Postfix Using Gmail Relay: Must issue a STARTTLS command first

I get this error: Must issue a STARTTLS command first with all sent mail.

Can anyone see why?

main.cf:

relayhost=[smtp.gmail.com]:587
smtp_connection_cache_destinations= [smtp.gmail.com]:587

#TLS parameters
smtpd_use_tls = yes
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_security_level = encrypt
# SASL Configuration
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_enforce_tls = no
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = plain
smtp_sasl_tls_security_options = noanonymous

tls_policy

[smtp.gmail.com]:587 encrypt

sasl_passwd

smtp.gmail.com:587 [email protected]:password

And, yes, I have run postmap on all the data files and have reloaded postfix after making changes.

TIA

Solution 1:

You should use smtp_enforce_tls = yes

Solution 2:

It seems that your postfix tries to issue AUTH before issuing STARTTLS (-> it does not issue STARTTLS). AFAIK Gmail offers SMTP AUTH on ports 25 and 587 only after STARTTLS.

Have you restarted postfix daemon after adding smtp_use_tls=yes?

http://mhawthorne.net/posts/postfix-configuring-gmail-as-relay.html

Solution 3:

I can confirm that setting smtp_tls_security_level = encrypt in /etc/postfix.main.cf resolves this issue.