Routing sendmail through external SMTP relay
The latest version of SFTP Gateway is version 3.x, which can be found on the AWS, Azure and Google Cloud Marketplaces.
Visit our Website to see who uses SFTP Gateway and watch this short video to see what SFTP Gateway is all about!
The following are links to the documentation for each version of SFTP Gateway:
- Version 3 on AWS (latest)
- Version 3 on Azure (latest)
- Version 3 on Google Cloud (latest)
- Version 2 on AWS
- Version 2 on Azure
The remainder of the article pertains to Version 1 (Classic) on AWS.
SFTP Gateway emails private keys via sendmail. The AWS public IP range tends to be flagged by spam filters. One workaround is to proxy the email through a relay. Here is an example of how to do this with gmail.
Elevate to the root user:
Navigate to the mail directory:
Create a directory to hold authentication info (this directory must be read/write for root only):
mkdir -m 700 authinfo
Create an authentication file in this directory that holds relay credentials:
echo 'AuthInfo: "U: <user>" "I: <email_address>" "P: <password>"' > authinfo/auth
Create a hash of the auth file:
makemap hash authinfo/auth < authinfo/auth
This will create a hash file
Edit the sendmail.mc file:
# uncomment the line "dnl # define(`SMART_HOST', `smtp.your.provider')dnl" 26 define(`SMART_HOST', `smtp.gmail.com')dnl # add these lines below smart host 27 define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl 28 define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl 29 FEATURE(`authinfo', `hash -o /etc/mail/authinfo/authinfo.db')dnl # uncomment lines 44, 52, and 53 44 define(`confAUTH_OPTIONS', `A p')dnl 52 TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl 53 define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
yum install -y sendmail-cf
Rebuild the sendmail configuration:
make -C /etc/mail
Reload the sendmail service:
Now emails sent by SFTP Gateway will be relayed through the external SMTP server. They will appear to come from the
email address specified in the
"I:" section of the auth info.