LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 10-11-2012, 08:17 PM   #1
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Rep: Reputation: 78
question concerning postfix, a perl script, and Amazon Simple Email Service


I know next to nothing about perl so I could use some help.

I've (painstakingly) configured postfix and the ses.send-email.pl script provided by Amazon as described here. For some reason, the script seems to ignore the sender that I have specified using the -f flag and instead looks to the user@domain who is actually sending the email.

My aws-email line in /etc/postfix/master.cf looks like this:
Code:
aws-email  unix  -       n       n       -       -       pipe
  flags=R user=mail argv=/usr/src/bin/ses-send-email.pl -r -k /usr/src/bin/aws-credentials -e https://email.us-east-1.amazonaws.com -f verified_user@example.com ${recipient}
If I'm logged in as user sneakyimp on my Ubuntu instance (hosted in EC2) and type in these commands:
Code:
sendmail -t
To: someuser@example.com
Subject: Testing SES!

Here is your message
.
Then the mail log (/var/log/mail.log) shows that the sender is sneakyimp@example.com rather than the verified_user@example.com that is specified using the -f flag in master.cf.

NOTE that I am able to get mail to send as long as sneakyimp@example.com is one of my verified addresses, but I want ALL mail being sent from this server to come from verified_user@example.com. I expect mail to come from a variety of services (cron jobs, samhain, fail2ban, etc.) so it's kind of unreasonable for me to have to register every single process with its own verified address.

I've attached perl script in question. Am I misunderstanding what the -f flag is for? Is the perl script ignoring this flag?
Attached Files
File Type: txt ses-send-email.pl.txt (6.4 KB, 18 views)
 
Old 11-10-2012, 11:01 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592
Quote:
Originally Posted by sneakyimp View Post
NOTE that I am able to get mail to send as long as sneakyimp@example.com is one of my verified addresses, but I want ALL mail being sent from this server to come from verified_user@example.com.
I don't know if you fixed this already, and I don't run Postfix, but maybe a user / email mapping (sender_canonical_maps) could help?

*BTW the Perl Include problem in your other thread can be addressed in different ways, see http://www.perlhowto.com/extending_the_library_path or http://www.perlmonks.org/?node_id=923351.


//NTLB
 
Old 11-11-2012, 06:49 PM   #3
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Original Poster
Rep: Reputation: 78
Thanks for hte response, unSpawn. You are a generous soul -- and advice on Postfix is hard to come by. Postfix seems really complex and the documentation leaves a lot to be desired.

sender_canonical_maps does look promising, but I'm wondering if it's possible to specify a wildcard that matches ALL senders -- i.e., regardless of what user/process is sending mail, it will all have a sender address of verified_user@example.com. I've been back to the postfix documentation repeatedly and just seem to get confused by the sprawl of it -- so many daemons and steps and some weird sequence of rewrites that happen. It makes Apache mod_rewrite look like kindergarten.

If it is possible to match each and every possible user/process on this machine to one outgoing/sender email address, I think that solves my problem. I've googled for "postfix canonical wildcard" and a variety of other searches and cannot seem to find an example of sender_canonical_maps using a wildcard. Please note that I'm not trying to circumvent any spam measures or mail delivery policies. In particular:
1) This machine should never accept any email from any remote server -- the iptables and firewall should have any mail ports locked tight. Furthermore, I believe I have postfix configured such that it does not accept mail from strangers.
2) No mail should ever be delivered locally -- I believe I have this resolved in my postfix configuration


An alternative to configuring postfix to use only one sender would be to alter the perl script (or its associated library) that I attached before such that it always specifies one and only one sender email address to the Amazon SES gateway. Still another option would be to msmtp or esmtp but I know nothing about these and want to make sure that no mail is ever delivered locally, all mail sent by this machine goes through the Amazon SES gateway, and all mail appears to have one single sender of verified_user@example.com.
 
Old 11-11-2012, 07:00 PM   #4
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Original Poster
Rep: Reputation: 78
I don't know if I made it clear in my last post, but I want to map ALL sender addresses through this one sender address -- configuring each email address separately is going to be too much trouble given the number of machines I expect to manage based on this configuration. Also, I hope that this many-to-one address mapping will still preserve somehow the identity of the original sending user/process so that I know who needs adjustment to reduce unecessary email notifications.
 
Old 11-11-2012, 08:17 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592
Here's an example: http://binblog.info/2012/09/27/postf...outgoing-mail/ and it appears Reuti is a Postfix wizard: http://www.linuxquestions.org/questi...ostfix-852693/ ..
 
Old 11-12-2012, 03:05 PM   #6
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Original Poster
Rep: Reputation: 78
Thanks, UnSpawn, for those two examples. The first one doesn't mention the change you need to make to main.cf but does give a perfect example with the regex pattern. I think that will accomplish what I've been after.

That's also good news about Reuti being Postfix wiz. I expect I'll have more postfix questions sooner rather than later.

I'm also very curious about esmtp and msmtp -- I expect they are a lot simpler and are really what I should be using, but don't know much about them. Specifically, I don't know how to:
* prevent any local mail delivery -- no one will ever check the mailboxes on these virtual machines and disk space is very very limited
* route ALL mail sent from this machine through Amazon SES gateway, either using the PERL script they provide or via *encrypted* connection to the Amazon SES SMTP gateway
* rewrite sender of all mail originating from this machine to be some_verified_address@example.com so that the Amazon SES gateway accepts mail for delivery

I expect Postfix is overkill for the simple mail needs of this server.
 
Old 11-12-2012, 03:23 PM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592
Quote:
Originally Posted by sneakyimp View Post
I think that will accomplish what I've been after.
Let's hope so.


Quote:
Originally Posted by sneakyimp View Post
That's also good news about Reuti being Postfix wiz.
I was just kidding OK? I mean there's more than a few members who are conversant with Postfix so as long as you have a good title and clear story someone will show up.


Quote:
Originally Posted by sneakyimp View Post
I expect Postfix is overkill for the simple mail needs of this server.
Time to do some research into esmtp and msmtp then, good luck with that!
 
Old 11-12-2012, 04:54 PM   #8
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Original Poster
Rep: Reputation: 78
OK I've tested the sender_canonical_maps directive you have suggested and it WORKS. I'm delighted.

To summarize, one can configure postfix to have one sender for all outgoing mail by doing this. Edit /etc/postfix/main.cf and make sure it has this setting:
Code:
sender_canonical_maps = regexp:/etc/postfix/sender_canonical
Then, create the file /etc/postfix/sender_canonical and make sure it contains this:
Code:
/.+/ your_one_email_address@example.com
There is no need to do a postmap on the sender_canonical file. You must reload/restart postfix:
Code:
/etc/init.d/postfix restart
 
Old 11-12-2012, 05:20 PM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592
While I appreciate it its whatshisname who did the work.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
help me with simple postfix config: send/receive email at one address anthony_go Linux - Server 3 08-31-2010 12:26 PM
How to run perl script as service tdnnash25 Linux - Server 6 12-24-2009 01:35 AM
SuSE Postfix not sending mail at all. Simple email script. Lantzvillian Linux - Server 6 05-09-2008 03:28 PM
Need simple script to startup internet service? M$ISBS Programming 7 01-18-2008 11:20 PM
Very simple question, installing script for Perl lexington Linux - Newbie 1 06-07-2004 04:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration