Sending mail from the Linux command line via ssmtp and gmail

HowTo: Use ssmtp and google mail for email alerts

Sending mail from the command line can be useful in a lot of ways. Whether you quickly want to extract info from your operating system or use it in a bash script, it has proven to be a valuable asset in every system administrators toolbox.

To send email we need a smtp server and a Mail Transfer Agent (MTA). The two most well known and powerful MTAs are exim and postfix. However, many users won’t need the powerful features provided by those tools. In this article, we’ll use a MTA that is very easy to install and configure – SSMTP. We’ll also make use of gmail, one of the most well known free email providers.

To start things off, we’ll install ssmtp:

CentOS/RHEL:

# yum install ssmtp

Ubuntu/Debian:

apt-get install ssmtp

ssmtp’s configuration files are located in /etc/ssmtp/ for both distributions and consist of two configuration files: revaliases and ssmtp.conf. Note that you will need administrator privileges to cd into /etc/ssmtp.

ssmtp.conf is where the main configuration for ssmtp is located. revaliases stands for reverse aliases maps linux users to mail addresses.

To use gmail with ssmtp, we have to create an app password. An app password is a special password to your e-mail account which is only viable for a single application and will therefore not need two factor authentication. It’s a very simple process, but in case further help is needed, google provides very explicit instructions for gmail.

Now we can configure ssmtp.

Example configuration:

root=<user>@gmail.com
mailhub=smtp.gmail.com:587
AuthUser=<user>@gmail.com
AuthPass=<app password>
UseTLS=YES
UseSTARTTLS=YES

Replace <user> with your username and <app password> with the app password you generated.

Now you should be able to send mail using the command

# mail -s "<subject" recpient@mail.com <<< "<message body>"

In /etc/ssmtp/revaliases we can configure which address will be specified in the ‘From:’ field of our outbound mail.

Example:

root:username@gmail.com:smtp.gmail.com:587

would set the ‘From:’ field in all mails sent by root to username@gmail.com. This can be useful if you have multiple users on your system sending mail and you want to use different ‘From:’ addresses. Note that due to how smtp works, these addresses need not exist necessarily.

If you want to use ssmtp in bash scripts, here’s a very simple function I created:

function sendMail {
  mail -s "$subject" $recipient <<< "$body"
}

Note that you should put your parameters in hyphens if they contain blanks.

…and that’s it! Now it’s very easy to monitor various aspects of your system and be alerted by mail.

Enabling cgi with httpd

HowTo: A Comprehensive Guide How To Enable httpd To Execute CGI Scripts

The Common Gateway Interface (CGI) is a standard protocol for web servers to execute programs that execute like console applications (https://en.wikipedia.org/wiki/Common_Gateway_Interface)

I’m using CGI to query data from some Linux servers and VMs I’m running at home.

Enabling CGI is easy enough, yet I found most tutorials incredibly lacking. Therefore, I’m going to walk you through the procedure, starting with a freshly installed CentOS 7.

I’m assuming you have working internet access on your server or VM.

1. Installing a web server

We start by installing a web server. For this example, I have chosen apache2. Apache2 is known as httpd in the context of CentOS and I will use this synonym throughout the rest of the article.

Httpd is part of the official CentOS repos and we can use yum to install it.

# yum install httpd

Afterwards, we will start and enable httpd (which means it will start and automatically run on server startup).

# systemctl start httpd
# systemctl enable httpd

We can check if everything went well with

# systemctl status httpd

which should proclaim that httpd is active and running.

From now on, your server/VM will answer to requests made to that host’s IP on port 80.


Excursus: System configuration – SELinux and firwalld

Pointing your browser to the server probably yield a connection refused – error since the server’s  local firewall will block the connection.

The firewall can be stopped by a simple

# systemctl stop firewalld

and furthermore permanently disabled by

# systemctl disable firewalld

If your server is in any shape or form reachable through the public internet, you should probably sit down and properly configure your firewall instead of simply turning it off.

Centos 7 comes with SELinux enabled by default. Configuring SELinux is beyond the scope of this article so the suggestion here is to set it to permissive, which means it will merely report security incidents but not perform any blocking action. SELinux can be disabled by editing /etc/selinux/config and setting “Current mode” to permissive.

 


2. Configuring httpd

httpd’s config files are located in /etc/httpd.

The most important file here is conf/httpd.conf, the global httpd configuration file.

In httpd.conf, we need to insert the following line to load the correct module:

LoadModule cgid_module modules/mod_cgid.so

Afterwards, we need to restart httpd:

# systemctl restart httpd

3. Hello, CGI

When we installed httpd, there was already a designated cgi directory for us: /var/www/cgi-bin. For a first test, a very simple script is sufficient. Create a file with the following content:

#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, CGI.";

For the sake of convenience, I’m assuming it will be called helloworld.cgi. Afterwards, we need to make it executable with

# chmod +x helloworld.cgi

4. Testing

Now, we’re good to go. Point the browser of your choice to <IP>/cgi-bin/helloworld.cgi

This is what you should see:

Congratulations, you got your first CGI-script up and running.