First I'd like to thank everybody here for the wonderfull product that is Zimbra.
I am running Zimbra Opensource 7.1.0 GA on Centos 5.6 x64. After blundering through the install process, I hit a couple of hicups but nothing the wiki couldn't help me with. Everything is now working except for my mail relay which is smtp.googlemail.com
I ran the following commands to set smtp.googlemail.com as a mail relay: (PASSWORD was replaced with the correct password to the account)
But my mails were deffered due to "sasl authentication failed..." By running:
zmprov ms mail.sensero.org zimbraMtaRelayHost smtp.googlemail.com:587
echo smtp.googlemail.com email@example.com:PASSWORD > /opt/zimbra/conf/relay_password
postmap -q smtp.googlemail.com /opt/zimbra/conf/relay_password
postconf -e smtp_sasl_password_maps=hash:/opt/zimbra/conf/relay_password
postconf -e smtp_sasl_auth_enable=yes
postconf -e smtp_cname_overrides_servername=no
postconf -e smtp_use_tls=yes
postconf -e smtp_tls_security_level=may
zmlocalconfig -e postfix_smtp_sasl_password_maps=hash:/opt/zimbra/conf/relay_password
zmlocalconfig -e postfix_smtp_sasl_security_options=noanonymous
zmlocalconfig -e postfix_smtp_use_tls=yes
zmlocalconfig -e postfix_smtp_cname_overrides_servername=no
I log the following error messages:
So far I have found that google does not require plaintext authentication, that my /etc/hosts file is correct and that my split DNS functions correctly.
May 17 20:39:02 mail postfix/qmgr: AA0A616407F0: from=<firstname.lastname@example.org>, size=2763, nrcpt=1 (queue active)
May 17 20:39:02 mail postfix/smtp: certificate verification failed for smtp.googlemail.com[126.96.36.199]:587: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
May 17 20:39:02 mail postfix/smtp: warning: SASL authentication failure: No worthy mechs found
May 17 20:39:02 mail postfix/smtp: AA0A616407F0: to=<XXX@XXX.com>, relay=smtp.googlemail.com[188.8.131.52]:587, delay=0.62, delays=0.35/0.04/0.22/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.googlemail.com[184.108.40.206]: no mechanism available)
From what I have read, I need to append the Equifax certificate to my cacert.pem file, ecept I cannot find this. I have tried using postconf -e postfix_smtp_tls_CAfile= and set it to a file that contained the Equifax security certificate but that hasnt worked...
Any help would greatly be appreciated!