Configure mailx to Relay via a Google SMTP Server
Internal
Overview
This article describes how to configure mailx to send command-line e-mail by relay-ing it via the Google SMTP server.
Create a Dedicated User
This step is optional, but it is a good idea to use a separate "service" account to send service e-mails. The remaining of the example assumes a "service@novaordis.com" was created and it is operational.
Important If the service account was specifically created for this job, you will need to log in at least one time via the web interface (to accept terms and conditions and possibly to change the password), otherwise sending e-mails will fail with "Please log in via your web browser and then try again."
Configure GMail to Accept Relaying
It is possible to send the e-mail via Google SMTP servers using two configurations: configuring the SMTP relay service and configuring "Google Apps SMTP settings to send mail from a printer, scanner, or app"
SMTP Relay Service
- Google documentation: SMTP relay service setting https://support.google.com/a/answer/2956491?hl=en
- Troubleshooting: https://support.google.com/a/answer/6140680#maildenied%20ck3sm4780366igb.6
The relay server that requires TLS encryption is smtp-relay.gmail.com:587.
Individual Application SMTP Settings
- Google documentation: Google Apps SMTP settings to send mail from a printer, scanner, or app: https://support.google.com/a/answer/176600?hl=en
TODO unfinished, not working.
First, you will need to make sure mailx has access to a valid Google certificate in an NSS certificate database. Firefox usually has it in its profile directory, but it is a good idea to initialize a private certificate database for mailx.
This page explains how to do that:
This page explains how to "re-use" Firefox Mozilla certificate database:
Assuming you provision root GMail SMTP access, move the certs directory created at the previous step under ~root as follows:
mv .../certs ~root/.certs
Configure /etc/mail.rc as follows:
... account gmail { set smtp-use-starttls set smtp-auth=login set smtp=smtps://smtp.gmail.com:587 set from="root@now510" set smtp-auth-user=your.smtp.user@gmail.com set smtp-auth-password=your.pass set ssl-verify=ignore set nss-config-dir=/root/.certs }
TODO: try a per-user mail.rc that is read restricted because it contains sensitive credentials.
Test:
echo "mailx e-mail" | mailx -v -A gmail -s "test" somebody@example.com
Deplete:
- http://www.systutorials.com/1411/sending-email-from-mailx-command-in-linux-using-gmails-smtp/
- http://stackoverflow.com/questions/16799407/mailx-and-gmail-nss-config-dir
- http://serverfault.com/questions/498588/smtp-gmail-com-from-bash-gives-error-in-certificate-peers-certificate-issuer
- http://www.systutorials.com/1411/sending-email-from-mailx-command-in-linux-using-gmails-smtp/
- http://serverfault.com/questions/498588/smtp-gmail-com-from-bash-gives-error-in-certificate-peers-certificate-issuer
Next:
- Clarify mail on now510: be able to send mail and test how does cron reacts to it (success or failure). Document -> [1], understand the nss business.