-
Notifications
You must be signed in to change notification settings - Fork 1
/
gmail-sendmail
180 lines (143 loc) · 5.52 KB
/
gmail-sendmail
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
#!/bin/bash -Eeu
#
# Setup system to send email through Gmail / Google Apps account
#
# sendmail may be one of its wrappers: ssmtp, msmtp, or even postfix itself
# https://binfalse.de/2020/02/17/migrating-from-ssmtp-to-msmtp/
#
# Great reference: https://wiki.archlinux.org/title/msmtp
# -----------------------------------------------------------------------------
config=/etc/msmtprc
passfile=/etc/gmail-auth
USAGE='ACCOUNT PASSWORD [MAILDOMAIN] [FROM] [SMTPHOST]'
# -----------------------------------------------------------------------------
usage() { echo "Usage: ${1:+$1 }${0##*/}${USAGE:+ $USAGE}" >&2; exit 1; }
setuplib=${SETUP_LIB:-$(dirname "$(readlink -f "$0")")/../setuplib}
if [[ -r "$setuplib" ]]; then source "$setuplib"; else
echo "Setup library not found: $setuplib" >&2; usage '[SETUP_LIB=<path>]'
fi
# -----------------------------------------------------------------------------
# Do not use account password, instead create an app password
# https://myaccount.google.com/apppasswords
ACCOUNT=${1:-${SETUP_GMAIL_ACCOUNT:-}}
PASSWORD=${2:-${SETUP_GMAIL_PASSWORD:-}}
MAILDOMAIN=${3:-${SETUP_GMAIL_MAILDOMAIN:-${ACCOUNT##*@}}}
FROM=${4:-${SETUP_GMAIL_FROM:-${HOSTNAME}@${MAILDOMAIN}}}
EHLODOMAIN=${5:-${SETUP_GMAIL_EHLODOMAIN:-${HOSTNAME}.${MAILDOMAIN}}}
SMTPHOST=${6:-${SETUP_GMAIL_SMTPHOST:-smtp.gmail.com}}
argument "$ACCOUNT" ACCOUNT || usage
# Create the auth file
if ! [[ -f "$passfile" ]]; then
argument "$PASSWORD" PASSWORD || usage
echo "$PASSWORD" | base64 - | sudo tee "$passfile" >/dev/null
fi
# Create aliases file (so email sent TO local users can be delivered)
sudo tee /etc/aliases >/dev/null <<-EOF
# Created by ${0##*/}
# Email sent TO local users are replaced by the respective recipients
# Trailing '@' needed for msmtp < 1.8.6, released 2019-09-27
# https://unix.stackexchange.com/a/531586/4919
root: root.${FROM}
${USER}: ${USER}.${FROM}
default: system.${FROM}
#mailer-daemon: postmaster@
#postmaster: root@
#nobody: root@
#hostmaster: root@
#usenet: root@
#news: root@
#webmaster: root@
#www: root@
#ftp: root@
#abuse: root@
#noc: root@
#security: root@
#root: ${USER}@
#${USER}: ${FROM}
#default: ${FROM}
EOF
install_package msmtp-mta
sudo tee "$config" >/dev/null <<-EOF
# Msmtp system configuration file
# Adapted from 'man msmtp', installed by ${0##*/}
# May also be used as a user configuration file at ~/.msmtprc
# Some parts adapted from the example for /etc/msmtprc
#
# This file focusses on TLS and authentication. Features not used here include
# logging, timeouts, SOCKS proxies, TLS parameters, Delivery Status Notification
# (DSN) settings, and more.
# Set default values for all following accounts.
defaults
# Use the mail submission port 587 instead of the SMTP port 25.
port 587
# Always use TLS.
tls on
# Set a list of trusted CAs for TLS. You can use a system-wide default file,
# as in this example, or download the root certificate of your CA and use that.
tls_trust_file /etc/ssl/certs/ca-certificates.crt
# Additionally, you should use the tls_crl_file command to check for revoked
# certificates, but unfortunately getting revocation lists and keeping them
# up to date is not straightforward.
#tls_crl_file ~/.tls-crls
# See 'man msmtp' for certificate fingerprint pinning. Not useful for Gmail
# A freemail service
# account freemail
# Host name of the SMTP server
#host smtp.example.com
# Envelope-from address
#from [email protected]
# Authentication. The password is given using one of five methods, see below.
#auth on
#user joe.doe
# Password method 1: Add the password to the system keyring, and let msmtp get
# it automatically. To set the keyring password using Gnome's libsecret:
# secret-tool store --label=msmtp host smtp.example.com service smtp user joe.doe
# Password method 2: Store the password in an encrypted file, and tell msmtp
# which command to use to decrypt it. This is usually used with GnuPG, as in
# this example. Usually gpg-agent will ask once for the decryption password.
#passwordeval gpg2 --no-tty -q -d ~/.msmtp-password.gpg
# Password method 3: Store the password directly in this file. Usually it is not
# a good idea to store passwords in plain text files. If you do it any-way, at
# least make sure that this file can only be read by yourself.
#password secret123
# Password method 4: Store the password in ~/.netrc. This method is probably not
# relevant anymore.
# Password method 5: Do not specify a password. Msmtp will then prompt you for
# it. This means you need to be able to type into a terminal when msmtp runs.
# A second mail address at the same freemail service
#account freemail2 : freemail
#from [email protected]
# The SMTP server of your ISP
#account isp
#host mail.isp.example
#from [email protected]
#auth on
#user 12345
# Set a default account
#account default : freemail
#######
# Construct envelope-from addresses of the form "[email protected]".
#auto_from on
#maildomain oursite.example
# Use TLS.
#tls on
#tls_trust_file /etc/ssl/certs/ca-certificates.crt
# Syslog logging with facility LOG_MAIL instead of the default LOG_USER.
syslog LOG_MAIL
######
# The GMail account
account gmail
host ${SMTPHOST}
auth on
user ${ACCOUNT}
# Do not use account password, instead create an app password
# https://myaccount.google.com/apppasswords
passwordeval base64 -d $(printf '%q' "${passfile}")
domain ${EHLODOMAIN}
# Choose 'auto_from on' + 'maildomain' OR fixed 'from'
auto_from on
maildomain ${MAILDOMAIN}
#from ${FROM}
aliases /etc/aliases
account default : gmail
EOF