Difference between revisions of "Emailing"

From wiki
Jump to: navigation, search
(Introduction)
Line 1: Line 1:
 
= Introduction =
 
= Introduction =
  
This is mainly about emailing users when their jobs are finished.
+
Miracle done by Joe, Jan 2019.
  
Only an easy workable solution is presented and it relies on gmail servers and having a special gmail address.
+
Need to set the command used for email for each node usin g
 +
qconf -mconf nodeX
  
On the frontend, first focus on the followinng file:
+
in this case we want the mailer to be /usr/sbin/ssmtp
/etc/postfix/main.cf
 
  
Look for the '''relayhost''' parameter. We will set it as follows:
+
Then rolled out the following config to all of the nodes:
  
  relayhost = [smtp.gmail.com]:587
+
  #
 
+
# /etc/ssmtp.conf -- a config file for sSMTP sendmail.
This means that postfix will outsource most of the email subtasks to gmail's servers. Though this may sound easy, it also means one must comply with gmail rules which can be quite stringent (i.e. require more work in setting up) in terms of security. Something to get right is TLS and SASL.
+
#
 
+
# See the ssmtp.conf(5) man page for a more verbose explanation of the
For TLS, first of all let's get a good certificate. One that works is:
+
# available options.
  Equifax_Secure_CA.pem
+
#
 
+
Which may be found in
+
# The person who gets all mail for userids < 500
  /etc/ssl/certs
+
# Make this empty to disable rewriting.
 
+
root=marvin-mail@st-andrews.ac.uk
We can copy it over into a new name to create
+
  /etc/postfix/cacert.pem
+
# The place where the mail goes. The actual machine name is required
 
+
  # no MX records are consulted. Commonly mailhosts are named mail.domain.com
Then we want to get the following lines into '''main.cf''':
+
# The example will fit if you are in domain.com and your mailhub is so named.
  smtp_use_tls = yes
+
  mailhub=mailhost.st-andrews.ac.uk
  smtp_tls_CAfile = /etc/postfix/cacert.pem
+
 
+
# Example for SMTP port number 2525
Now for SASL. We need to create a file called
+
  # mailhub=mail.your.domain:2525
  sasl_passwd
+
# Example for SMTP port number 25 (Standard/RFC)
 
+
# mailhub=mail.your.domain       
put all the gmail user and password details. I.e.
+
  # Example for SSL encrypted connection
  [smtp.gmail.com]:587 <gmail_address> <password>
+
  # mailhub=mail.your.domain:465
 
+
A hash of this must be generated. Postfix has its own hasher, so it can be done as follows:
+
# Where will the mail seem to come from?
  postmap sasl_passwd
+
#RewriteDomain=
 
+
   
You should get a new file called
+
# The full hostname
  sasl_passwd.db
+
Hostname=marvin.st-andrews.ac.uk
 
+
after this operation.
+
  # Set this to never rewrite the "From:" line (unless not given) and to
 
+
# use that address in the "from line" of the envelope.
Now '''main.cf''' needs to be told about all of this , so the following shoudl be included.
+
FromLineOverride=YES
 
+
  smtp_sasl_auth_enable = yes  
+
# Use SSL/TLS to send secure messages to server.
  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+
UseTLS=YES
smtp_sasl_security_options = noanonymous
+
UseSTARTTLSCert=YES
 
+
  # added PT 201809
This should get you most of the way there.
+
UseSTARTTLS=YES
 +
 +
  # Use SSL/TLS certificate to authenticate against smtp host.
 +
#UseTLSCert=YES
 +
# Use this RSA certificate.
 +
#TLSCert=/etc/pki/tls/private/ssmtp.pem
 +
 +
# Get enhanced (*really* enhanced) debugging information in the logs
 +
# If you want to have debugging of the config file parsing, move this option
 +
# to the top of the config file and uncomment
 +
#Debug=YES
 +
#AuthUser=
 +
  #AuthPass=
 +
 +
# Email 'from headers can override the defaul domain?
 +
FromLineOverride=yes  
 +
   
 +
# added cert PT 2018 0928
 +
TLS_CA_FILE=/etc/pki/tls/certs/ca-bundle.crt

Revision as of 14:44, 4 January 2019

Introduction

Miracle done by Joe, Jan 2019.

Need to set the command used for email for each node usin g

qconf -mconf nodeX

in this case we want the mailer to be /usr/sbin/ssmtp

Then rolled out the following config to all of the nodes:

#
# /etc/ssmtp.conf -- a config file for sSMTP sendmail.
#
# See the ssmtp.conf(5) man page for a more verbose explanation of the
# available options.
# 

# The person who gets all mail for userids < 500
# Make this empty to disable rewriting.
root=marvin-mail@st-andrews.ac.uk 

# The place where the mail goes. The actual machine name is required
# no MX records are consulted. Commonly mailhosts are named mail.domain.com
# The example will fit if you are in domain.com and your mailhub is so named.
mailhub=mailhost.st-andrews.ac.uk

# Example for SMTP port number 2525
# mailhub=mail.your.domain:2525
# Example for SMTP port number 25 (Standard/RFC)
# mailhub=mail.your.domain        
# Example for SSL encrypted connection
# mailhub=mail.your.domain:465

# Where will the mail seem to come from?
#RewriteDomain=

# The full hostname
Hostname=marvin.st-andrews.ac.uk

# Set this to never rewrite the "From:" line (unless not given) and to
# use that address in the "from line" of the envelope.
FromLineOverride=YES

# Use SSL/TLS to send secure messages to server.
UseTLS=YES
UseSTARTTLSCert=YES
# added PT 201809
UseSTARTTLS=YES 

# Use SSL/TLS certificate to authenticate against smtp host.
#UseTLSCert=YES
# Use this RSA certificate.
#TLSCert=/etc/pki/tls/private/ssmtp.pem 

# Get enhanced (*really* enhanced) debugging information in the logs
# If you want to have debugging of the config file parsing, move this option
# to the top of the config file and uncomment
#Debug=YES
#AuthUser=
#AuthPass=

# Email 'from headers can override the defaul domain?
FromLineOverride=yes 

# added cert PT 2018 0928
TLS_CA_FILE=/etc/pki/tls/certs/ca-bundle.crt