2

I'm having a bit of trouble setting up postfix as a null client and have some questions.

I'll be aiming to use SMTP as this is what most web applications use as a way to connect to the email server.

The goal is to use it for email notifications from web applications and monitoring software on the machine.

  1. Are things like SASL and TLS needed? It sounds like encrypting the connection between my web application and the email server is uesless when they're on the same box.
  2. Which user should I connect to the SMTP server as? I originally used the user account I use for daily activities, but this screams bad as my login information is in the wild if my web application is ever cracked. I also tried creating a user with /usr/sbin/nologin as it's shell, but this didn't work either (I'd prefer it the user didn't have shell access).

Any other things to think about while doing this?

The Pixel Developer
  • 857
  • 3
  • 10
  • 20

3 Answers3

3

The canonical reference for configuration of a null client is here: http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client

A null client will not listen for oncoming TCP connections, even on the local host, so SASL and TLS are not needed locally.

Your web application can use the sendmail interface, which is also what you get under the hood if you use pipe stuff into mail (which is most likely some variant of mailx). sendmail is in fact provided by postfix, but provides a drop in for the old sendmail interface which became the standard. Most Web Mail sending libraries will talk to sendmail, though there may be other options as well.

You may need to worry about TLS, SASL, and which user and authentication to use for the outgoing connections to the mail relay you use, but the point of a null client is to be essentially unconfigured, and if you need that stuff, consider that either a null client isn't really quite what you want, or that you could use a separate outgoing mail relay on the same box using postmulti.

mc0e
  • 5,866
  • 18
  • 31
0

I believe what you are asking is for a way to have the mail server accept e-mail that you generate from your web application on the same machine and deliver it to the final destination? I'm not entirely sure because "null client" and your description don't make sense together to me.

Anyway, the way this would typically be done is that in postfix you set "mynetworks" to include "127.0.0.1", and you have your web applications connect to "127.0.0.1" to send e-mail. Mail coming from a host listed in "mynetworks" is not limited in it's ability to send e-mail to only user-names the postfix server directly handles, so you can have your web applications mail your normal e-mail account, or other external users.

mynetworks usually contains 127.0.0.1, so this is likely to be the default configuration.

So, use "postconf mynetworks" to see the current value. Change /etc/postconf/main.cf or use "postconf" to change the value and then restart postfix. Check the logs if your mail still isn't working then.

Sean Reifschneider
  • 10,720
  • 3
  • 25
  • 28
  • 2
    The OPs question did make sense, and this answer is substantially incorrect in that regard, though whether it meets the OP's actual need is unclear. A null client does not accept mail via TCP, even on the localhost interface. It will accept mail sent by e.g. the 'sendmail' or 'mail' command line utilities, which use a local maildrop directory to pass mail to postfix. – mc0e Jan 22 '15 at 11:53
0

Postfix is a Mail Transfer Agent, not a Mail User Agent (client). Will it send mail out to other SMTP servers or will it spool mail to be accessed via IMAP or POP? My guess is, you want it to relay the alert email to your company's mail server.

By the way, Postfix may be overkill. You can use /usr/bin/mail or mailx to get things like Logwatch reports mailed to you.

Matt Herzog
  • 39
  • 3