For future reference. This came in very handy after I turned on Google 2-step verification. Originally found here: http://passion4high-tech.blogspot.com/2013/03/postfix-sasl-authentication-failed-with.html
If you configure your Google account for extra security to use the 2-step verification, then some applications which work outside the browser might not be compatible with 2-step verification and cannot ask for verification codes.
SASL authentication failed; server smtp.gmail.com said: Application-specific password required.
First, you would need visit the Authorizing applications & sites page (pictured below) under your Google Account settings.
On this page page enter the name of the application to be authorized (Postfix) and click on Generate Password button. Write down the password generated by this page.
Then, the following changes need to be made to Postfix configuration:
- As root user (or using sudo), modify the SASL password file:
# to contain the password generated instead of your Google account password used before.
- Hash the password file
- Make sure SASL password files can be read by root user only
sudo chmod 600 /etc/postfix/sasl_passwd
sudo chmod 600 /etc/postfix/sasl_passwd.db
- Restart Postfix
That is it. Postfix should be able to send emails the same way it did before, using the 2-step verification feature from Google.