One of the most notorious features of FreeBSD is the inclusion of Sendmail, an ancient SMTP server that has its origins in the early eighties. The complexity of its configuration and the security risk it poses leads to many tutorials to recommend disabling it straight away, by setting sendmail_enable to NO in rc.conf. This setting disables the e-mail reception features, while NONE disables sendmail completely on the system.
This is all well and good for most users, but it also means losing some handy features, namely:
- If we are running a website which delivers e-mail messages, we are limited to PHP-Mailer, which makes it complicated to detect and weed out delivery issues.
- We will not receive useful system messages such as our daily and weekly system check up, or errors generated by our cron jobs.
How can we enjoy all that FreeBSD has to offer without having to read a thousand page book on Sendmail? The answer is SSMTP or Simple SMTP, a drop in Sendmail replacement which simplifies the task of running a proper SMTP server enormously.
First we will disable receiving external messages and stop sendmail.
service sendmail stop
Thereafter we install the SSMTP package:
pkg install ssmtp
Once it’s done, the package message will ask us to change the file /etc/mail/mailer.conf as follows:
sendmail /usr/local/sbin/ssmtp send-mail /usr/local/sbin/ssmtp mailq /usr/local/sbin/ssmtp newaliases /usr/local/sbin/ssmtp hoststat /usr/bin/true purgestat /usr/bin/true
Before we continue, let’s collect the necessary information. SSMTP will connect to another SMTP server to deliver our e-mail, where we should have:
- A user and password for the mail account, in our case [email protected] with password “password”
- The mail server hostname, ie mail.example.com. The mail server doesn’t necessarily have the same domain as your account or your machine.
- Port for delivery, this will vary depending on whether we are sending secure mail via SSL or not.
Since the server we are delivering from will also be included in the headers, it’s a good idea for it to have its own hostname, and for it to have a reverse DNS (also known as PTR record). Let’s assume this machine has as hostname server.example.com.
Armed with this data, we will create the file /usr/local/etc/ssmtp:
cp /usr/local/etc/ssmtp/ssmtp.conf.sample /usr/local/etc/ssmtp/ssmtp.conf
And edit it as follows:
# # /etc/ssmtp.conf -- a config file for sSMTP sendmail. # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. root=root # The place where the mail goes. The actual machine name is required mailhub=mail.example.com:587 # Where will the mail seem to come from? rewriteDomain=example.com # The full hostname hostname=this.example.com # Set this to never rewrite the "From:" line (unless not given) and to # use that address in the "from line" of the envelope. FromLineOverride=YES # Use SSL/TLS to send secure messages to server. UseTLS=YES # Use SSL/TLS certificate to authenticate against smtp host. #UseTLSCert=YES # Use this RSA certificate. #TLSCert=/usr/local/etc/ssmtp/ssmtp.pem # Get enhanced (*really* enhanced) debugging information in the logs # If you want to have debugging of the config file parsing, move this option # to the top of the config file and uncomment Debug=YES # Use these parameters for securely authenticating against your # mailhub; check ssmtp.conf(5) for further details. UseSTARTTLS=YES [email protected] AuthPass=password
The revaliases file contains the mapping of local users to addresses. I have only included root here:
Now we can test our setup by sending ourselves the contents of some file:
sendmail [email protected] < "/etc/motd"
In my configuration file, I have enabled Debug mode. This will show the full e-mail messages in /var/log/maillog. You can use this to troubleshoot delivery issues.
Bonus: daily system reports
If you want to receive the daily and weekly freebsd status e-mails, which inform you in great detail of what’s going on in your server, you have to instruct FreeBSD to forward root email to you. Edit the file /etc/aliases and replace:
Sometime in the night, you will receive an e-mail with these and other informations about your system. This is generated by the periodic crons that you can find in the system cron (/etc/crontab):
Leave a Reply