I make one in Japanese next time. 日本語はまたこんど
Because I have moved all my mail service to Google Apps, I have decided not to run any MTA services on my server to save the resource and to make it neat when I execute ps command.
If you are planning to stop Sendmail or Postfix or any other MTA service on your server this blog might help you.
This is for CentOS/RHEL/Fedora.
I made 2 simple Perl scripts that allow you to send mail via Google Mail(Gmail), you need to have at least one Gmail account or Google Apps Mail account that you can use. The reason I made 2 scripts is because I’m running some jobs like clamscan and other staff and that will report things when they find something or when there is some trouble via mail/sendmail.
You need to edit /etc/sysconfig/crond and give it an option “-m” with the script you are going to make. Option “-m” let us choose which script will deal with the mail data, header and body, that crond makes. I though it needs to be a shell script but it works fine even it is a perl script.
OPTIONS -m This option allows you to specify a shell command string to use for sending cron mail
output instead of sendmail(8). This command must accept a fully formatted mail message
(with headers) on stdin and send it as a mail message to the recipients specified in
the mail headers.
I will show you these things on this blog.
1. A Perl script for crond.
2. “/etc/sysconfig/crond” configuration.
3. A Perl script that sends mail without MTA running on the server.
1. A Perl script for crond.
You must have “Net::SMTP::TLS” module. I have installed it with yum command from remi repository. That helped me to install all modules needed. It was easier for me because I don’t like using cpan.
# yum -y install --enablerepo=remi perl-Net-SMTP-TLS
Here is the script.
I use port ‘587’ as I am in Japan. It might be 465 in your country. I do not know about it, please try. Usually it should be 465 when it is over TLS connection but it didn’t work for me so I made it 578 which is the submission port in Japan and that works fine.
#!/usr/bin/perl
use Net::SMTP::TLS; my $host = 'smtp.gmail.com'; my $port = 587; # Put your Gmail address or the address you use with Google Apps Mail my $username = 'your_mail@gmail.com'; # and your passwd. my $password = 'your_passwd_here'; # Where do you want to send mails to? my $mail_to = 'mail_to@hogehoge.com'; # This must be same with $username above. my $mail_from = 'your_mail@gamil.com'; my $header_and_contents; # The following will catch mail data from crond. while (<STDIN>){ $header_and_contents .= $_; } # connect to the server with over TLS my $smtps = Net::SMTP::TLS->new( $host, Port => $port, User => $username, Password => $password ); # compose mail $smtps->mail($mail_from); $smtps->to($mail_to); $smtps->data(); $smtps->datasend($header_and_contents); $smtps->dataend(); $smtps->quit;
Put this script wherever your user can access and execute it, I put it in /usr/local/bin/ but please check your users PATH.
2. “/etc/sysconfig/crond” configuration.
OK, crond reads /etc/sysconfig/crond for its options. The default configuration should look like this.
# grep -v ^# /etc/sysconfig/crond CRONDARGS= #
This means your crond is running as defalut. Make a backup and edit it, give it “-m” option with the path to the script you have made above. It’s ok if you are tend to use “vi” command, but it is much easier with “sed” command which can make a backup on the same time.
# sed -i.ORG 's/(CRONDARGS=)/1"-m /path/to/your/script"/g' /etc/sysconfig/crond # ls -la /etc/sysconfig/crond* # diff /etc/sysconfig/crond /etc/sysconfig/crond.ORG
Now if you restart crond which is “service crond restart” then the option will be recognized. Once you have restarted crond, please make a new cron job on your server to see if the script works fine. Make it sure the script you made is access-able by all users and has permission “x” to be executed. This is very important because you won’t see any error or logs when you put the script in wrong way.
Also if you are really sure that cron jobs run on your server are only executed by root, you don’t need to make it access-able by other users. I recommend you to put it access-able by all users because you will be able to receive crond error even if it is user’s cron job which is /var/spool/cron/username.
Please keep it in your mind, if you put this script in where users can access, your log-in id and password will be open to your users. So if you have a user that loves hacking your system, I recommend you to put this under /root/ directory or somewhere only root can access.
# echo "* * * * * nosuchcommand" >> /etc/crontab # crontab -e * * * * * nosuchcommand #
Wait maximum one minute, if you receive mail at the destination you have configured, you must be happy.
Are you happy now? lol
Last,
3. A Perl script that sends mail without MTA running on the server.
This script might be useful if you run some script with crond or something else that needs ‘mail’ command to report what happens. It creates enough header to send mails. Same with the script for crond, I’m not sure about the port number, please check or give it a try.
#!/usr/bin/perl use Net::SMTP::TLS; my $host = 'smtp.gmail.com'; my $port = 587; my $username = 'your_address@gmail.com'; my $password = 'your_passwd_here'; my $mail_to = 'destination@hogehoge.com'; my $mail_from = 'your_address@gmail.com'; # Get subject my $subject = $ARGV[0]; # Get mail body from STDIN my $contents;while (<STDIN>){ $contents .= $_; } # Header, make it simple. my $header = <<HEADER; From: root <$mail_from> To: root Subject: $subject HEADER # Establish TLS connection. my $smtps = Net::SMTP::TLS->new( $host, Port => $port, User => $username, Password => $password ); # compose mail. $smtps->mail($mail_from); $smtps->to($mail_to); $smtps->data(); $smtps->datasend($header); $smtps->datasend($contents); $smtps->dataend(); $smtps->quit;
Once you made this script use it this way.
# cat /root/mail.txt | /path/to/script.pl "This is the Subject"
“cat /root/mail.txt” is just an example. As long as the script get STDIN from a command output it works fine. I put this script under /root/ because it doesn’t need to be accessed by any other user except root.
I hope this will help you in some way.
Enjoy your day.
Cheers
コメント