Configuring mail forwarding for root
1 Environment #
This document applies to the following products and product versions:
SUSE Linux Enterprise Server 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3
SUSE Linux Enterprise High Availability Extension 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3, 15 SP2, 15 SP1, 15 GA
SUSE Linux Enterprise Desktop 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3
SUSE Linux Enterprise Real Time 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3
2 Introduction #
System daemons, cron
jobs, systemd
timers, and other applications can generate messages and send them to the
root
user of the system. By default, each user account owns a local
mailbox and will be notified about new mail messages upon login.
These messages can contain security-relevant reports and incidents that might require a quick response by the system administrator. To get notified about these messages in a timely fashion, it is strongly recommended to forward these mails to a dedicated remote email account that is regularly checked.
3 Requirements #
You have installed your product and your system is up and running.
The system is connected to the network.
You have a remote email account that reliably receives messages.
The yast2-mail package is installed. If not, run
zypper in yast2-mail
to install it.
4 Configuring mail forwarding #
The following procedure describes how to configure mail forwarding for the
root
user to a dedicated remote email account.
root
user #Install the yast2-mail package:
#
zypper in yast2-mail
Run the interactive YaST mail configuration:
#
yast mail
Choose
as and proceed with .Enter the address of the
. If necessary, configure . It is strongly recommended to to prevent potentially sensitive system data from being sent unencrypted over the network. Proceed with .Enter the email address to
and the configuration.Important: Do not accept remote SMTP connectionsDo not enable , otherwise the local machine will act as a mail relay.
Send a message to test whether the mail forwarding works correctly:
>
mail root
subject: test test .Check the remote email account for new messages. Your test message should arrive within minutes.
5 Summary #
You have now configured mail forwarding for the root
user.
6 Troubleshooting #
In case the test message does not arrive, perform the following steps to analyze the problem.
- Is the
postfix
daemon running? Check if the
postfix
daemon is running withsystemctl status postfix.service
. If the service is down, the output includes additional information on the cause of the problem.- Has the test message been sent?
Use the
mailq
command to verify that the test message has been sent. Upon success, the queue should be empty.- Is the outgoing mail server resolved correctly?
Check that the system resolves the mail server of the remote email account correctly. Run
host -t mx example.com
(where example.com is the is the domain of the email account configured in step 5.)- Can you reach the outgoing mail server?
Verify you can ping the mail server with
ping -c 5 mail.example.com
(where mail.example.com is the host name of the mail server returned by thehost
command in the previous step.)- Does the test message still not arrive?
If
mailq
reports the message has been sent successfully, the problem must be on the receiving end. Check the configuration of the remote email account and its spam folder.
7 Next steps #
Depending on the number of managed machines and the number of persons who need to be informed about system events, different email address models can be established:
Collect messages from different systems in an email account that is only accessed by a single person.
Collect messages from different systems in a group email account (aliases or mailing list) that can be accessed by all relevant persons.
Create separate email accounts for each system.
It is crucial that administrators regularly check the related email accounts. To facilitate this effort and identify important events, avoid sending unnecessary information. Configure applications to send only relevant information.