• Arun Kumar

Send Email From Oracle Linux Server

Getting an email alert from your Linux server is very important when it comes to notifying administrators. Every time a script is executed, its a great ideas to configure you Linux server to send emails. Let's look at the different ways in which you can configure email alerts using SMTP via Gmail.

Note: as we don't have mail server configured on Linux server, we will use gmail to send emails to recipient

Gmail Pre-Requisites for SMTP


We are basically using gmail account (email sender) which will send emails to recipients. For gmail to send emails, we need to make some changes.


Login to your gmail https://myaccount.google.com/u/6/security and and enable 2-factor authentication, if not already done

Once done, we will not generate app password so that we do not have to put our gmail password on Linux server mail configuration files

Select app as Mail

Select device as Other (Custom name), type postfix and click on Generate

You alternate password is ready, you will be using this password going forward to setup email sending from the Linux server

Our gmail account is ready to be used as email sender!



Configure Mail on Linux


There two methods you can use to configure email on Linux server

Use any one method to configure mail on Linux, not both

Method 1: Send Email Using Postfix


Install postfix and other dependent packages

yum install -y postfix mailx cyrus-sasl cyrus-sasl-plain

Start postfix

systemctl enable postfix
systemctl start postfix

Replace sender email and app password before executing below

echo 'smtp.gmail.com <email>:<password>' > /etc/postfix/sasl_passwd

Set the permissions and load the sasl_passwd file

chmod 600 /etc/postfix/sasl_passwd
postmap hash:/etc/postfix/sasl_passwd

Open postfix configuration file and paste below at the end of the file on Oracle Linux

If you using gmail to send emails, just copy paste below
vi /etc/postfix/main.cf

#SMTP Gmail Relay for Oracle Linux
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
relayhost = smtp.gmail.com:587

Only for CentOS, comment smtp_tls_security_level parameter, else email won't work

#smtp_tls_security_level = secure

Restart postfix

systemctl restart postfix

Send test email

echo "Hello" | mail -s "test" <recipient-email>

Verify via below command if email is sent or stuck due to some error

mailq


Method 2: Send Email using Mailx


This method of Linux mail setup does not work with CentOS

Install Mailx package

yum install -y mailx

Edit /etc/mail.rc file and put below SMTP configuration at the end

vi /etc/mail.rc

#smtp settings
set smtp=smtp://smtp.gmail.com:587
set smtp-auth=login
set smtp-auth-user=<sender-gmail-address>
set smtp-auth-password=<sender-gmail-password>
set smtp-use-starttls
set nss-config-dir=/etc/mail_certs
set ssl-verify=ignore

We need to setup SSL certificate so that gmail knows that emails are being sent from a trusted source. Create a certificate directory then create new certificate and key databases

mkdir /etc/mail_certs
certutil -N -d /etc/mail_certs        --> give password

Copy the cert chain for smtp.google.com:465 over to my_certs file (CTRL + C to end)

openssl s_client -showcerts -connect smtp.gmail.com:465 > /etc/mail_certs/my_certs

Open my_certs file and you will see three certs starting with --BEGIN CERTIFICATE-- and --END CERTIFICATE--

cat /etc/mail_certs/my_certs

Copy the google cert (usually the first one) into a new file

vi /etc/mail_certs/google            --> save & close

Copy the geotrust cert (usually the second one) into a new file

vi /etc/mail_certs/geotrust          --> save & close

Copy the equifax cert (usually the third one) into a new file

vi /etc/mail_certs/equifax           --> save & close

Start importing the google cert

certutil -A -n "Google Internet Authority" -t "TC,," -d /etc/mail_certs -i /etc/mail_certs/google

Start importing the geotrust cert

certutil -A -n "GeoTrust Global CA" -t "TC,," -d /etc/mail_certs -i /etc/mail_certs/geotrust

Start importing the equifax cert

certutil -A -n "Equifax Secure Certificate Authority" -t "TCP,," -d /etc/mail_certs -i /etc/mail_certs/equifax

Verify if certs are imported properly

certutil -L -d /etc/mail_certs
The next step is crucial as this will allow other users on Linux server to send email

Give permissions on mail_certs so that other users on Linux server can send emails

chmod -R 755 /etc/mail_certs/*

Send test email

echo "Your message" | mail -s "Subject" <recipient-email>

Enjoy!

88 views

Recent Posts

See All