Configuration free sendmail/mail alternative - a 30 line script file

If the only thing a server uses mail for is system notifications, life can be simplified.
Skip sendmail/mail program installation and configuration. No need to worry if the SMPT server is a security risk. Instead, set up a simple script which sends all notifications via an HTTPS API to an MTA (Mail Transfer Agent).

How is this possible? Because any notifcation is sent using one of the executables mail or sendmail So those executable only have to be sustututed with links to out simple script file.

Of course the mail and sendmail programs have different commend line interfaces (e.g., for specifiying the “to” and “from” fields, so won’t that be a problem? Well, we’ll just send the command line args in their raw form as text at the top of the message. Both mail and sendmail read stdin for the message body, so that is the same.

Some background

show/hide details

The sendmail interface is the Linux standard for Linux system programs to send notifications to the system administrator. But sendmail (or subtitutes such as postfix) also carry a lot of other functionality (or baggage depending on your POV).

Removing sendmail (or it’s generic replacement) service reduces system complexity. In the authors case, postfix was suddenly causing network failure on bootup. Removing postfix solved the bootup network failure problem. Re-installing postfix or some other substitute generic sendmail program, dealing with the settings and possible debugging, all seemed non-optimal considering the desired functionality was so limited. Hence this solution.


Solution

To keep things simple we will write a program which sends a message composed two parts:

  1. The command line arguments passed on the sendmail executable command line.
  2. The standard input passed to the sendmail executable - this will contain some header information followed by the message body.

We won’t try to parse the header for to, from, or subject. An improved version might try to do that with subject.

This example requires an existing account at Mailgun. A free one will do - that currently (July 2018) offers up to 10,000 mails a month. The simplest free account doesn’t require any payment info, but only allows a few ‘To’ addresses, which must be verified. That’s actually prefereable for our use-case: a hijacked key could’t even be used for broadcast spamming.

Python script

Here is the Python3 script code:


Bash script

Alternatively it could be accomplished by this bash script. Note it includes code to identify the caller, which is harder to do in Python.


Replacing sendmail with a simple scriptfile.

Remove (generic) sendmail if necessary.

Test if sendmail or generic sendmail substitute is installed:

which sendmail

If it is installed then it must be removed. If it is a generic substitute, you will have determine which program to remove.

Remove with

sudo apt purge sendmail

or

sudo apt purge postfix

or whatever.

Check the sendmail binary has really been removed.

which sendmail

No you can put your own executable named sendmail in the system path.

Free mailgun account

This shows how to register for a free Mailgun account that doesn’t require payment information.

You must register the desired target mail address and prove that you own it by reading a mail that Mailgun sends to that address. Below we use the imaginary address somebody@somewhere.com. Please always replace this with a real mail address you own.

  • Go to the Mailgun signup page. Enter basic account information including email address somebody@somewhere.com. Uncheck the payment information box. Submit.

  • Open somebody@somewhere.com and to see the confirmation mail from Mailgun. Click on the link. You will be prompted to enter a cell phone number to which they will send a code. Once you enter the code, you will be redirected to your new Mailgun account page.

  • You will see a box “Message Delivery“ with a line “Free accounts are restricted to authorized recipients only.“. Click the “Add Recipients“ button underneath that line, and enter your address somebody@somewhere.com. A new screen will appear. Click Invite New Recipient and enter somebody@somewhere.com*.

  • Then open your account somebody@somewhere.com, read the mail from Mailgun:

Mailgun account “gooio” provided your address to test their integration with Mailgun.
Please click the link below if you agree to receive emails from their account.
I agree

Click I agree.

  • Go back to the setup page, copy and paste the example curl .... command into your server CLI and test the mail goes through.

The full curl command looks something like this:

curl -s --user 'api:(your api)' \
https://api.mailgun.net/v3/(your domain)/messages \
-F from='Mailgun Sandbox <postmaster@(your domain)>' \
-F to='My Name <somebody@somewhere.com>' \
-F subject='Hello My Name' \
-F text='Congratulations My Name, you just sent an email with Mailgun! You are truly awesome!'

Your assigned domain and key can also be found on the Mailgun domain page.

If you have a domains under your control, you can also register that with Mailgun. That is not necessarily essential for the functionality described in this post, but it would allow the mails to appear as coming from your own domain, which might affect whether it is categorized as junk mail.