Send email using a Postfix Relay in Azure Virtual Machine Through Gmail Using Ansible Playbook

I got a requirement to setup Ansible playbook which installs postfix and related software on a CentOS server and to send mail using Gmail smtp services

The requirement is to take config file and password file from GIT repo and work in a pipeline. The CI/CD pipeline is to be established using Jenkins or other similar tools. Following are the contents of this blog

  1. Create an ansible playbook which installs postfix cyrus-sasl-plain and mailx in CentOS server
  2. Copy the file and sasl_passwd using your CI/CD pipeline
  3. Rerun the step 1 to restart the postfix with the new config file and apply the password file
  4. Create an ansible playbook which send email using your Gmail smtp

Ansible Playbook 1 – Install postfix cyrus-sasl-plain and mailx add localhost in your host file


  1. Add localhost in host file
  2. If you have Python version 3.x is running as default version, you may need to apply a fix in your playbook to run the python 2 also
  3. create mailsetup.yml with the following contents
- name: configuring postfix mail server
  hosts: localhost
  become: true
      - postfix
      - cyrus-sasl-plain
      - mailx
    svc: postfix
    - name: installing {{ pkg }} packages
        name: "{{ pkg }}"
        state: present
        ansible_python_interpreter: /usr/bin/python2
    - name: enabling and starting {{ svc }} service
        name: "{{ svc }}"
        state: started
        enabled: true
    - name:
      command: postmap /etc/postfix/sasl_passwd
    - name: enabling and starting {{ svc }} service
        name: "{{ svc }}"
        state: restarted

CI/CD Pipeline: Copy the config file and password files under /etc/postfix file – Copy the original file and append the following lines at the end of the file

myhostname = localhost

relayhost = []:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

sasl_passwd file – Enable two step authentication and create an app password as explained here: Google documentation. Once ready substitute the values in following line and create the sasl_passwd file

[]:587 your gmail user id:app password

Restart services and apply the new password settings – Easy way to achieve this step is to re-run the Playbook 1 again

Ansible Playbook 2 – Create mailsend.yml Send email using the Gmail smtp services

- name: Sending mail using ansible playbook
  hosts: localhost
  become: true
    - name: sending email to any address
        port: 587
        username: your gmail account
        password: your app password
        to: any email address
        subject: Ansible-Postfix test

While running the above file, you will have the email received in your address specified !!!

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Comments