How to setup SSMTP on Debian/Respbian for domain other than GMail

Question

Folks....I posted this question on the Raspberry Pi forum and got no replies. Hopefully you can help me?

I'm using a Raspberry Pi B+ running Raspbian OS.

I have set up e-mail using this link: http://rpi.tnet.com/project/faqs/smtp

sudo apt-get install ssmtp 
sudo apt-get install mailutils
sudo apt-get install mpack

and then configured it like this

#
# Config file for sSMTP sendmail
#

root=me@mydomain.com

# The full hostname
hostname=MyRasPi

AuthUser=me@gmail.com
AuthPass=myGmailpw
FromLineOverride=YES
mailhub=smtp.gmail.com:587
UseSTARTTLS=YES

#AuthUser=me@mydomain.com
#AuthPass=mypw
#mailhub=mail.mydomain.com:465

The above setup works and the test line

echo "sample text" | mail -s "Subject" myid@hotmail.com

works with the note arriving at my Hotmail account.

But, in fact, I do not want to use Google's Gmail system. I have my own domain and mail server.

I modified the above ssmtp.conf to use the hash-ed out lines to replace the Gmail lines. When I use Outlook I have to configure my outgoing (SMTP) server "requires authentication" and needs to use SSL and port 465. When I now try the above mail command it just hangs and I have to control-C to get back to the command line prompt.

What am I doing wrong? Thanks...RDK

Answer 1

try to use postfix to configure gmail forward. Somehow ssmtp is not compatible with gmail anymore, even the account has enabled authentication by less secure application.

see the tutorial below:

https://www.howtoforge.com/tutorial/configure-postfix-to-use-gmail-as-a-mail-relay/

http://www.algissalys.com/network-security/send-email-from-raspberry-pi-command-line

Answer 2

I know I am late to the party, but this is this reason this didn't work for you:

Port 465 doesn't use STARTTLS (which is basically first connecting with a plaintext connection and then switching to TLS), but directly establishes a SSL/TLS connection.

So you should probably use the following options:

UseTLS=YES
UseSTARTTLS=NO

However, this is still completely insecure:

I wanted to use ssmtp today too, but noticed that it does NOT verify the SSL/TLS certificate of the remote server on the current debian & ubuntu releases and also does NOT verify the hostname of the certificate. This is a major issue, as this effectively renders the encryption useless and your password is being transmitted alike to being plaintext and anyone can sniff it. This has also been reported in a debian bug, but there has not been any progress for years: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662960

The ssmtp version in the Redhat packages has been patched to atleast verify the certificate, but the hostname is still NOT being verified and the encryption is therefore as insecure as on debian/ubuntu. There is a bug for this, but there is also no progress for years: https://bugzilla.redhat.com/show_bug.cgi?id=864894

So, if you care about the security of the email account you use for your servers outgoing emails, do NOT use ssmtp.

ssmtp has had no active development since atleast 2009: https://anonscm.debian.org/gitweb/?p=ssmtp/ssmtp.git

After researching other solutions, like nullmailer and msmtp, I decided to settle on using postfix, as it is so much easier to set up and can easily be configured for just outgoing mails, and it's easy to use just the features you need without it acting as a full MTA.

Here is an example with the most important postfix settings for this: https://unix.stackexchange.com/questions/116805/how-to-install-postfix-for-sending-mails-to-admin-only/118101#118101