Jump to content

Configuring mail forwarding for root

Publication Date: 11/25/2021

1 Environment

  • File Name: task-forward-root-mail.xml
  • ID: environment-forward-root-mail

This document applies to the following products and product versions:

  • SUSE Linux Enterprise Server 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise Server for SAP Applications 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise High Availability Extension 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise High Performance Computing 15 SP3, 15 SP2, 15 SP1, 15 GA

  • SUSE Linux Enterprise Desktop 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

  • SUSE Linux Enterprise Real Time 15 SP3, 15 SP2, 15 SP1, 15 GA, 12 SP5, 12 SP4, 12 SP3

2 Introduction

  • File Name: task-forward-root-mail.xml
  • ID: introduction-forward-root-mail

System daemons, cron jobs, systemd timers, and other applications can generate messages and send them to the root user of the system. By default, each user account owns a local mailbox and will be notified about new mail messages upon login.

These messages can contain security-relevant reports and incidents that might require a quick response by the system administrator. To get notified about these messages in a timely fashion, it is strongly recommended to forward these mails to a dedicated remote email account that is regularly checked.

3 Requirements

  • File Name: task-forward-root-mail.xml
  • ID: requirements-forward-root-mail
  • You have installed your product and your system is up and running.

  • The system is connected to the network.

  • You have a remote email account that reliably receives messages.

  • The yast2-mail package is installed. If not, run zypper in yast2-mail to install it.

4 Configuring mail forwarding

  • File Name: task-forward-root-mail.xml
  • ID: forward-root-mail

The following procedure describes how to configure mail forwarding for the root user to a dedicated remote email account.

Procedure 1: Configure mail forwarding for the root user
  1. Install the yast2-mail package:

    root # zypper in yast2-mail
  2. Run the interactive YaST mail configuration:

    root # yast mail
  3. Choose Permanent as Connection type and proceed with Next.

  4. Enter the address of the Outgoing mail server. If necessary, configure Authentication. It is strongly recommended to Enforce TLS encryption to prevent potentially sensitive system data from being sent unencrypted over the network. Proceed with Next.

  5. Enter the email address to Forward root's mail to and Finish the configuration.

    Important
    Important: Do not accept remote SMTP connections

    Do not enable Accept remote SMTP connections, otherwise the local machine will act as a mail relay.

  6. Send a message to test whether the mail forwarding works correctly:

    tux > mail root
         subject: test
         test
         .
  7. Check the remote email account for new messages. Your test message should arrive within minutes.

5 Summary

  • File Name: task-forward-root-mail.xml
  • ID: summary-forward-root-mail

You have now configured mail forwarding for the root user.

6 Troubleshooting

  • File Name: task-forward-root-mail.xml
  • ID: troubleshooting-forward-root-mail

In case the test message does not arrive, perform the following steps to analyze the problem.

Is the postfix daemon running?

Check if the postfix daemon is running with systemctl status postfix.service. If the service is down, the output includes additional information on the cause of the problem.

Has the test message been sent?

Use the mailq command to verify that the test message has been sent. Upon success, the queue should be empty.

Is the outgoing mail server resolved correctly?

Check that the system resolves the mail server of the remote email account correctly. Run host -t mx example.com (where example.com is the is the domain of the email account configured in step 5.)

Can you reach the outgoing mail server?

Verify you can ping the mail server with ping -c 5 mail.example.com (where mail.example.com is the host name of the mail server returned by the host command in the previous step.)

Does the test message still not arrive?

If mailq reports the message has been sent successfully, the problem must be on the receiving end. Check the configuration of the remote email account and its spam folder.

7 Next steps

  • File Name: task-forward-root-mail.xml
  • ID: next-forward-root-mail

Depending on the number of managed machines and the number of persons who need to be informed about system events, different email address models can be established:

  • Collect messages from different systems in an email account that is only accessed by a single person.

  • Collect messages from different systems in a group email account (aliases or mailing list) that can be accessed by all relevant persons.

  • Create separate email accounts for each system.

It is crucial that administrators regularly check the related email accounts. To facilitate this effort and identify important events, avoid sending unnecessary information. Configure applications to send only relevant information.

Print this page