So I've been using LogWatch for a little while and wanted to customize it a bit, so this is one of the things I want to edit.
I want LogWatch to verify via SMTP?
My mailserver (iREDmail) has some quite strict rules regarding auth, so that I have to set a password for an account and it has to be in the system.
How do I set up LogWatch to STMP auth with email and password?
Hi if you want logwatch send mail using smtp account you can use package msmtp (debian) and configure logwatch to use it, it send smtp authenticated mail as result. You dont need postfix, setting itself dont affect existing MTA configuration in system.
Step 1 : install and test msmtp
apt-get install msmtp
configure it by create config file in user home folder
cd ~
touch ./.msmtprc
edit .msmtprc
edit and paste this content to suite your needs
account default
host mail.domain.tld
port 587
from user@domain.tld
auth on
user user@domain.tld
password myverysecretpass
tls on
tls_certcheck off
tls_certcheck off # if you dont want check ssl cert of mailserver
tls_trust_file mycacertificatefile # if you want check ca certificate
Save file and check/verify configuration using command
msmtp -S
Step 2 : edit configuration of logwatch
edit /etc/logwatch/conf/logwatch.conf
find existing mailer line and comment it. make new line and change target mail address
mailer = "/usr/bin/msmtp administrator@domain.tld"
Check that mail address in logwatch match mail in .msmtprc otherwise you will get Non Delivery Report back
MailFrom = user@domain.tld
save and run logwatch script, check email in target mailbox, if nothing comes check mailbox of user@domain.tld for Non Delivery Report for problems
This solution works for me, i get mail correct way and I using DMARC and DKIM correctly for reports i need.
The list of all valid Logwatch settings and their default values are in the default logwatch.conf file, which you can probably find in /usr/share/logwatch/default.conf/logwatch.conf. The Logwatch mail options are very limited; there's no authentication of any kind. The comments on the configuration file documents everything that is possible:
#Output/Format Options
#By default Logwatch will print to stdout in text with no encoding.
#To make email Default set Output = mail to save to file set Output = file
Output = stdout
#To make Html the default formatting Format = html
Format = text
#To make Base64 [aka uuencode] Encode = base64
Encode = none
# Default person to mail reports to. Can be a local account or a
# complete email address. Variable Output should be set to mail, or
# --output mail should be passed on command line to enable mail feature.
MailTo = root
# WHen using option --multiemail, it is possible to specify a different
# email recipient per host processed. For example, to send the report
# for hostname host1 to user@example.com, use:
#Mailto_host1 = user@example.com
# Multiple recipients can be specified by separating them with a space.
# Default person to mail reports from. Can be a local account or a
# complete email address.
MailFrom = Logwatch
This indicates you must allow Logwatch to send email without authentication on the local MTA.
Using authentication is probably enforced in Postfix by using
smtpd_client_restrictions = permit_sasl_authenticated,rejectsmtpd_sender_restrictions = reject_sender_login_mismatch.These are normal settings on submission on port 587, but having permit_mynetworks on the Postfix smtpd listening on port 25 will allow local users to send mail without authentication. This should normally be enough for letting Logwatch to send mail.
Your iRedMail uses Postfix as a Mail Transfer Agent (MTA). iRedMail documentation also has article for allowing user to send email without SMTP authentication using two different methods. Both of them involves manual editing of configuration files. You should add your Logwatch as an allowed sender.
