Setup postfix mail server to use external SMTP with authorization
In order to be aware of everything what happens on the server (in addition to monitoring) it is useful to follow the standard emails that are sent by various server services to root. I will tell you how to set up email sending through a standard postfix with authorization on a third-party SMTP server.
This guide will be also useful for sending email through the linux console with SMTP authorization.
By default the minimal installation of the CentOS 7 distribution kit already includes the postfix mail server. I will use it. Standard server settings do not provide normal options for sending mail. Let’s do some extra steps.
It is convenient when mail addressed to the local root was sent via an external mail server to the selected mailbox. If this is not done, then it will be locally added to the /var/spool/mail/root file. There may be urgent, important and useful information that you would not want to miss. Let’s set up sending this mail to an external GMail mailbox:
yum install mailx cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain
Edit file /etc/postfix/main.cf and add correct server settings:
## DEFAULT CONFIG BEGIN ###################### queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix mail_owner = postfix inet_interfaces = localhost inet_protocols = all unknown_local_recipient_reject_code = 550 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = no manpage_directory = /usr/share/man sample_directory = /usr/share/doc/postfix-2.10.1/samples readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES ## DEFAULT CONFIG END ###################### # Server name by command hostname myhostname = ChangeIT # Here you need to leave only the domain, but in this case it is better to leave the full server name, so that the sender includes the full server name, so it is more convenient to parse the service messages mydomain = ChangIT.local mydestination = $myhostname myorigin = $mydomain # External SMTP server address relayhost = smtp.gmail.com:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_generic_maps = hash:/etc/postfix/generic smtp_sasl_security_options = noanonymous smtp_tls_security_level = may
Edit file /etc/postfix/generic:
and add correct string [email protected] at the end:
Create a file with user name and password for authorization:
smtp.gmail.com:587 [email protected]:YOURPASSWORD
Create a database file:
systemctl restart postfix
Open standard root aliases located in /etc/aliases, add an external address to which mail addressed to root will be duplicated. To do this, edit the specified file, change the last line:
root: root,[email protected]
Send test email to any address, it should come from [email protected]:
df -h | mail -s "Disk usage" [email protected]
Check email 🙂
Now all emails addressed to the local root, for example reports from cron, will be duplicated to an external mailbox, and sent via an external mail server with authorization. Your emails will be delivered normally, not getting into spam. Now it is convenient to use local sending in scripts, without setting additional parameters. Everything is already configured, you can use a simple local delivery (just end it to root).
If you need to debug mail settings, open mail log:
tail -n 10 /var/log/maillog