ssmtp & remote auth

[keschrich]

I'm trying to set up ssmtp so that I can send mail from my pda when I sync it, and everything is set up and working except for one problem: my remote smtp server requires that I authenticate myself.

Since I see no other way to authenticate with ssmtp in the config file, only through the command line, I tried doing this: I deleted /usr/sbin/sendmail, which was a link to /usr/sbin/ssmtp, and replaced it with the followig script:

Code: Select all

/usr/sbin/ssmtp -au username -ap pass $*

but when I watch the system log as I'm syncing, it still comes up saying that relaying is denyed.. I did try sending a message just from the command line using my name and pass, and it did work fine. Anybody know why this isn't working, or know of anything else I can do?

[wibblefrog]

If ssmtp is anything like sendmail relaying is denied by default. As such you need to allow it. BUT only allow it for machines you want to relay NOT all machines, otherwise you may be used as a spam source. The info for it should be available on the appropriate website.

Again just looking at this from a sendmail perspective.

[FTC]

Hi,

You just need to edit /etc/mailer.conf like this:

Code: Select all

#       $OpenBSD: mailer.conf,v 1.3 2000/04/06 18:24:19 millert Exp $
#
# Execute the "real" sendmail program from ssmtp,
# named /usr/sbin/ssmtp
#
sendmail        /usr/sbin/ssmtp -au USER -ap PASSWORD
send-mail       /usr/sbin/ssmtp -au USER -ap PASSWORD
mailq           /usr/sbin/ssmtp
newaliases      /usr/sbin/ssmtp

[reeder]

Hi,

You just need to edit /etc/mailer.conf like this:

Code: Select all

#       $OpenBSD: mailer.conf,v 1.3 2000/04/06 18:24:19 millert Exp $
#
# Execute the "real" sendmail program from ssmtp,
# named /usr/sbin/ssmtp
#
sendmail        /usr/sbin/ssmtp -au USER -ap PASSWORD
send-mail       /usr/sbin/ssmtp -au USER -ap PASSWORD
mailq           /usr/sbin/ssmtp
newaliases      /usr/sbin/ssmtp

The unstated assumption is that mailwrapper is installed. It wasn't installed on my system.

And when I installed mailwrapper (0.2) it created (and reads) /etc/mail/mailer.conf, not /etc/mailer.conf. Otherwise, your solution works just fine.

One last nit, /etc/mail/mailer.conf is world readable, so the password is there in the clear. :-(

-- William

[reeder]

Scenario: personal system with a few cron jobs that might send email (as cronjobs are often want to do). I want such email to show up in my normal email account at my ISP, but they require authentication (login/password) to send email. My normal email client works fine (it is easy to configure), but how do I get cron (in my case it's vixie-cron) to send the email?

As described in previous postings in this thread, using the combo of ssmtp and mailwrap you can pass a username and password to the remote MTA by modifying /etc/mail/mailer.conf. Unfortunately, this file is world readable because it is read by mailwrap (/usr/sbin/sendmail) and because mailwrap is running with an effective uid of potentially any user.

My solution to this world readable file was to make it not world readable and to make mailwrap setgid.

I added a new group to /etc/group:

Code: Select all

mailwrap:x:101:

I then put both /usr/sbin/sendmail and /etc/mail/mailer.conf in that group:

Code: Select all

# chgrp mailwrap /usr/sbin/sendmail /etc/mail/mailer.conf

Finally, I adjusted the permissions on /usr/sbin/sendmail and /etc/mail/mailer.conf:

Code: Select all

# chmod g+s /usr/sbin/sendmail
# chmod 640 /etc/mail/mailer.conf

Cron and other apps can still send email by feeding them into /usr/lib/sendmail, but users cannot see the login/password info in /etc/mail/mailer.conf.

Is this perfect? No. For one thing, my login and password are on the command line for ssmtp where they can be seen by ps(1). This may also interfere with mail clients which invoke sendmail for delivery and want to pass their own -au and -ap parameters. But for a single user system with a mail client like mozilla or thunderbird (or any with a built in smtp capabilities) it might work.

YMMV,
-- William

PS. You'll need to edit /etc/ssmtp/ssmtp.conf for some basic ssmtp configuration. The comments help you do it. To test, create a file named "test.msg" with something like this:

Code: Select all

Subject: test

testing, 1, 2, 3.

And pipe that into sendmail like so (as a normal user):

Code: Select all

% cat test.msg | /usr/lib/sendmail myemail@my.isp

Of course, replace "myemail@my.isp" with your real email address. -- WPR

[hobo2]

how do you specify in the cron job output the "To:" account where the output should be sent?

I got the manual cat test.msg to email just fine, only my cron jobs are being sent according to logs but are not received in my isp email account

[reeder]

how do you specify in the cron job output the "To:" account where the output should be sent?

I got the manual cat test.msg to email just fine, only my cron jobs are being sent according to logs but are not received in my isp email account

In vixie-cron the crontab files can include environment variables as well as lines defining cronjobs. One such variable is MAILTO. As it says in the man page (man 5 crontab), if MAILTO is defined and non-empty mail is sent to the user named. If MAILTO is defined but empty (MAILTO="") then no mail is sent. If MAILTO is missing then mail is sent to the owner of the crontab.

My guess is that you don't have the MAILTO variable defined so the cron daemon is sending email to the local user which owns the crontab and this is probably failing. So add MAILTO="joe@foo.bar" to your crontab. Another alternative is to use a mailer which does aliases or processes .forward files and handle the redirection to an internet style email address there.

For more information read the man pages for cron(8), crontab(1), and crontab(5).

-- William

[hobo2]

I use fcron and it emails me the "header" from the log, as in the output from any job I schedule and it does this without any environment variables

what I was wondering is how to also have it email me the log it creates?

[reeder]

I use fcron and it emails me the "header" from the log, as in the output from any job I schedule and it does this without any environment variables

what I was wondering is how to also have it email me the log it creates?

I don't understand what you are describing and/or wanting. Your use of the word "header" makes it should like you're getting some sort of output (emailed to your ISP account?) but not what you want, or not all of it. Your use of "log" confuses me even more.

In my experience crons of various flavors (note: I've never used fcron) will send no email if the job produces no output and exits with a status of zero. Each cron daemon probably has its own way of configuring it to customize how and when and to where it sends email. I would recommend reading the manual pages for your version of cron (fcron) as well as looking for info pages and other documentation (in /usr/share/doc or on the homepage of the source package).

Also, it is possible to pipe the output (including redirection of multiple file descriptors) of a cron job into mail in exactly the same way that you would pipe the output of any program into mail. For example:

Code: Select all

foo 2>&1 | /usr/sbin/sendmail me@isp.net

Good luck,
-- William