ssmtp to handle your PBX’s e-mail

Here’s a simple how-to for processing the mail your Asterisk server generates, without running a full mail-transfer agent (MTA) like sendmail or postfix.

First, two assertions:

  • You need to deal with mail, even if you aren’t using Asterisk’s voicemail-attached-to-e-mail feature, because your system daemons like cron are generating mail that you may want to read.
  • Running a mail daemon of any kind is a waste of resources when all you really want to do is get the mail off your Asterisk server to some other server for processing.

In the past, a Linux admin would enable sendmail, set the domain name and basically be done. Mail would work on port 25, everyone would accept everyone else’s mail, and life was good. Then spammers ruined our lives and we have to use strange ports, domain validation and a bunch of other things to make ourselves an official mail server. That’s too much work, especially for a box that’s supposed to be a PBX, not a mail system. And if you’re on a residential Internet connection, forget it–you’re probably in every blacklist.

Enter ssmtp, the simple SMTP sender. We’ll use it to send both Internet e-mail, such as might be produced by Asterisk’s voicemail system, and local root-type mail (e.g. cron alerts) through a legitimate SMTP server. It does not run as a system daemon, only on-demand when something on the server generates e-mail. And it’s simple to set up.

Setup

  • Get the source: http://packages.debian.org/source/sid/ssmtp . The file you want is the orig.tar.bz2 file.
  • tar jxvf ssmtp_(version).orig.tar.bz2 to expand it.
  • ./configure --enable-ssl (if the build fails later, yum install openssl-devel [CentOS/RedHat] to get the necessary SSL libraries)
  • make then make install, as root. On a fresh install, sample configurations are installed in /usr/local/etc/ssmtp/. The program is in /usr/local/sbin/.
  • Edit /usr/local/etc/ssmtp/ssmtp.conf. For a basic configuration that will send all locally-addressed mail to a single address, and Internet-addressed mail to the appropriate address, this is all you need:
    # The person who gets all mail for userids < 1000 root=mailbox@example.com # The place where the mail goes. The actual machine name is required # no MX records are consulted. Commonly mailhosts are named mail.domain.com mailhub=smtp.gmail.com:587 # The full hostname hostname=asteriskbox.example.com fromlineoverride=yes authuser=USERNAME authpass=PASSWORD useTLS=yes useSTARTTLS=yes authmethod=LOGIN 

    This example configuration, as you can guess, is for a Gmail account, and will also work with a Google Apps account. Since so many folks use Gmail, you could just cut and paste this, replacing the hostname and credentials with your own. If you are using a different SMTP server, adjust as necessary. With Gmail, the fromlineoverride won’t work–Gmail uses your Gmail address as the From. But it may work on other servers, especially if you are running your own mail server on a different box and send your mail to that.

  • Finally, get rid of sendmail and link to ssmtp in its place. yum erase sendmail will get rid of it from CentOS. Then ln -s /usr/local/sbin/ssmtp /usr/sbin/sendmail to trick your programs into believing sendmail is there, while ssmtp runs instead.

Test it out

You can install mailx with yum install mailx, then try both local mail and Internet mail:

mail root
mail youraddress@example.com

With mail, end your message by pressing Control-D.

Or you can use ssmtp directly: ssmtp root or sendmail root

Try sendmail -t and then fill out the header by typing to: address and so on.

Once you see that mail is moving, you’re done. If you encounter a problem, check /var/log/maillog.

More advanced

If you want to control where mail goes for individual local accounts, check out the revaliases file in /usr/local/etc/ssmtp/. Otherwise, all mail destined to local accounts with UID < 1000 will go to the mailbox specified in the root= line in the config.

Note

If you are using authenticated SMTP (as in the example config above), your ssmtp.conf file contains your SMTP password in plain text. If your box is secure and you are the only user of it, this may not matter. If other users are logging in to the box, and you don’t want them to be able to see the config, you can chmod 600 ssmtp.conf to make it readable only by root, then setuid root the ssmtp binary with chmod +s /usr/local/sbin/ssmtp .

References

Debian wiki on sSMTP