Unable to send emails from Postfix via Gmail (connect to smtp.google.com: Connection timed out)

Question

I want to configure a Ubuntu Linode VPS to send log information from Fail2Ban, Apache ModSecurity and other monitoring tools to my email address. However, I don't want to configure a whole email sever: instead, I want to leverage Gmail as a relay from where I'll send all my emails. Esentially, everything should be sent from my Ubuntu VPS to Gmail.

With this in mind, I

1. Succesfully added the relevant Google MX records in my Linode DNS Manager: if I send an email from my personal email account to address@<my_Linode_domain>.com, it arrives.
2. Requested Linode to lift their restrictions on the SMTP ports 25, 465, 587 and they did so.
3. I followed the instructions in this guide to install Postfix and configure it to use Gmail.
4. On UFW, I've opened the ports 25, 465 & 587 to allow outgoing communication.

After that, I attempted to send an email through:

mail -s "Mail from Linode activated" <my_personal_email>@gmail.com

But the mail was never sent. Upon checking the logs (less /var/log/mail.log), I received:

May  9 09:21:34 www postfix/qmgr[2127]: E4003695A6: from=<main_dev@<server_domain>>, size=556, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: 5D102695B3: from=<main_dev@<server_domain>>, size=462, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: 1F27C69735: from=<main_dev@<server_domain>>, size=462, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: DCBF76973C: from=<main_dev@<server_domain>>, size=475, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: 057EB6972C: from=<main_dev@<server_domain>>, size=464, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: F00AA6972D: from=<main_dev@<server_domain>>, size=436, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: 280D8695B0: from=<main_dev@<server_domain>>, size=450, nrcpt=1 (queue active)
May  9 09:21:34 www postfix/qmgr[2127]: DD85269734: from=<main_dev@<server_domain>>, size=464, nrcpt=1 (queue active)
May  9 09:22:04 www postfix/smtp[2130]: connect to smtp.google.com[64.233.176.27]:587: Connection timed out
May  9 09:22:04 www postfix/smtp[2132]: connect to smtp.google.com[64.233.176.27]:587: Connection timed out
May  9 09:22:04 www postfix/smtp[2133]: connect to smtp.google.com[74.125.138.27]:587: Connection timed out
May  9 09:22:04 www postfix/smtp[2134]: connect to smtp.google.com[142.251.15.26]:587: Connection timed out
May  9 09:22:04 www postfix/smtp[2135]: connect to smtp.google.com[74.125.138.27]:587: Connection timed out
May  9 09:22:24 www postfix/pickup[2126]: BC49569587: uid=1000 from=<main_dev>
May  9 09:22:24 www postfix/cleanup[2140]: BC49569587: message-id=<20230509142224.BC49569587@www.<server_domain>.com>
May  9 09:22:24 www postfix/qmgr[2127]: BC49569587: from=<main_dev@<server_domain>.com>, size=458, nrcpt=1 (queue active)
May  9 09:22:34 www postfix/smtp[2130]: connect to smtp.google.com[74.125.138.27]:587: Connection timed out
May  9 09:22:34 www postfix/smtp[2132]: connect to smtp.google.com[142.251.15.26]:587: Connection timed out
May  9 09:22:34 www postfix/smtp[2133]: connect to smtp.google.com[64.233.176.27]:587: Connection timed out
May  9 09:22:34 www postfix/smtp[2134]: connect to smtp.google.com[142.251.15.27]:587: Connection timed out
May  9 09:22:35 www postfix/smtp[2135]: connect to smtp.google.com[64.233.176.27]:587: Connection timed out

My first suspicion was that Linode actually didn't open the relevant ports, so I ran traceroute -n -T -p 25 gmail-smtp-in.l.google.com to see if my messages were at least getting out of the server. This is the outcome, which I believe says that my message actually left the server:

sudo traceroute -n -T -p 25 gmail-smtp-in.l.google.com
traceroute to gmail-smtp-in.l.google.com (64.233.176.27), 30 hops max, 60 byte packets
 1  10.204.4.35  0.087 ms  0.045 ms  0.030 ms
 2  10.204.35.30  0.212 ms 10.204.35.29  0.233 ms  0.225 ms
 3  10.204.64.37  0.156 ms 10.204.64.38  0.183 ms 10.204.64.37  0.150 ms
 4  74.207.239.106  0.309 ms  0.314 ms *
 5  23.203.144.38  0.630 ms 23.203.144.36  0.627 ms  0.611 ms
 6  23.203.144.49  2.603 ms 23.203.144.213  0.492 ms  0.502 ms
 7  108.170.249.108  1.093 ms * *
 8  108.170.249.33  1.401 ms 66.249.95.175  3.374 ms 209.85.246.230  0.542 ms
 9  108.170.249.98  0.569 ms 108.170.249.162  0.487 ms 108.170.249.98  1.030 ms
10  108.170.233.9  2.420 ms 142.251.51.7  2.765 ms 64.233.175.187  2.888 ms
11  * 142.251.51.108  1.729 ms *
12  216.239.63.221  3.175 ms 216.239.48.111  2.142 ms *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  64.233.176.27  1.151 ms *  1.189 ms

There's no error indicating that the login credentials are wrong, and besides I'm using an application password to login with Google. But as you can see, the logs aren't very descriptive either.

Has anyone seen something similar?

This is my postfix configuration file:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
Debian specific:  Specifying a file name will cause the first
line of that file to be used as the name.  The Debian default
is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
appending .domain is the MUA's job.
append_dot_mydomain = no
Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
fresh installs.
compatibility_level = 3.6
TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level=may
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = www.<my_hostname>.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, www.<domain>.com, localhost.<domain>.com, localhost
relayhost = smtp.google.com:587
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = ipv4

An these are my UFW rules, but I doubt its a firewall issue since according to traceroute the messages leave the server & turning off UFW doesn't change the output:

Status: active
To                         Action      From

22/tcp                     ALLOW       Anywhere

80/tcp                     ALLOW       Anywhere

443                        ALLOW       Anywhere

OpenSSH                    ALLOW       Anywhere

Apache Full                ALLOW       Anywhere

21/tcp                     DENY        Anywhere

22/tcp (v6)                ALLOW       Anywhere (v6)

80/tcp (v6)                ALLOW       Anywhere (v6)

443 (v6)                   ALLOW       Anywhere (v6)

OpenSSH (v6)               ALLOW       Anywhere (v6)

Apache Full (v6)           ALLOW       Anywhere (v6)

21/tcp (v6)                DENY        Anywhere (v6)
25                         ALLOW OUT   Anywhere

465                        ALLOW OUT   Anywhere

587                        ALLOW OUT   Anywhere

25 (v6)                    ALLOW OUT   Anywhere (v6)

465 (v6)                   ALLOW OUT   Anywhere (v6)

587 (v6)                   ALLOW OUT   Anywhere (v6)