SSMTP is a program which delivers email from a local computer to a configured mailhost (mailhub). It is not a mail server (like feature-rich mail server sendmail) and does not receive mail, expand aliases or manage a queue. One of its primary uses is for forwarding automated email (like system alerts) off your machine and to an external email address.
Install the package .
Forward to a Gmail mail server
To configure SSMTP, you will have to edit its configuration file (
/etc/ssmtp/ssmtp.conf) and enter your account settings:
# The user that gets all the mails (UID < 1000, usually the admin) email@example.com # The mail server (where the mail is sent to), both port 465 or 587 should be acceptable # See also https://support.google.com/mail/answer/78799 mailhub=smtp.gmail.com:587 # The address where the mail appears to come from for user authentication. rewriteDomain=gmail.com # The full hostname hostname=localhost # Use SSL/TLS before starting negotiation UseTLS=Yes UseSTARTTLS=Yes # Username/Password AuthUser=username AuthPass=password AuthMethod=LOGIN # Email 'From header's can override the default domain? FromLineOverride=yes
Create aliases for local usernames (optional)
To test whether the Gmail server will properly forward your email:
$ echo test | mail -v -s "testing ssmtp setup" firstname.lastname@example.org
Change the 'From' text by editing
/etc/passwd to receive mail from 'root at myhost' instead of just 'root'.
# chfn -f 'root at myhost' root # chfn -f 'mainuser at myhost' mainuser
$ grep myhostname /etc/passwd
Using an app password
If your Gmail account is secured with two-factor authentication, you need to generate a unique App Password to use in
ssmtp.conf. You can do so on your App Passwords page. Use the generated 16-character password in the
AuthPass line. Spaces in the password can be omitted.
Because your email password is stored as cleartext in
/etc/ssmtp/ssmtp.conf, it is important to secure the file.
Securing ssmtp.conf will ensure that:
- if any users have unprivileged access to your system, they cannot read the file and see your email password, while still letting them send out email
- if your user account is ever compromised, the hacker cannot read the
ssmtp.conffile, and therefore your email password, unless he gains access to the root account as well
ssmtp.conf, do this:
# groupadd ssmtp
Set ssmtp.conf group owner to the new
# chown :ssmtp /etc/ssmtp/ssmtp.conf
Set the group owner of the ssmtp binary to the new
# chown :ssmtp /usr/bin/ssmtp
Make sure only root, and the
ssmtp group can access
# chmod 640 /etc/ssmtp/ssmtp.conf
Set the SGID bit on the ssmtp binary.
# chmod g+s /usr/bin/ssmtp
Now, all the regular users can still send email using the terminal, but none can read the
To send email from the terminal, do:
$ echo "this is the body" | mail -s "Subject" email@example.com
or interactively as:
$ mail firstname.lastname@example.org
An alternate method for sending emails is to create a text file and send it with ssmtp or mail
To:email@example.com From:firstname.lastname@example.org Subject: Test This is a test mail.
$ mail email@example.com < test-mail.txt
Alternatively, you can attach using uuencode:
$ uuencode file.txt file.txt | mail firstname.lastname@example.org