Using Gmail as a mail relay

Why use Gmail as a mail relay?

Most servers (even those that are not configured to be mail servers) are often required to send out emails such as backup confirmations, alerts, self-status reports and suchlike. In order to do this, a local mail server is usually installed and configured. Running a full mail server is often overkill for simply relaying a small number of routine messages per day. It also represents an additional attack interface to the server that must be kept up to date and configured securely. A way to avoid this is to use Google's Gmail service as the mail relay. Google allows an external server to connect to their systems using the account credentials, and with a forwarding address configured, the emails will arrive at whatever email address you would like. In addition, all the messages will be retained and backed up in the Gmail account.

Setting up the Gmail relay

Step One: Configuring the Gmail account

The first thing that is required is a Gmail account. It is a good idea (and free), to set up a new account solely dedicated to being the mail relay, as the password will be stored in plain text on your server. This only takes a couple of minutes and can be done from the Gmail home page.

Once you have created the account it requires some additional configuration; Gmail's default setting is to disallow it's use a mail relay. This setting can be changed via the My Account section of your new Google account. This can be found by firstly, logging into your Gmail account, and then hitting the grid button, and clicking on My Account button as shown here:

Once the My Account page loads you need to click on the link marked Sign-in & security:

Then scroll down to the bottom of the page and toggle the Allow less secure apps: OFF to Allow less secure apps: ON:

Gmail will now accept mail from your server and relay it to any address you want.

Server configuration

The program that we will use to relay the mail through Gmail is called Mutt. It is a mail client like Thunderbird or Outlook but is designed to be used from the command line. Once we have configured Mutt to log into Gmail, we can simply configure other linux command line tools to direct their output to Mutt which will send it on to Gmail who will in turn send it on to it's final destination.

First you will need to log into the command line of your server via SSH as root.

To install Mutt and some additional packages needed to interface securely with Gmail, run the following on Debian or Ubuntu:

apt-get update && apt-get upgrade
apt-get install mutt gnutls-bin libsasl2-2 openssl

Once the install completes a configuration file will need to be created, containing all the necessary Gmail settings. This file is located at ~/.muttrc and can be created and edited with the following command:

nano /root/.muttrc

This will simultaneously create the file and open it with the nano text editor.

Once open, place the following four lines:

set realname = 'Real Name' 
set from = '<GMAIL-ID>@gmail.com' 
set smtp_url = 'smtps://<GMAIL-ID>@gmail.com@smtp.gmail.com:465/' 
set smtp_pass = 'SuperSecurePassword'

The above text needs to be changed to match the details for the Gmail account you intend to use. The definition of each line is as follows:

  • set realname – This is the “Real Name” that you configured when you created the Gmail account. You can set this to be anything you like, however, something similar to Server Notification would be advisable and enable easy filtering at the destination.
  • set from – This is the Gmail address of the account you are using to relay mail through. Change the <GMAIL-ID> to match your Gmail account.
  • set smtp_url – This rather long URL only needs modifying by changing the <GMAIL-ID> part with your Gmail address, i.e. the part before the @gmail.com
  • set smtp_pass – You Gmail account password.

Save the file when it is configured. Now test the configuration with the following command:

echo "Test notification email body" | mutt -s "Test Notification Subject line" John@Example.com

You will need to change the final email address to an address you own (and not the Gmail account's address) to ensure that the emails are getting relayed correctly.

Once completed, you will be able to send something like a backup processes. This is initiated from the crontab can be configured to send completion messages. A crontab line like the following:

0 5 * * 1 /usr/bin/backup-script.sh && echo "Backup completed successfully on $HOSTNAME at `date`” | mutt -s "Examplaaa4 backup complete" John@Example.com

The above command will execute a backup script at /usr/bin/backup-script.sh and, if it completes successfully, will send a completion message via Mutt to the email address listed.

Similarly, if you would like to be alerted every time someone logs into your server as root, then the following line will email an alert containing the persons IP address and the time and date of their login.

echo "Someone has just logged into $HOSTNAME as root from IP `who | awk '{print $5}'` at `date`"  | mutt -s "Root Login on $HOSTNAME" John@example.com

That line needs copying and pasting into root's .bashrc file with the following command:

nano /root/.bashrc

You will need to change the final email address to the destination where you would like to receive the alert.

As you can see any time you need the server to send an alert or message you simply need to add a line with the following syntax:

echo "Message body" | mutt -s "Message Subject" user@domain.com

This is the configuration to relay that message to the address of your choice via Gmail.

Last updated 28 June 2017, 13:41 GMT