Configure Email Notifications on Arch Linux

arch-linux-email-logo Email system notifications can be used to warn of system issues like failing hard drives or failed backup scripts. To send emails a mail server can be configured but it is more complicated than it needs to be for simple notifications. Another issue with a local mail server is that some ISP’s may be blocking outbound emails making this method potentially unreliable.

A simpler alternative is to let an external mail service like Gmail send the actual email. To achieve this s-nail mail processing system will be used with the optional SMTP extension. The downside of this approach is that you will need to store you password in a plain text configuration file and allow “less secure apps” in Google settings. To avoid compromising the primary email account I opted to create a dummy account just for sending system notifications. This way, even if the Gmail account is compromised there is no real harm as no Emails are stored in that account.

 

Configure s-nail

Install s-nail / mailx package.

sudo pacman -S s-nail

 

Create s-nail configuration file in the root or user home directory.

sudo nano /root/.mailrc

 

Add configuration options to the file.

account gmail {
   set smtp-use-starttls
   set smtp=smtp.gmail.com:587
   set smtp-auth=login
   set smtp-auth-user=username
   set smtp-auth-password=password
   set from="root <root@gmail.com>"
}

The account specifies the name of the email profile. The set smtp-use-startls option enables EHLO/STARTTLS. The set smtp value is specific to the email service provider. Autherntication type is defined with set smtp-auth option. Gmail username is defined with set smtp-auth-user option and is entered without the domain section. Similarly the Gmail password is specified with set smtp-auth-password option. The set from option defines the from address that will appear in the email. Text in in quotes has to have at least one character in angle brackets but the value is irrelevant as the from value will show up as the email address that actually sent the email and not the value that is entered in angle brackets.

 

Change the permission of the configuration file to prevent others from viewing your email password.

sudo chmod 0600 /root/.mailrc

 

Verify the configuration is functional by sending a test email.

echo "Sample Body" | sudo mail -v -A gmail -s "Sample Subject" emailaddress@gmail.com

The first option is prints the body of the email in quotes with an echo command. Verbose output is useful for troubleshooting purposes and is turned on with -v option. The -A option value needs to match the account defined in .mailrc file. Subject is specified in quotes preceded by the -s option. Last option is the destination email address.

The first time you send this test email it should fail. The reason is because “less secure apps” have not yet been enabled in Google settings. You should receive an email after this attempt letting you know there was an attempt to access your account, this means that the email was blocked by Google and would have otherwise been delivered.

 

Enable less secure apps in Gmail

Google by default blocks applications it it considers “less secure”. Any app that sends plain passwords to authenticate as opposed to OAuth 2.0 will fall in this category. Unfortunately many email utilities in Linux use plain passwords and are unlikely to be updated to OAuth 2.0 any time soon. So for the foreseeable future you will need to enable less secure apps in Google settings. To do this go to Less Secure Apps Settings page while logged in and change the selection from Turn off to Turn on.

 

Smartd Email Notification Script

Before proceeding make sure to configure automated SMART checks on Arch Linux.

 

Create email notification script.

sudo nano /etc/smartmontools/run.d/email

 

Copy the script changing variable values as needed.

#!/bin/sh

export HOME=~

EMAIL_HOST=$(curl -s checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')
EMAIL_EXEC="mail"
EMAIL_ACCOUNT="gmail"
EMAIL_SUBJECT="Smartd has detected $SMARTD_FAILTYPE error on $SMARTD_DEVICE"
read -d '' EMAIL_BODY << EOF
Smartd error details:

Error type:            $SMARTD_FAILTYPE
Device node:         $SMARTD_DEVICESTRING
Date occurred:       $SMARTD_TFIRST

Below is the full original message generated by smartd:
------------------------------------------------------------------------------------------

$SMARTD_FULLMESSAGE

------------------------------------------------------------------------------------------
EOF

echo "$EMAIL_BODY" | $EMAIL_EXEC -A $EMAIL_ACCOUNT -s "$EMAIL_SUBJECT" $SMARTD_ADDRESS

Since smartd fails to set the environmental variables, it needs to be done manually with the export HOME=~ line. It can be valuable to have the external IP address when errors occur. To get the external IP address an external service is used to retrieve the IP address which is then stored in $EMAIL_HOST variable. Path to the executable of the email utility is located in $EMAIL_EXEC variable. The email subject and body are stored in $EMAIL_SUBJECT and $EMAIL_BODY variables respectively.

Type of error smartd has detected is saved in $SMARTD_FAILTYPE variable. Device node of the device with an error is saved in $SMARTD_DEVICE variable while $SMARTD_DEVICESTRING variable also appends the device type. Date of the error is stored as a formatted string in $SMARTD_TFIRST variable. Summary of the error generated by smartd is stored in $SMARTD_MESSAGE variable while a full message is stored in $SMARTD_FULLMESSAGE variable.

 

Set execute permissions on the script.

sudo chmod +x /etc/smartmontools/run.d/email

 

Quick Reference

sudo pacman -S s-nail
sudo nano /root/.mailrc
sudo chmod 0600 /root/.mailrc
echo "Sample Body" | mailx -v -A gmail -s "Sample Subject" emailaddress@gmail.com

Less Secure Apps Settings

Configure automatic SMART checks on Arch Linux

sudo nano /etc/smartmontools/run.d/email
sudo chmod +x /etc/smartmontools/run.d/email

dom