.d/postfix reload


That should work. Thanks to IMamba for original.

read more at bookmarks.honewatson.com