On 6/20/23 02:30, Michael wrote:
On Tuesday, 20 June 2023 06:29:52 BST the...@sys-concept.com wrote:
Trying to send email via Google SMTP and postfix but getting authentication
failed.
white postfix/smtp[32223]: 62E5618008F: to=<u...@google.com>,
relay=smtp.gmail.com[173.194.203.109]:587, delay=2390,
delays=2390/0.01/0.29/0, dsn=4.7.8, status=deferred (SASL authentication
failed; server smtp.gmail.com[173.194.203.109] said: 535-5.7.8 Username and
Password not accepted. Learn more at?535 5.7.8
https://support.google.com/mail/?p=BadCredentials
n3-20020aa78a43000000b00663b712bfbdsm4668932pfa.57 - gsmtp)
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes
/etc/postfix/sasl_passwd
[smtp.gmail.com]:587 usern...@gmail.com:PASSWORD
postmap /etc/postfix/sasl_passwd
/etc/init.d/postfix restart
The user and password are correct.
I think I know what the problem is - but I do not use postfix and can't
confirm it on my side:
Since mid 2022 Google requires 2FA to allow login into their server. Until
then it used to be the case you could select in their security settings to
"Allow Less Secure Apps", generate an application specific password hash using
their GUI and use this in your mail client. For a year now you won't be able
to do this, unless you first provide a mobile phone number to Google.
If you *must* use Google, they you'll have to login into their Google account
security panel, set 2FA, attempt to connect with your postfix client, create
an application pass code hash for your postfix via their GUI and use that as
your password in your postfix settings. If you change your IP address, or
your PC/client, or anything else Google are using to fingerprint and profile
your device, then you'll have to login again in their GUI to confirm you are
who you are and your client is a legitimate device owned by you.
They have many relevant help pages to explain all this, so you should search
for specific guidance, or find another email provider with less onerous user
profiling demands. ;-)
HTH
I setup a Twilio trial account with bash-scrip to send me SMS if the remote IP
changes (on a cron job every hr.) and it works, but I'm not sure how log
the account will be free.
# Twilio credentials
TWILIO_ACCOUNT_SID="xxxxxxxxxxxxxxxxxxxxxxxxxxx"
TWILIO_AUTH_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
TWILIO_PHONE_NUMBER="+xxxxxxxxx"
TO_PHONE_NUMBER="+xxxxxxxxxxxx"
# File to store the last known IP address
IP_FILE="/home/user/ip_address.txt"
# Read the last known IP address from the file
OLD_IP=$(cat "$IP_FILE")
# Query the "what is my ip" service to get the current IP address
NEW_IP=$(curl -s https://api.ipify.org)
# Compare the new IP address with the old one
if [[ "$NEW_IP" != "$OLD_IP" ]]; then
echo "Your IP address has changed to $NEW_IP"
# Send a Twilio message with the new IP address
MESSAGE="New IP address: $NEW_IP"
curl -X POST
"https://api.twilio.com/2010-04-01/Accounts/$TWILIO_ACCOUNT_SID/Messages.json"; \
--data-urlencode "To=$TO_PHONE_NUMBER" \
--data-urlencode "From=$TWILIO_PHONE_NUMBER" \
--data-urlencode "Body=$MESSAGE" \
-u "$TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN"
# Update the IP file with the new IP address
echo "$NEW_IP" > "$IP_FILE"
else
echo "Your IP address is still $OLD_IP"
fi
