Sometime you need just to allow system tools (i.e. cron) to send mail to the hostmaster. Setting up (and maintaining) a smtp server like sendmail, Postfix or Exim is too much. What you need is nullmailer, a sendmail/qmail/etc replacement MTA for hosts which relay to a fixed set of smart relays.
WARNING: this article refers to nullmailer BEFORE version 1.11 such as installed in UBUNTU 10.04 and 12.04.
Infact old versions of nullmailer do not support ssl, that's mandatory for SES. If you are running nullmailer 1.11 or later this article is useless because you can simply install nullmailer (i.e.sudo apt-get install nullmailer) and then put the string
<your_amazon_ses_smtp_host> smtp --ssl --port=465 --user=YOURAMAZON_SES_USENAME --pass=YOUR_AMAZON_SES_PASSWORDinto /etc/nullmaile/remotes file.
I assume that you already know how to setup an Amazon Simple Email Service account and how to test it in the sandbox . This means that you have signed the service, verified and tested at least a couple of e-mail address using Amazon Management Console facility. If this is not your case, please refer to this guide.
To begin, you will need to set up a secure tunnel using stunnel package. In the following procedure, we use port 2525 as your stunnel port. If you are using a different port, modify the settings that you actually use accordingly.
First install stunnel package.sudo apt-get install stunnel
Edit /etc/default/stunnel4, change ENABLED=0 to ENABLED=1
Edit /etc/stunnel/stunnel.conf as shown in the example below:
sslVersion = SSLv3 chroot = /var/lib/stunnel4/ setuid = stunnel4 setgid = stunnel4 pid = /stunnel4.pid socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = yes [smtp-tls-wrapper] accept = 127.0.0.1:2525 connect = email-smtp.us-east-1.amazonaws.com:465
Start up stunnelsudo /etc/init.d/stunnel4 start
Verify that the Amazon smtp tunnel is listening on the local server.
netstat -an | grep -iw LISTEN tcp localhost:2525 0.0.0.0:* LISTEN
Now install and configure nullmailer packagesudo apt-get -y install nullmailer
Edit /etc/nullmailer/adminaddr . It should contain just a line with your verified Amazon SES address. This address will be used to dispatch to an external address, mails adressed to local user (i.e. root@localhost): nullmailer ignores /etc/aliases.
Edit /etc/nullmailer/remotes and replace all with the following line, replacing USERNAME and PASSWORD with your SES SMTP user name and password:localhost smtp --port=2525 --user=USERNAME --pass=PASSWORD
Now test the configuration:
sendmail -f "senderverifiedaddress" -F "YOUR FULL NAME" destinationfiedaddress From: senderverifiedaddress To: destinationfiedaddress Body ot the message.. <ctrl-d>
Remember always to include To: destination in the header of the message because the sendmail emulation (installed by nullmailer), when the message has no To or Cc fields, appends to the message header the field: Cc: recipient list not shown: ; this seams hurting Amazon SES smtp interface (smtp: Failed: 554 Transaction failed: User name is missing: 'recipient list not shown: ;').
Remember that, according with SES rules, the sender must be a verified address. The destination could be unverified only if production access is enabled for your SES account.
You can set the nullmailer "From" address via environment variables .
Usually you can set environment variables in the crontab.
NULLMAILER_USER=webmaster NULLMAILER_HOST=host.example.com NULLMAILER_NAME="Mr Cron" 5 0 * * * /usr/local/bin/daily.sh
Check for errors in /var/logs/mail.* syslog files. For debuging purpose, you can also edit messages in /var/spool/nullmailer/queue.
Note that nullmailer, by default, try to send queued message every 60 sec. You can increase it to 15 minutes typing:echo "900" > /etc/nullmailer/pausetime