[SOLVED] question concerning postfix, a perl script, and Amazon Simple Email Service
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
question concerning postfix, a perl script, and Amazon Simple Email Service
I know next to nothing about perl so I could use some help.
I've (painstakingly) configured postfix and the ses.send-email.pl script provided by Amazon as described here. For some reason, the script seems to ignore the sender that I have specified using the -f flag and instead looks to the user@domain who is actually sending the email.
My aws-email line in /etc/postfix/master.cf looks like this:
Code:
aws-email unix - n n - - pipe
flags=R user=mail argv=/usr/src/bin/ses-send-email.pl -r -k /usr/src/bin/aws-credentials -e https://email.us-east-1.amazonaws.com -f verified_user@example.com ${recipient}
If I'm logged in as user sneakyimp on my Ubuntu instance (hosted in EC2) and type in these commands:
Code:
sendmail -t
To: someuser@example.com
Subject: Testing SES!
Here is your message
.
NOTE that I am able to get mail to send as long as sneakyimp@example.com is one of my verified addresses, but I want ALL mail being sent from this server to come from verified_user@example.com. I expect mail to come from a variety of services (cron jobs, samhain, fail2ban, etc.) so it's kind of unreasonable for me to have to register every single process with its own verified address.
I've attached perl script in question. Am I misunderstanding what the -f flag is for? Is the perl script ignoring this flag?
NOTE that I am able to get mail to send as long as sneakyimp@example.com is one of my verified addresses, but I want ALL mail being sent from this server to come from verified_user@example.com.
I don't know if you fixed this already, and I don't run Postfix, but maybe a user / email mapping (sender_canonical_maps) could help?
Thanks for hte response, unSpawn. You are a generous soul -- and advice on Postfix is hard to come by. Postfix seems really complex and the documentation leaves a lot to be desired.
sender_canonical_maps does look promising, but I'm wondering if it's possible to specify a wildcard that matches ALL senders -- i.e., regardless of what user/process is sending mail, it will all have a sender address of verified_user@example.com. I've been back to the postfix documentation repeatedly and just seem to get confused by the sprawl of it -- so many daemons and steps and some weird sequence of rewrites that happen. It makes Apache mod_rewrite look like kindergarten.
If it is possible to match each and every possible user/process on this machine to one outgoing/sender email address, I think that solves my problem. I've googled for "postfix canonical wildcard" and a variety of other searches and cannot seem to find an example of sender_canonical_maps using a wildcard. Please note that I'm not trying to circumvent any spam measures or mail delivery policies. In particular:
1) This machine should never accept any email from any remote server -- the iptables and firewall should have any mail ports locked tight. Furthermore, I believe I have postfix configured such that it does not accept mail from strangers.
2) No mail should ever be delivered locally -- I believe I have this resolved in my postfix configuration
An alternative to configuring postfix to use only one sender would be to alter the perl script (or its associated library) that I attached before such that it always specifies one and only one sender email address to the Amazon SES gateway. Still another option would be to msmtp or esmtp but I know nothing about these and want to make sure that no mail is ever delivered locally, all mail sent by this machine goes through the Amazon SES gateway, and all mail appears to have one single sender of verified_user@example.com.
I don't know if I made it clear in my last post, but I want to map ALL sender addresses through this one sender address -- configuring each email address separately is going to be too much trouble given the number of machines I expect to manage based on this configuration. Also, I hope that this many-to-one address mapping will still preserve somehow the identity of the original sending user/process so that I know who needs adjustment to reduce unecessary email notifications.
Thanks, UnSpawn, for those two examples. The first one doesn't mention the change you need to make to main.cf but does give a perfect example with the regex pattern. I think that will accomplish what I've been after.
That's also good news about Reuti being Postfix wiz. I expect I'll have more postfix questions sooner rather than later.
I'm also very curious about esmtp and msmtp -- I expect they are a lot simpler and are really what I should be using, but don't know much about them. Specifically, I don't know how to:
* prevent any local mail delivery -- no one will ever check the mailboxes on these virtual machines and disk space is very very limited
* route ALL mail sent from this machine through Amazon SES gateway, either using the PERL script they provide or via *encrypted* connection to the Amazon SES SMTP gateway
* rewrite sender of all mail originating from this machine to be some_verified_address@example.com so that the Amazon SES gateway accepts mail for delivery
I expect Postfix is overkill for the simple mail needs of this server.
I think that will accomplish what I've been after.
Let's hope so.
Quote:
Originally Posted by sneakyimp
That's also good news about Reuti being Postfix wiz.
I was just kidding OK? I mean there's more than a few members who are conversant with Postfix so as long as you have a good title and clear story someone will show up.
Quote:
Originally Posted by sneakyimp
I expect Postfix is overkill for the simple mail needs of this server.
Time to do some research into esmtp and msmtp then, good luck with that!
OK I've tested the sender_canonical_maps directive you have suggested and it WORKS. I'm delighted.
To summarize, one can configure postfix to have one sender for all outgoing mail by doing this. Edit /etc/postfix/main.cf and make sure it has this setting:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.