Articles

Configuring Your Linux Server for Email Notifications

It's common to run a Linux server that needs to send email from time to time. This might be a requirement of a web application (e.g. for password management), and/or the system itself might send email to its root account if some process reports an error (automated hard disk monitoring with Smartmontools is a valuable example of this).

You can install a fully featured mail transport agent (MTA) like Postfix for that, but this is a complex task that's made more complex in the face of barricades put up by other mail servers to fight spam. It makes more sense to install a very simple agent that in turn hands off the final delivery task to a professionally maintained MTA such as the one provided by your internet service provider (ISP).

Your ISP's MTA is a good choice for this because you are their customer and they expect to manage mail on your behalf. You could instead use something like Google Mail for that, but it will generally present more obstacles because it's open to the public.

Here I will show an example where your ISP is Comcast. On the server we will install SSMTP and Mailx for mail transport. SSMTP is a simple MTA proxy and Mailx is a simple Mail User Agent (MUA). To install these on an Ubuntu or Debian server, do this:

    sudo apt-get install ssmtp
    sudo apt-get install bsd-mailx

Be sure to install ssmtp first, otherwise bsd-mailx will bring in postfix as its default MTA.

Next, make sure you have your email login ID and password for your Comcast email account. These are needed because Comcast will require authentication before forwarding email to ensure you are not a random spammer.

Then edit the file /etc/ssmtp/ssmtp.conf so that it looks something like this:

    root=YourNormalEmailAddress
    mailhub=smtp.comcast.net:587
    UseSTARTTLS=YES
    UseTLS=YES
    AuthUser=YourComcastLogin
    AuthPass=YourComcastPassword
    rewritedomain=SomeDomainName.com
    hostname=AnyHostName
    FromLineOverride=YES

Substitute YourNormalEmailAddress, YourComcastLogin, YourComcastPassword, SomeDomainName.com and AnyHostName as appropriate. SomeDomainName.com might be any valid domain, or perhaps comcast.net. If the login name is an email address then it probably ends with "@comcast.net". YourNormalEmailAddress is whatever email address you want system notifications to go to, for example someone@gmail.com; it is commonly not your ISP email.

You can leave the existing commented-out lines in there as helpful documentation.

Then you can test email sending to your normal email account with a command like this:

  echo test | mail -v -s "testing ssmtp setup" root

Or you can use a full email address like "someone@somewhere.com" instead of "root".

Make sure the command completes without errors, and that you receive the email. It may be in your Spam folder.

Transitioning from Windows 7/8 OEM to Windows 10 Virtual Machine

I have a laptop that came with Windows 7 and added Linux Mint for dual boot, but have always been annoyed by the need to interrupt my Mint session to do something in Windows. From time to time I've thought it would be nice to put it in a VM instead, but the task seemed too much trouble and also I hated the thought of sending more money to the Evil Empire for something I already owned.

When I somehow messed up the Windows partition and made it unbootable this became more pressing. Also I wanted to take advantage of the free upgrade to Win 10 before it expires on July 29.

With some web searching I learned that it's possible to install a standard Windows 7 (or 8 or 8.1) into a VirtualBox VM using an OEM product key. I was able to do this and then upgrade to Windows 10. It occurs me that the steps I worked out may be useful to others, so I am listing them below. This assumes you will also upgrade to Win 10... if not, modify accordingly.

Already upgraded to Windows 10? You can fresh-install it to a VM and then *maybe* transfer the entitlement by contacting Microsoft support via the app for that. See this article.

Due to trial and error the following steps are not exactly what I did, but are what I would do in hindsight. If you find any mistakes please let me know.

Prerequisites for the host computer:

  • Linux installed.
  • VirtualBox installed.
  • At least 6 GB total RAM and 60 GB available disk space.
  • Product key for the original Windows 7, 8 or 8.1 install that came with your computer.
  • Broadband Internet access.

Here's what to do:

  1. Look at the Microsoft sticker on your computer and note the Windows version and product key.

  2. Find an ISO download for the Windows 7 SP1 (or 8 or 8.1) flavor that matches your OEM install. It will likely be a torrent as MS no longer makes them available unless you have a non-OEM product key. File names and their SHA1 checksums may be found here.

  3. Download it, compute the SHA1 checksum (use sha1sum in Linux) and either verify it against the above or do a web search for that checksum to make sure it's legit.

  4. Make a VirtualBox VM for Windows 10 with at least 3 GB RAM and 40 GB virtual disk. It's important that it has the CPU support for Win 10 so you can upgrade to that later. In the examples below we assume you named it "WinVM".

  5. Attach the ISO to the virtual DVD drive of the new VM and start it up.

  6. Install Windows and put in your OEM product key when prompted.

  7. After the install is done, activate it as instructed with a phone call to Microsoft.

  8. If this is Windows 7, run Internet Explorer inside the VM and install this single update. This installs a newer version of Windows Update which is helpful because the original one is very slow! The new one is also slow, but hopefully not so much.

  9. Also at this time download the "sdelete" utility and put it in a new folder somewhere in the VM.

  10. Run Windows Update and install all the important and optional updates. This will take hours! There will be some reboots involved. Windows Update appears to have a memory leak so if the VM is short on memory (less than 3-4 GB) I suggest breaking this up into multiple update sessions.

  11. You should now have the Windows 10 upgrade offer on your taskbar. Proceed with that upgrade, or skip this step if you don't want to yet.

  12. Make sure the new Windows installation is still activated (Settings -> Updates & Security -> Activation).

  13. Install VirtualBox Guest Additions into the VM, and any other applications that you care to install before storage optimization.

  14. Run Disk Cleanup to remove all unnecessary files that it can possibly remove.

  15. Open a command prompt in the VM, go to the directory where you put sdelete and type this command to zero out unused space:
    sdelete -z

  16. Shut down the VM and make a clone of it using the VirtualBox GUI. I named mine "Win10". Because you ran sdelete this will take up much less disk space on the host computer.

  17. Do this at the Linux command line to get the hardware UUID of the old VM:
    VBoxManage showvminfo WinVM | grep 'Hardware UUID'

  18. Do the following to set the new "Win10" VM to the same hardware UUID and thus avoiding activation failure.
    VBoxManage modifyvm Win10 --hardwareuuid xxxx
    ... where xxxx is the UUID shown by the previous step.

  19. Boot up the clone and make sure it still shows as activated.

  20. Once you are satisfied the clone is OK, remove the old bloated WinVM machine via the VirtualBox GUI.

For future cloning it should not be necessary to set the hardware UUID again, as step 18 should cause it to be preserved.

Email Encryption with S/MIME

Email encryption is not widely documented in a way that most people can understand it or how to set it up. This is my small attempt to help you get started.

There are two common choices, PGP and S/MIME. I tried PGP using Thunderbird's EnigMail extension and was not very pleased with it; it did not seem very flexible with supported message formats, and my colleagues using Windows did not have an easy way to use it. S/MIME seems to be better in both of these respects. Here's how I set it up on Thunderbird with a free certificate using Firefox (other email clients and browsers will also work but I don't have specifics for them):

  1. With Firefox browse to https://www.startssl.com/.

  2. Click Sign-up.

  3. Put in your email address and wait to receive email from validation@startssl.com.

  4. Copy the emailed verification code into the sign-up form.

  5. You will see "The login certificate is installed in your computer". Now you have a free personal client certificate from a widely recognized certificate authority good for more than 3 years. Nice!

  6. In Firefox go to Edit -> Preferences -> Advanced -> Certificates -> View Certificates -> Your Certificates. Highlight the new one from Startcom and click "Backup..." and back it up to a file somewhere. Use a password that you will remember.

  7. In Thunderbird go to Edit -> Account Settings -> Security -> View Certificates -> Import and import the backup saved in the previous step. Close the Certificate Manager window.

  8. In the still-open Account Settings window select the imported certificate for signing and encryption, and click OK.

Now email that you sign will include your public key so that others can send encrypted mail to you. Enjoy!

Syndicate content