This article describes how to install and use sSMTP in a secure manner on a FreeBSD system. It has been tested with FreeBSD 6.2, but will probably work equally with other versions.
Use this guide if you are in the following situation:
- you have some basic knowledge of FreeBSD system maintenance;
- you have an ISP that supports authenticated SMTP over SSL;
- you want to be able to send mail from your machine, via your ISP;
- you want the SMTP authentication details to remain confidential, not readable by all users on the system.
For the example, the following settings will be used:
Local hostname: |
mybox |
SMTP server: |
mail.example.com |
SMTP server username: |
john |
SMTP server password: |
Secret1 |
[Step 1] Disable Sendmail completely by setting the following in your /etc/rc.conf file:
sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO"
Note that changes in your /etc/rc.conf file will only take effect when you reboot. So the Sendmail daemon (sendmail) may still be running.
[Step 2] Kill the Sendmail daemon if it is running:
sudo killall sendmail
Note: I'm assuming you are using sudo, but alternatively you could switch to the root account using su.
[Step 3] Install sSMTP:
cd /usr/ports/mail/ssmtp/ sudo make install replace
The install action installs sSMTP, while the replace action replaces sendmail as the default mailer in /etc/mail/mailer.conf.
You now have sSMTP installed, and the command sendmail will invoke the ssmtp executable. But you haven't told sSMTP which SMTP server to use with which credentials. These settings are looked for in the sSMTP configuration file at /usr/local/etc/ssmtp/ssmtp.conf. The port does not install this file, it only installs an example in /usr/local/etc/ssmtp/ssmtp.conf.sample.
Before doing anything else, we will want to protect the sSMTP configuration files to make sure only the ssmtp executable can read it, and not every account on the machine.
[Step 4] Create an ssmtp user:
sudo pw useradd ssmtp -g nogroup -h - -s /sbin/nologin -d /nonexistent -c "sSMTP pseudo-user"
This will stick the ssmtp user in the nogroup group, disallowing password-based logins (-h).
[Step 5] Set the correct owner and permissions on the sSMTP configuration directory. We set the setuid bit (see chmod(1) to make sure new files in the directory will be owned by the user ssmtp as well:
cd /usr/local/etc/ssmtp chown ssmtp:wheel . chmod 4750 .
[Step 6] Create the sSMTP configuration file with the correct permissions:
sudo cp ssmtp.conf.sample ssmtp.conf sudo chown ssmtp:wheel . ssmtp.conf sudo chmod 640 ssmtp.conf
[Step 7] Enter your configuration details in the ssmtp.conf file. Modify this example to fit your situation:
MailHub=mail.example.com:465 # Mail server to connect to (port 465 is SMTP/SSL) UseTLS=YES # Enable SSL/TLS AuthUser=john # Username for SMTP AUTH AuthPass=Secret1 # Password for SMTP AUTH FromLineOverride=YES # Force the From: address to the user account Hostname=myhost.example.com # Name of this host RewriteDomain=myhost.example.com # Where the mail will seem to come from Root=postmaster # Mail for root@ is redirected to postmaster@
Now the configuration file is set up and protected from unauthorized eyes, the ssmtp executable should be given access to the file. To accomplish this, we will let it run as the ssmtp user.
[Step 8] Make the ssmtp executable owned by the ssmtp user and mark it SUID:
chown ssmtp:nogroup /usr/local/sbin/ssmtp chmod 4555 /usr/local/sbin/ssmtp
[Step 9] Run some tests as an unprivileged user:
$ cat /usr/local/etc/ssmtp/ssmtp.conf cat: /usr/local/etc/ssmtp/ssmtp.conf: Permission denied $ sendmail john@example.com < /etc/rc.conf
Feedback is welcome at <ernst AT ernstdehaan DOT com>