Now that the brand-new Linux server has been installed it is a good idea to enable it to send emails to its admin in case anything goes wrong. In this post the installation and configuration of nullmailer on a Debian or Raspbian Linux is discussed.
To enable mailing on Linux a mail transfer agent (MTA) has to be installed an configured. There are MTAs that enable the server to act as a full-fledged mailserver, but this is a bit of an overkill when all one wants to do is enable mailing.
In this example nullmailer is used as an MTA. There is also another alternative ssmtp, however it has been orphaned so this is used as an alternative.
Installation is trivial, as packages are provided. From a root terminal this boils down to running the command:
# apt install nullmailer
After installation is finished, the package asks for a configuration. The recommendation is to go with the defaults as the configuration files will be edited later on anyhow. There are basically two files that need to be edited: the first is /etc/nullmailer/remotes, the second is /etc/nullmailer/adminaddr.
The first specifies which SMTP Server is used to send the mail. Also the way of authorization needed is specified here. The file is fairly simple: on one line the server, the protocol and the options are specified. The example for a Gmail address is shown below:
smtp.gmail.com smtp --port=465 --email@example.com --pass=PASSWORD --ssl
Please note that there are more than one way of how to authorize or establish an encrypted connection. The possible options are listed when executing the following as root:
# /usr/lib/nullmailer/smtp --help usage: smtp [flags] remote-address < mail-file Send an email message via SMTP -p, --port=INT Set the port number on the remote host to connect to --user=VALUE Set the user name for authentication --pass=VALUE Set the password for authentication -d, --daemon use syslog exclusively -s, --syslog use syslog additionally --auth-login Use AUTH LOGIN instead of auto-detecting in SMTP --ssl Connect using SSL (on an alternate port by default) --starttls Use STARTTLS command --x509certfile=VALUE Client certificate file --x509cafile=VALUE Certificate authority trust file (Defaults to /etc/ssl/certs/ca-certificates.crt) --x509crlfile=VALUE Certificate revocation list file --x509fmtder X.509 files are in DER format (Defaults to PEM format) --insecure Don't abort if server certificate fails validation -h, --help Display this help and exit
The second file to edit is /etc/nullmailer/adminaddr. This is fairly simple as it should contain the destination email address everything should sent to which would be sent to root.
It is also important to enable the nullmailer deamon to make sure it gets started upon reboot. This is done by the command:
# systemctl enable nullmailer
Testing and Troubleshooting
To check if it works run the following command:
# echo "Hello from my Linux box" | sendmail firstname.lastname@example.org
This will send a mail to email@example.com. The log file /var/log/mail.err is used for documenting the errors. Nullmailer uses a queue, so when sending fails it is retried automatically. The queue can be inspected using the
A recommendation is to make sure the settings are correct by using this address from a well-know mail client of your choice.
Error from Gmail
It is possible that using a Gmail address fails with a similar log message like this:
May 20 19:48:37 my-linux-box nullmailer: smtp: Failed: 534-5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=<some_long_stuff> Please#012534-5.7.14 log in via your web browser and then try again.#012534-5.7.14 Learn more at#012534 5.7.14 https://support.google.com/mail/answer/78754 q16sm817461wmj.17 - gsmtp May 20 19:48:37 my-linux-box nullmailer: Sending failed: Permanent error in sending the message
When looking at the site https://support.google.com/mail/answer/78754 it can help to display the unlock captcha and then the sending from the server works as it retries automatically, because outgoing messages are queued.