Part 5: Install ssmtp and logwatch


1) Download and install the EPEL repo:
Check: http://download.fedoraproject.org/pub/linux/epel/6/x86_64/repoview/epel-release.html

cd
curl http://download.fedoraproject.org/pub/linux/epel/6/x86_64/epel-release-6-8.noarch.rpm -o epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

2) Install ssmtp:

yum -y install ssmtp

2) disable sendmail, if present:

service sendmail stop
chkconfig --levels 2345 sendmail off
chkconfig --del sendmail
export tmpsm=$(which sendmail)
mv -f $tmpsm $(echo $tmpsm.bak)
ln -s $(which ssmtp) $tmpsm

3) Create a secure environment to run ssmtp:

groupadd ssmtp
useradd ssmtp -g ssmtp -s /sbin/nologin -d /nonexistent -c "sSMTP pseudo-user"
chown ssmtp:wheel /etc/ssmtp/ #http://en.wikipedia.org/wiki/Wheel_(Unix_term)
chmod 4750 /etc/ssmtp/ #https://en.wikipedia.org/wiki/Setuid
chown ssmtp:wheel /etc/ssmtp/ /etc/ssmtp/ssmtp.conf
chmod 640 /etc/ssmtp/ssmtp.conf
chown ssmtp:ssmtp $(which ssmtp)
chmod 4555 $(which ssmtp)

5) Configure ssmtp:

sed s/root=postmaster/#root=postmaster/ -i /etc/ssmtp/ssmtp.conf
sed s/mailhub=mail/#mailhub=mail/ -i /etc/ssmtp/ssmtp.conf
echo "root=mbrown@domainy.com" >> /etc/ssmtp/ssmtp.conf #will route anything that's sent to any user with a UID under 500 (check /etc/passwd) to mbrown@mydomain.com
echo "mailhub=smtpserver.com:587" >> /etc/ssmtp/ssmtp.conf
echo "AuthUser=robot@domainy.com" >> /etc/ssmtp/ssmtp.conf
echo "AuthPass=passsword" >> /etc/ssmtp/ssmtp.conf
echo "RewriteDomain=domainy.com" >> /etc/ssmtp/ssmtp.conf  #will rewrite the domain when destined for a domain
echo "Hostname=domainy.com" >> /etc/ssmtp/ssmtp.conf
echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf
echo "UseSTARTTLS=Yes #?" >> /etc/ssmtp/ssmtp.conf 
echo "root:robot@domainy.com" >> /etc/ssmtp/revaliases
echo "apache:robot@domainy.com" >> /etc/ssmtp/revaliases
chmod 644 /etc/ssmtp/ssmtp.conf
chmod 644 /etc/ssmtp/revaliases

Install and configure Logwatch:
1) install logwatch:

yum -y install logwatch

2) By default, logwatch will send the log summary to root (which will resolve by way of /etc/ssmtp/revaliases).
If you wish to change this, you can modify the MailTo directive in /usr/share/logwatch/default.conf/logwatch.conf

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: