server | email

Email

postfix:

sudo apt-get install postfix mailutils

To configure:

sudo nano /etc/postfix/main.cf

mydestination = example.xyz

myhostname = example.xyz

To disable incoming mail:

inet_interfaces = loopback-only

sudo service postfix restart

Restrict email to ipv4:

inet_protocols = ipv4

sudo service postfix restart

Check:

echo "This is a test" | mail -s "Testing" youremail@gmail.com

NOTE: For extra safety you can close port 25:

sudo iptables -I INPUT -p tcp -i eth0 --dport 25 -j REJECT

sudo apt-get install iptables-persistent

sudo dpkg-reconfigure iptables-persistent

sudo iptables -L -n

sudo iptables -S

References:

digitalocean   digitalocean   postfix   postfix   ipv4  

Make mail log files non-root readable:

sudo chmod 644 /var/log/mail.log*

sudo chmod 644 /var/log/mail.warn*

sudo chmod 644 /var/log/mail.err*

Now you need to make logrotate keep 644 permissions. Edit:

sudo nano /etc/logrotate.d/rsyslog

and looking at defaults, make necessary changes. For example:

/var/log/mail.log 
{
        create 664 syslog adm
        rotate 4
        weekly
        missingok
        notifempty
        compress
        delaycompress
        sharedscripts
        postrotate
                invoke-rc.d rsyslog rotate > /dev/null
        endscript
}

Getting local root mail forwarded to your email:

sudo nano /etc/aliases

Add the line:

root: yourexternalemailaddress@gmail.com

Now run:

sudo newaliases

sudo service postfix restart

Test:

echo test | mail -s "test message" root

Another way:

sudo nano /root/.forward

Add your email adress yourexternalemailaddress@gmail.com to this file.

Alternative mail server: sendmail:

sudo apt-get install sendmail mailutils

sudo iptables -I INPUT -i eth0 --dport 25 -j REJECT

sudo iptables -I INPUT -i eth0 --dport 587 -j REJECT

sudo apt-get install iptables-persistent

sudo dpkg-reconfigure iptables-persistent

sudo iptables -L -n

sudo iptables -S

Alternative mail server: ssmtp:

rianjs    wiki.arch