SFTP Gateway emails private keys via sendmail. The AWS public IP range tends to be flagged by spam filters. One workaround is to proxy the email through a relay. Here is an example of how to do this with gmail.

  1. Elevate to the root user: sudo su

  2. Navigate to the mail directory: cd /etc/mail

  3. Create a directory to hold authentication info (this directory must be read/write for root only): mkdir -m 700 authinfo

  4. Create an authentication file in this directory that holds relay credentials: echo 'AuthInfo: "U: <user>" "I: <email_address>" "P: <password>"' > authinfo/auth

  5. Create a hash of the auth file: makemap hash authinfo/auth < authinfo/auth

    This will create a hash file auth.db.

  6. Edit the sendmail.mc file: vim sendmail.mc

    # uncomment the line "dnl # define(`SMART_HOST', `smtp.your.provider')dnl"
    26 define(`SMART_HOST', `smtp.gmail.com')dnl
    
    # add these lines below smart host
    27 define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
    28 define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
    29 FEATURE(`authinfo', `hash -o /etc/mail/authinfo/authinfo.db')dnl
    
    # uncomment lines 44, 52, and 53
    44 define(`confAUTH_OPTIONS', `A p')dnl
    52 TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
    53 define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
    
  7. Install sendmail-cf yum install -y sendmail-cf

  8. Rebuild the sendmail configuration: make -C /etc/mail

  9. Reload the sendmail service: /etc/init.d/sendmail reload

Now emails sent by SFTP Gateway will be relayed through the external SMTP server. They will appear to come from the email address specified in the "I:" section of the auth info.