Logo

How can we help?

Get answers to your questions right here...

Routing sendmail through external SMTP relay

SFTP Gateway

Routing sendmail through external SMTP relay

Last updated on 06 Apr, 2018

SFTP Gateway emails private keys via sendmail. The AWS public IP range tends to be flagged by spam filters. One workaround is to proxy the email through a relay. Here is an example of how to do this with gmail.

  1. Elevate to the root user: sudo su

  2. Navigate to the mail directory: cd /etc/mail

  3. Create a directory to hold authentication info (this directory must be read/write for root only): mkdir -m 700 authinfo

  4. Create an authentication file in this directory that holds relay credentials: echo 'AuthInfo: "U: <user>" "I: <email_address>" "P: <password>"' > authinfo/auth

  5. Create a hash of the auth file: makemap hash authinfo/auth < authinfo/auth

      This will create a hash file auth.db.

  6. Edit the sendmail.mc file: vim sendmail.mc

      # uncomment the line "dnl # define(`SMART_HOST', `smtp.your.provider')dnl"
      26 define(`SMART_HOST', `smtp.gmail.com')dnl
      
      # add these lines below smart host
      27 define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
      28 define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
      29 FEATURE(`authinfo', `hash -o /etc/mail/authinfo/authinfo.db')dnl
      
      # uncomment lines 44, 52, and 53
      44 define(`confAUTH_OPTIONS', `A p')dnl
      52 TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
      53 define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
      
  7. Install sendmail-cf yum install -y sendmail-cf

  8. Rebuild the sendmail configuration: make -C /etc/mail

  9. Reload the sendmail service: /etc/init.d/sendmail reload

Now emails sent by SFTP Gateway will be relayed through the external SMTP server. They will appear to come from the email address specified in the "I:" section of the auth info.

Did you find this article helpful?
Previous

Configure an EC2 security group

Next