SSMTP
SSMTP is a program which delivers email from a local computer to a configured mailhost (mailhub). It is not a mail server (like feature-rich mail server sendmail) and does not receive mail, expand aliases or manage a queue. One of its primary uses is for forwarding automated email (like system alerts) off your machine and to an external email address.
Contents
Installation
Forward to a Gmail mail server
To configure SSMTP, you will have to edit its configuration file (/etc/ssmtp/ssmtp.conf
) and enter your account settings:
/etc/ssmtp/ssmtp.conf
# The user that gets all the mails (UID < 1000, usually the admin) root=username@gmail.com # The mail server (where the mail is sent to), both port 465 or 587 should be acceptable # See also https://support.google.com/mail/answer/78799 mailhub=smtp.gmail.com:587 # The address where the mail appears to come from for user authentication. rewriteDomain=gmail.com # The full hostname hostname=localhost # Use SSL/TLS before starting negotiation UseTLS=Yes UseSTARTTLS=Yes # Username/Password AuthUser=username AuthPass=password # Email 'From header's can override the default domain? FromLineOverride=yes
Create aliases for local usernames (optional)
/etc/ssmtp/revaliases
root:username@gmail.com:smtp.gmail.com:587 mainuser:username@gmail.com:smtp.gmail.com:587
To test whether the Gmail server will properly forward your email:
$ echo test | mail -v -s "testing ssmtp setup" tousername@somedomain.com
Change the 'From' text by editing /etc/passwd
to receive mail from 'root at myhost' instead of just 'root'.
# chfn -f 'root at myhost' root # chfn -f 'mainuser at myhost' mainuser
Which changes /etc/passwd
to:
$ grep myhostname /etc/passwd
root:x:0:0:root@myhostname,,,:/root:/bin/bash mainuser:x:1000:1000:mainuser@myhostname,,,:/home/mainuser:/bin/bash
Using an app password
If your Gmail account is secured with two-factor authentication, you need to generate a unique App Password to use in ssmtp.conf
. You can do so on your App Passwords page. Use the generated 16-character password in the AuthPass
line. Spaces in the password can be omitted.
Security
Because your email password is stored as cleartext in /etc/ssmtp/ssmtp.conf
, it is important to secure the file.
Securing ssmtp.conf will ensure that:
- if any users have unprivileged access to your system, they cannot read the file and see your email password, while still letting them send out email
- if your user account is ever compromised, the hacker cannot read the
ssmtp.conf
file, and therefore your email password, unless he gains access to the root account as well
To secure ssmtp.conf
, do this:
Create an ssmtp
group:
# groupadd ssmtp
Set ssmtp.conf group owner to the new ssmtp
group:
# chown :ssmtp /etc/ssmtp/ssmtp.conf
Set the group owner of the ssmtp binary to the new ssmtp
group:
# chown :ssmtp /usr/bin/ssmtp
Make sure only root, and the ssmtp
group can access ssmtp.conf
:
# chmod 640 /etc/ssmtp/ssmtp.conf
Set the SGID bit on the ssmtp binary.
# chmod g+s /usr/bin/ssmtp
Now, all the regular users can still send email using the terminal, but none can read the ssmtp.conf
file.
Sending email
To send email from the terminal, do:
$ echo "this is the body" | mail -s "Subject" username@somedomain.com
or interactively as:
$ mail username@somedomain.com
An alternate method for sending emails is to create a text file and send it with ssmtp or mail
test-mail.txt
To:username@somedomain.com From:youraccount@gmail.com Subject: Test This is a test mail.
Send the test-mail.txt
file
$ mail username@somedomain.com < test-mail.txt
Attachments
If you need to be able to add attachments, install and configure Mutt and Msmtp and then go see the tip at nixcraft.
Alternatively, you can attach using uuencode:
$ uuencode file.txt file.txt | mail user@domain.com