Linaro Android Infrastructure

Set up outgoing mail on EC2 instances

Bug #936787 reported by Paul Sokolovsky
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Linaro Android Infrastructure
Fix Released
High
Paul Sokolovsky
Linaro Android Infrastructure 2012.04
Linaro CI
Fix Released
Critical
Paul Sokolovsky
Linaro CI 2012.04

Bug Description

From Loic's mail:

On Tue, Feb 14, 2012, Loïc Minier wrote:
> * using some SMTP relay account; I've created a dedicated
> <email address hidden> gmail account for this purpose and we could
> use it on multiple instances as long as we know people wont report
> its output as spam and as long as traffic remains "reasonnable"
> (can't host a 1000 users service behind it I guess)

 I've set this up now; I had to:
 * create a 600 /etc/postfix/sasl_passwd with:
    [smtp.gmail.com]:submission ec2-relay:somepassword
 * postmap /etc/postfix/sasl_passwd
 * remove these lines from /etc/postfix/main.cf:
    relayhost =
    default_transport = error
    relay_transport = error
   (I guess the later two were added to avoid writing too many emails)
 * added these lines to /etc/postfix/main.cf:
=====================================================
# next-hop destination of non-local mail
relayhost = [smtp.gmail.com]:submission

# enable SASL authentication in the Postfix SMTP client
smtp_sasl_auth_enable = yes

# optional SMTP client lookup tables with one SASL username:password entry per
# remote hostname or domain, or sender address when sender-dependent
# authentication is enabled
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

# Postfix SMTP client SASL security options; drop noplaintext as to allow
# plaintext methods
smtp_sasl_security_options = noanonymous

# directory with PEM format certificate authority certificates that the Postfix
# SMTP client uses to verify a remote SMTP server certificate
smtp_tls_CApath = /etc/ssl/certs

# enable additional Postfix SMTP client logging of TLS activity; log TLS
# handshake and certificate information
smtp_tls_loglevel = 1

# default SMTP TLS security level for the Postfix SMTP client; opportunistic
# TLS
smtp_tls_security_level = may

# name of the file containing the optional Postfix SMTP client TLS session
# cache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
=====================================================
 * reload postfix
 * send a test email with echo coin | sendmail <email address hidden>
   -- arrived fine

 What remains to be done is setting up forwarding; I recommend:
 * add a root: ubuntu to /etc/aliases
 * add a ~ubuntu/.forward file with email addresses (one by line) which
   should receive the traffic
 * deal with emails which ended up in /var/mail/root and /ubuntu (mutt
   -f /var/mail/ubuntu, then "b" to bounce them and "d" to delete them)

Paul Sokolovsky (pfalcon)
Changed in linaro-android-infrastructure:
importance: Undecided → High
status: New → Triaged
Paul Sokolovsky (pfalcon)
Changed in linaro-android-infrastructure:
assignee: nobody → Paul Sokolovsky (pfalcon)
status: Triaged → In Progress
Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

apt-get install postfix (default choices for interactive config)

Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

Feb 23 16:19:14 ip-10-77-99-31 postfix/smtp[6502]: 8A14E643F: to=<email address hidden>, relay=smtp.gmail.com[74.125.93.109]:587, delay=2.6, delays=0.1/0.1/2.4/0, dsn=4.7.1, status=deferred (SASL authentication failed; server smtp.gmail.com[74.125.93.109] said: 535-5.7.1 Username and Password not accepted. Learn more at ?535 5.7.1 http://support.google.com/mail/bin/answer.py?answer=14257 f12sm5004883qan.1)

Need to know the actual password of ec2-relay.

Changed in linaro-android-infrastructure:
status: In Progress → Incomplete
status: Incomplete → In Progress
Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

Ok, got info from Loic, sendmail worked.

Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

Verified that mail sending works from android-build.linaro.org (somehow I didn't get that Loic set it up, and started to work on that, then saw it had been). Did also from-scratch setup on a fresh sandbox to to be sure I know how to do that. Sandbox (i-dc838ab9) is now removed.

Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

It turns out that ci.linaro.org doesn't have mailer configured, so we can't even receive cron notifications.

Changed in linaro-ci:
importance: Undecided → Critical
status: New → Confirmed
assignee: nobody → Paul Sokolovsky (pfalcon)
milestone: none → 2012.04
Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

Set up in ci.linaro.org

Changed in linaro-ci:
status: Confirmed → Fix Committed
Changed in linaro-android-infrastructure:
status: In Progress → Fix Committed
milestone: none → 2012.04
Paul Sokolovsky (pfalcon)
Changed in linaro-android-infrastructure:
status: Fix Committed → Fix Released
Paul Sokolovsky (pfalcon)
Changed in linaro-ci:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.