Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]

Configuring mail forwarding for root

Publication Date: 09/24/2021

1 Environment

  • File Name: task-forward-root-mail.xml
  • ID: environment-

This document applies to the following products and product versions:

  • SUSE Linux Enterprise Server 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise Server for SAP Applications 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise High Availability Extension 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise High Performance Computing 15 SP3, 15 SP2, 15 SP1, 15 GA

  • SUSE Linux Enterprise Desktop 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise Real Time 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

2 Introduction

  • File Name: task-forward-root-mail.xml
  • ID: introduction-forward-root-mail

System daemons, cron jobs, systemd timers, and other applications can generate messages and send them to the root user of the system. By default, each user account owns a local mailbox and will be notified about new mail messages upon login.

These messages can contain security-relevant reports and incidents that might require a quick response by the system administrator. To get notified about these messages in a timely fashion, it is strongly recommended to forward these mails to a dedicated remote email account that is regularly checked.

3 Requirements

  • File Name: task-forward-root-mail.xml
  • ID: requirements-forward-root-mail
  • You have installed your product and your system is up and running.

  • The system is connected to the network.

  • You have a remote mail account that reliably receives mail.

  • The yast2-mail package is installed. If not, run zypper in yast2-mail to install it.

4 Configuring mail forwarding

  • File Name: task-forward-root-mail.xml
  • ID: forward-root-mail

The following procedure describes how to configure mail forwarding for the root user to a dedicated remote email account.

Procedure 1: Configure mail forwarding for the root user
  1. Install the yast2-mail package:

    root # zypper in yast2-mail
  2. Run the interactive YaST mail configuration:

    root # yast mail
  3. Choose Permanent as Connection type and proceed with Next.

  4. Enter the address of the Outgoing mail server. If necessary, configure Authentication. It is strongly recommended to Enforce TLS encryption to avoid possibly sensitive system data from being sent unencrypted over the network. Proceed with Next.

  5. Enter the email address to Forward root's mail to and Finish the configuration.

    Important
    Important: Do not accept remote SMTP connections

    Do not enable Accept remote SMTP connections, otherwise the local machine will act as a mail relay.

  6. Send a mail to test whether the mail forwarding works correctly:

    tux > mail root
         subject: test
         test
         .
  7. Check the remote mail account for new mail. Your test mail should arrive within minutes.

5 Summary

  • File Name: task-forward-root-mail.xml
  • ID: summary-forward-root-mail

You have now configured mail forwarding for the root user.

6 Troubleshooting

  • File Name: task-forward-root-mail.xml
  • ID: troubleshooting-forward-root-mail

In case the test mail does not arrive, perform the following steps to analyze the problem.

Is the postfix daemon running?

Check if the postfix daemon is running with systemctl status postfix.service. If the service is down, the output includes additional information about the reason.

Was the test mail sent?

Use the mailq command to verify that the test mail has been sent. Upon success, no mail should be pending in the queue.

Is the outgoing mail server is resolved correctly?

Check that the system resolves the mail server for the remote email account correctly. Run host -t mx example.com (where example.com is the is the domain of the email account configured in step 5.)

Can you reach the outgoing mail server?

Verify you can ping the mail server with ping -c 5 mail.example.com (where mail.example.com is the host name of the mail server returned by the host command in the previous step.)

Is the test mail still not arriving?

If mailq reports the mail was sent successfully, the problem must be on the receiving end. Check the configuration of the remote mail account and it's spam folder.

7 Next steps

  • File Name: task-forward-root-mail.xml
  • ID: next-forward-root-mail

Depending on the number of machines administered and the number of people that need to be informed about system events, different email address models can be established:

  • collect mails from different systems in a single mail account that is only accessible to a single person.

  • collect mails from different systems in a group mail account (mailing list) that can be accessed by a range of interested people.

  • create a separate mail account for each system.

It is crucial that administrators regularly check the related mail accounts. To facilitate this effort and identify events of importance easily, avoid sending unnecessary information. Configure applications that send messages to only generate relevant information.

Print this page