Thursday, April 24, 2014

Redirect local emails to a remote email account

My previous post is a guide for setting up exim4, an SMTP mail server, to use Gmail as a smarthost. One reason for setting up a mail server is to redirect my local root emails to an Internet email account that I actually monitor. In this way, I won't miss any security alert sent to the local root mailbox.

This post shows you how to set up email redirection. The instructions are similar for various mail servers: exim4, Postfix, or sendmail.

  1. Set up an SMTP server.
  2. Edit /etc/aliases as root.
    mailer-daemon: postmaster
    postmaster: root
    nobody: root
    hostmaster: root
    usenet: root
    news: root
    webmaster: root
    www: root
    ftp: root
    abuse: root
    noc: root
    security: root
    root: peter

    To the left of the colon is the mail alias defined on the local machine. You can send email to a local email alias, say security and the message will be redirected to the account(s) specified to the right of the colon.

    In many default mail server configurations, emails to any alias are forwarded to root. But often root itself is not redirected to a regularly monitored email account.

  3. Redirect root.

    Replace the root: peter line with the line below using your personal email address:

  4. Rebuild alias database.
    $ newaliases
    For sendmail, and Postfix, after you modify the alias file, you need to run the newaliases command to rebuild the mail alias database. For exim4, this step is not required because it relies solely on the alias file and NO database.

To test, send root an email, and verify that the message is delivered to the target remote email account.

$ echo 'Code red'| mail -s 'Hacker Alert' root


Michael Boratko said...

Do you know of any way of automatically adjusting the subject message or adding a line at the end of the body to indicate the sender address? I ask because I use this to monitor a couple servers, and now that Gmail forces rewriting of the sender email (as you mention) it means that I have to look at the message headers to see which server it originated from.

dhaval said...

Great post thanks for the detailed instructions.. Worked like a charm.