Setup Simple E‑Mail on Linux

Now that the brand-new Lin­ux serv­er has been installed it is a good idea to enable it to send emails to its admin in case any­thing goes wrong. In this post the instal­la­tion and con­fig­u­ra­tion of null­mail­er on a Debian or Rasp­bian Lin­ux is discussed.

To enable mail­ing on Lin­ux a mail trans­fer agent (MTA) has to be installed an con­fig­ured. There are MTAs that enable the serv­er to act as a full-fledged mailserv­er, but this is a bit of an overkill when all one wants to do is enable mailing.

In this exam­ple null­mail­er is used as an MTA. There is also anoth­er alter­na­tive ssmtp, how­ev­er it has been orphaned so this is used as an alternative.

Installation

Instal­la­tion is triv­ial, as pack­ages are pro­vid­ed. From a root ter­mi­nal this boils down to run­ning the command:

# apt install nullmailer

Configuration

After instal­la­tion is fin­ished, the pack­age asks for a con­fig­u­ra­tion. The rec­om­men­da­tion is to go with the defaults as the con­fig­u­ra­tion files will be edit­ed lat­er on any­how. There are basi­cal­ly two files that need to be edit­ed: the first is /etc/nullmailer/remotes, the sec­ond is /etc/nullmailer/adminaddr.

The first spec­i­fies which SMTP Serv­er is used to send the mail. Also the way of autho­riza­tion need­ed is spec­i­fied here. The file is fair­ly sim­ple: on one line the serv­er, the pro­to­col and the options are spec­i­fied. The exam­ple for a Gmail address is shown below:

smtp.gmail.com smtp --port=465 --user=my.email@gmail.com --pass=PASSWORD --ssl

Please note that there are more than one way of how to autho­rize or estab­lish an encrypt­ed con­nec­tion. The pos­si­ble options are list­ed when exe­cut­ing the fol­low­ing as root:

# /usr/lib/nullmailer/smtp --help
usage: smtp [flags] remote-address < mail-file
Send an email message via SMTP
  -p, --port=INT            Set the port number on the remote host to connect to
      --user=VALUE          Set the user name for authentication
      --pass=VALUE          Set the password for authentication
  -d, --daemon              use syslog exclusively 
  -s, --syslog              use syslog additionally
      --auth-login          Use AUTH LOGIN instead of auto-detecting in SMTP
      --ssl                 Connect using SSL (on an alternate port by default)
      --starttls            Use STARTTLS command
      --x509certfile=VALUE  Client certificate file
      --x509cafile=VALUE    Certificate authority trust file
                            (Defaults to /etc/ssl/certs/ca-certificates.crt)
      --x509crlfile=VALUE   Certificate revocation list file
      --x509fmtder          X.509 files are in DER format
                            (Defaults to PEM format)
      --insecure            Don't abort if server certificate fails validation

  -h, --help                Display this help and exit

The sec­ond file to edit is /etc/nullmailer/adminaddr. This is fair­ly sim­ple as it should con­tain the des­ti­na­tion email address every­thing should sent to which would be sent to root.

It is also impor­tant to enable the null­mail­er dea­mon to make sure it gets start­ed upon reboot. This is done by the command:

# systemctl enable nullmailer

Testing and Troubleshooting

To check if it works run the fol­low­ing command:

# echo "Hello from my Linux box" | sendmail your.email.address@domain.com

This will send a mail to your.email.address@domain.com. The log file /var/log/mail.err is used for doc­u­ment­ing the errors. Null­mail­er uses a queue, so when send­ing fails it is retried auto­mat­i­cal­ly. The queue can be inspect­ed using the mailq command.

A rec­om­men­da­tion is to make sure the set­tings are cor­rect by using this address from a well-know mail client of your choice.

Error from Gmail

It is pos­si­ble that using a Gmail address fails with a sim­i­lar log mes­sage like this:

May 20 19:48:37 my-linux-box nullmailer[6756]: smtp: Failed: 534-5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=<some_long_stuff> Please#012534-5.7.14 log in via your web browser and then try again.#012534-5.7.14  Learn more at#012534 5.7.14  https://support.google.com/mail/answer/78754 q16sm817461wmj.17 - gsmtp
May 20 19:48:37 my-linux-box nullmailer[5467]: Sending failed:  Permanent error in sending the message

When look­ing at the site https://support.google.com/mail/answer/78754 it can help to dis­play the unlock captcha and then the send­ing from the serv­er works as it retries auto­mat­i­cal­ly, because out­go­ing mes­sages are queued.