msmtp, esmtp? Postfix is a bit more complex than I'd like

Jump to latest Follow Reply
K

koala

Ars Tribunus Angusticlavius
7,579
  • #1
    So I've had Postfix set up for a while on all my hosts to forward root email, notifications, that kind of thing. I've had it relaying email directly and via SES at different times.

    But the configuration is a bit more complex than I'd like (e.g. I have Debian 12, EL8 and EL9 devices, and my manifests require handling those cases). Last time I looked, I believe msmtp/esmtp were not available yet for EL9, but it seems they are now.

    Any endorsement of either or something else? Now I'd set up everything to relay through SES.

    My aspiration is to have a simple Puppet manifest that can set up email for all three distros without too many conditionals.
     
    W

    wobblytickle

    Ars Praetorian
    596
  • #2
    forgive my ignorance, I've not dabbled over in rhel-land for a long time but how are they going to differ significantly from debian-ish distros beyond the packages themselves? you'll still end up with a main.cf and friends where you have to do the same work and that shouldn't be too different?

    I do still run my own mail via postfix (with dkim too) but literally only MX and mailboxes; no longer for any of my hosts. The hoops to jump through to talk to the internet just aren't worth it which brings me I suppose to my question:

    anything where I'm relying on something dumping a message in root's mail then I'm doing it wrong? if it's log-related I would be forwarding logs, if it's notification related I would be using some monitoring solution?
     
    K

    koala

    Ars Tribunus Angusticlavius
    7,579
  • #3
    It's subtle things. Package names are different, the sasl package (optional dep) is differently-named too. Certs for the hosts work slightly differently. Nothing serious, but going with something simpler would be nice. I was just lazy to port my manifests and test them out, thought msmtp/esmtp would be simpler.

    As for use, I like that cron notifies me when a cron job fails. Sometimes it's nice to do ; mail -s 'job result $?' me </dev/null- I could send a notification for other means, but... And I also have Nagios sending me emails for alerts.

    It's worked decently so far.
     
    • Like
    Reactions: wobblytickle
    K

    koala

    Ars Tribunus Angusticlavius
    7,579
  • #4
    OK, after testing this for a while...

    esmtp does not seem apt for system mail. It doesn't do aliases, etc.

    msmtp works better, but with a blocker when using AWS SES. It doesn't rewrite the "To:" header when it's using an alias, and AWS SES rejects mails with "To: root" and similar stuff. It's a shame, because otherwise minimal configuration:

    Code: 
    defaults
tls on
tls_starttls on
tls_trust_file system
syslog on

account default
host email-smtp.eu-xxxxx.amazonaws.com
port 587
auth on
user ...
password ...
from address@domain
allow_from_override off

aliases /etc/aliases

    works flawlessly. There don't seem to be many more lightweight MTAs packaged for EL8 and EL9, so I think I'll have to do Postfix as usual...
     
    K

    koala

    Ars Tribunus Angusticlavius
    7,579
  • #5
    Ugh. Failing at read comprehension. undisclosed_recipients on purges the To: header, which makes SES happy.

    I like it. Mail delivery without a daemon, only /usr/sbin/sendmail.

    Need to make further tests, though...

    edit: set_from_header on must also be set for AWS SES. Don't like this either, but... the allure of simple mail delivery...
     
    • Like
    Reactions: wobblytickle
    You must log in or register to reply here.
    Jump to latest Follow Reply
    Jump to latest Follow Reply