{"id":97714,"date":"2019-08-02T08:00:22","date_gmt":"2019-08-02T08:00:22","guid":{"rendered":"https:\/\/fedoramagazine.org\/?p=28960"},"modified":"2019-08-02T08:00:22","modified_gmt":"2019-08-02T08:00:22","slug":"use-postfix-to-get-email-from-your-fedora-system","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2019\/08\/02\/use-postfix-to-get-email-from-your-fedora-system\/","title":{"rendered":"Use Postfix to get email from your Fedora system"},"content":{"rendered":"

Communication is key. Your computer might be trying to tell you something important. But if your mail transport agent (MTA<\/a>) isn’t properly configured, you might not be getting the notifications. Postfix is a MTA that’s easy to configure and known for a strong security record<\/a>. Follow these steps to ensure that email notifications sent from local services will get routed to your internet email account through the Postfix MTA.<\/p>\n

<\/span> <\/p>\n

Install packages<\/h2>\n

Use dnf <\/em>to install the required packages (you configured <\/a>sudo<\/a><\/em>, right?<\/a>):<\/p>\n

$ sudo -i\n# dnf install postfix mailx<\/pre>\n
If you previously had a different MTA configured, you may need to set Postfix to be the system default. Use the alternatives<\/em> command to set your system default MTA:<\/p>\n
$ sudo alternatives --config mta<\/strong>\nThere are 2 programs which provide 'mta'. Selection Command\n*+ 1 \/usr\/sbin\/sendmail.sendmail 2 \/usr\/sbin\/sendmail.postfix\nEnter to keep the current selection[+], or type selection number: 2<\/pre>\n
Create a password_maps<\/em> file<\/h2>\n
You will need to create a Postfix lookup table entry containing the email address and password of the account that you want to use to for sending email:<\/p>\n
# MY_EMAIL_ADDRESS=glb@gmail.com\n# MY_EMAIL_PASSWORD=abcdefghijklmnop\n# MY_SMTP_SERVER=smtp.gmail.com\n# MY_SMTP_SERVER_PORT=587\n# echo \"[$MY_SMTP_SERVER]:$MY_SMTP_SERVER_PORT $MY_EMAIL_ADDRESS:$MY_EMAIL_PASSWORD\" >> \/etc\/postfix\/password_maps\n# chmod 600 \/etc\/postfix\/password_maps\n# unset MY_EMAIL_PASSWORD\n# history -c<\/pre>\n
If you are using a Gmail account, you’ll need to configure an “app password” for Postfix, rather than using your gmail password. See “Sign in using App Passwords<\/a>” for instructions on configuring an app password.<\/p>\n
Next, you must run the postmap<\/em> command against the Postfix lookup table to create or update the hashed version of the file that Postfix actually uses:<\/p>\n
# postmap \/etc\/postfix\/password_maps<\/pre>\n
The hashed version will have the same file name but it will be suffixed with .db<\/em>.<\/p>\n
Update the main.cf<\/em> file<\/h2>\n
Update Postfix’s main.cf<\/em> configuration file to reference the Postfix lookup table you just created. Edit the file and add these lines.<\/p>\n
relayhost = smtp.gmail.com:587\nsmtp_tls_security_level = verify\nsmtp_tls_mandatory_ciphers = high\nsmtp_tls_verify_cert_match = hostname\nsmtp_sasl_auth_enable = yes\nsmtp_sasl_security_options = noanonymous\nsmtp_sasl_password_maps = hash:\/etc\/postfix\/password_maps<\/pre>\n
The example assumes you’re using Gmail for the relayhost<\/em> setting, but you can substitute the correct hostname and port for the mail host to which your system should hand off mail for sending.<\/p>\n
For the most up-to-date details about the above configuration options, see the man page:<\/p>\n
$ man postconf.5<\/pre>\n
Enable, start, and test Postfix<\/h2>\n
After you have updated the main.cf file, enable and start the Postfix service:<\/p>\n
# systemctl enable --now postfix.service<\/pre>\n
You can then exit your sudo<\/em> session as root using the exit<\/em> command or Ctrl+D<\/strong>. You should now be able to test your configuration with the mail<\/em> command:<\/p>\n
$ echo 'It worked!' | mail -s \"Test: $(date)\" glb@gmail.com<\/pre>\n
Update services<\/h2>\n
If you have services like logwatch<\/a>, mdadm<\/a>, fail2ban<\/a>, apcupsd<\/a> or certwatch<\/a> installed, you can now update their configurations so that their email notifications will go to your internet email address.<\/p>\n
Optionally, you may want to configure all email that is sent to your local system’s root account to go to your internet email address. Add this line to the \/etc\/aliases<\/em> file on your system (you’ll need to use sudo<\/em> to edit this file, or switch to the root<\/em> account first):<\/p>\n
root: glb+root@gmail.com<\/pre>\n
Now run this command to re-read the aliases:<\/p>\n
# newaliases<\/pre>\n