TLS just enables encryption on the smtp session and doesn't directly affect whether or not Postfix will be allowed to relay a message.
The relaying denied message occurs because the smtpd_recipient_restrictions rules was not matched. One of those conditions must be fulfilled to allow the message to go through:
smtpd_recipient_restrictions =
permit_sasl_authenticated
check_recipient_access hash:/etc/postfix/filtered_domains
permit_mynetworks
reject_unauth_destination
To explain those rules:
permit_sasl_authenticated
permits authenticated senders through SASL. This will be necessary to authenticate users outside of your network which are normally blocked.
check_recipient_access
This will cause postfix to look in /etc/postfix/filtered_domains for rules based on the recipient address. (Judging by the file name on the file name, it is probably just blocking specific domains... Check to see if gmail.com is listed in there?)
permit_mynetworks
This will permit hosts by IP address that match IP ranges specified in $mynetworks. In the main.cf you posted, $mynetworks was set to 127.0.0.1, so it will only relay emails generated by the server itself.
Based on that configuration, your mail client will need to use SMTP Authentication before being allowed to relay messages. I'm not sure what database SASL is using. That is specified in /usr/lib/sasl2/smtpd.conf Presumably it also uses the same database as your virtual mailboxes, so you should be able enable SMTP authentication in your mail client and be all set.
Have you tested whether the account can send mail?
There are a few ways of doing this, but the easiest is to telnet to port 25 (smtp) on your mailserver (try from the local console):
telnet localhost 25
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 myserver.com ESMTP Postfix
EHLO test.com
250-myserver.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: mailer@myserver.com
250 2.1.0 Ok
rcpt to: test@testaddress.com
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: Test Message
Test
.
250 2.0.0 Ok: queued as 97B7D7640D0
If you see all those 250 OK messages and your message gets through to the test address, then the account is working fine.
If you get an error, then it will indicate where the problem is in the config. If you get an error after the MAIL FROM: command, then the user is not allowed to send mail at all.
If you get an error after the RCPT TO: command, then the user is not allowed to send mail to the test address.
If you get an error after the body of the mail, or the message never arrived, then check your maillog file. It is pretty useful to have another window with a live view of your maillog - tail -f /var/log/maillog
will allow you to see what is happening on your mailserver as it happens. Very helpful when tracking things down.
You can also test by switching to the mailer user, and using the mail command to send a test message - view the maillog at the same time to see what happens.
Best Answer
POSTFIX is an smtp server itself. You won't need to install anything else.
http://www.postfix.org/SMTPD_ACCESS_README.html