Pages

Monday, 20 January 2014

Configuring mail on linus server through ssmtp

Setting SMTP on linux server

Follow through the steps to setup simple smtp on linxu server

Pre-requisite:
  1. smtp server credentials
  2. ssmtp installed on server

Steps to setup email are:
  1. Install ssmtp
    sudo apt-get install ssmtp
  2. Edit conf file ( /etc/ssmtp/ssmtp.conf  and /etc/ssmtp/revaliases)
         sudo vim /etc/ssmtp/ssmtp.conf
    1. djust and add as necessary the  following parameters:
      1. root=username@gmail.com
      2. mailhub=smtp.gmail.com:587
      3. hostname=username@gmail.com
      4. UseSTARTTLS=YES
      5. AuthUser=username
      6. AuthPass=password
      7. FromLineOverride=yes
         To send hostname instead of          root[root@hostname.FQDN]
      8. save: :qw 
    2.  To make the default (root) “from” field be the server name, edit the/etc/ssmtp/revaliases file:sudo vim /etc/ssmtp/revaliases
      1. add into it the desired translation which in our Gmail examples case will be
        root:machine-name@some-domain.com:smtp.gmail.com
  3. Test the configuration    
    1.  $ echo "Test message from Linux server using ssmtp" | sudo ssmtp -vvv your-email@some-domain.com
        and then press 'ctrl + d' to begin sending email


Your /etc/ssmtp/ssmtp.conf file will look like this for gmail server:


#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
##root=postmaster
root=chantuBhantu@gmail.com

# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
##mailhub=mail
mailhub=smtp.gmail.com:587
AuthUser=chantuBhantu@gmail.com
AuthPass=superSecret
UseTLS=YES
UseSTARTTLS=YES

# Where will the mail seem to come from?
#rewriteDomain=
rewriteDomain=gmail.com

# The full hostname
##hostname=vagrant-ubuntu-precise-64
hostname=chantuBhantu@gmail.com

# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
FromLineOverride=YES

and /etc/ssmtp/reveraliases like this:


# sSMTP aliases
#
# Format:       local_account:outgoing_address:mailhub
#
# Example: root:your_login@your.domain:mailhub.your.domain[:port]
# where [:port] is an optional port number that defaults to 25.

root:chantuBhantu@gmail.com:smtp.gmail.com:587


Security 

  1. The default file permissions of /etc/ssmtp/ssmtp.conf allow all the users to read it. This isn’t good because it contains our email password in plain-text. Use this to change the read permissions:
    1. sudo chmod 640 /etc/ssmtp/ssmtp.conf
      Now only root can send email
  2. With 640 settings only root can send email. To enable other users to send email, set the file’s group to mail and add those users to the mail group:
    1. sudo chown root:mail /etc/ssmtp/ssmtp.conf
    2. sudo gpasswd -a USERNAME mail
  3. Test the configuration  by sending
    1. echo "Test" | ssmtp -vs "Subject 123" root
  4. If you want to change the name of the sender when mailing on behalf of a system user, you can do this by setting the user’s name:
    1. sudo chfn -f root.homeserver root
    2. sudo chfn -f myuser.homeserver myuser

Troubleshooting

  • If you got the following error in your /var/log/mail.err log file, then your password probably has a special character (such as ?) which breaks the shell when sending the email
                       /var/log/mail.err                           Creating SSL connection to host                           SSL connection using RSA_ARCFOUR_SHA1                           ssmtp: Authorization failed (535 5.7.8 http://support.google.com/mail/bin/answer.py?answer=14257 r54sm45793778eev.8 - gsmtp
    • The following error in your /var/log/mail.err log file usualy indicates that your user isn’t in the mail group. Make sure by signing in again to the terminal and runninggroups to see which groups you are a member of.
      /var/log/mail.err                  unable to locate smtp.gmail.com
    • root@vagrant-ubuntu-precise-64:/home/vagrant/chef-client/chef-repo# knife bootstrap 192.168.50.74 --sudo -r 'role[time-app-v2-1]'
    • Bootstrapping Chef on 192.168.50.74
    • ERROR: Net::SSH::HostKeyMismatch: fingerprint 4e:08:19:60:8b:ff:6a:70:a6:36:80:37:35:e2:ff:88 does not match for "192.168.50.74"
      To fix this error, remove that fingerprint from your ~/.ssh/known_hosts file and run the command again.
       For security reasons, SSH stores the fingerprints of systems in a local cache the first time you connect. If that fingerprint changes (like if you re-provision a server using the same FQDN), SSH will throw this error

    References

    • http://linux.die.net/man/8/ssmtp
    • http://linux.die.net/man/5/ssmtp.conf
    • http://www.havetheknowhow.com/Configure-the-server/Install-ssmtp.html
    • http://amirshk.com/blog/2012/10/01/forward-roots-mail-to-a-gmail-account-using-ssmtp/
    • http://tech.jonathangardner.net/wiki/Sendmail_%2B_Gmail



    Posted by sahil at 23:55

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)