phillxnet/ubuntu-configure-postfix-with-gmail-smtp-relay

## ubuntu-configure-postfix-with-gmail-smtp-relay
#!/bin/bash

HOST=$(hostname)

# preconfigure the postfix install questions via debconf-set-selections
# debconf-set-selections takes four values per line, one line per question
# package name, question name, type of value requested(eg boolean), answer
function install_postfix() {
echo | sudo debconf-set-selections <<__EOF
postfix	postfix/root_address	string
postfix	postfix/rfc1035_violation	boolean	false
postfix	postfix/mydomain_warning	boolean
postfix	postfix/mynetworks	string	127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
postfix	postfix/mailname	string	$HOST
postfix	postfix/tlsmgr_upgrade_warning	boolean
postfix	postfix/recipient_delim	string	+
postfix	postfix/main_mailer_type	select	Satellite system
postfix	postfix/destinations	string	$HOST, localhost.localdomain, localhost
postfix	postfix/retry_upgrade_warning	boolean
postfix	postfix/kernel_version_warning	boolean
postfix	postfix/not_configured	note
postfix	postfix/sqlite_warning	boolean
postfix	postfix/mailbox_limit	string	0
postfix	postfix/relayhost	string	[smtp.gmail.com]:587
postfix	postfix/procmail	boolean	false
postfix	postfix/bad_recipient_delimiter	note
postfix	postfix/protocols	select	all
postfix	postfix/chattr	boolean	false
__EOF

echo "Postfix should be configured as Satellite system"
sudo apt-get install -q -y postfix
# -q for quiet -y for yes
}

if ! dpkg -s postfix >/dev/null; then
  install_postfix
else
  echo "Postfix is already installed."
  echo "You may consider removing it before running the script."
  echo "You may do so with the following command:"
  echo "sudo apt-get purge postfix"
  echo "N.B. This command will remove all previous configurations of postfix bar /etc/mailname"
  echo
fi

if which zenity >/dev/null; then
  GMAIL_USER=$(zenity --entry --title="Gmail username" --text="Enter your gmail username (your email address):")
  GMAIL_PASS=$(zenity --entry --title="Gmail password" --text="Enter your gmail password:" --hide-text)
else
  read -p "Gmail username (your email address): " GMAIL_USER
  read -p "Gmail password (app specific if 2 factor enabled, WARNING will be visible as you type): " GMAIL_PASS
fi

if [ -z "$GMAIL_USER" ]; then echo "No gmail username given. Exiting."; exit -1; fi
if [ -z "$GMAIL_PASS" ]; then echo "No gmail password given. Exiting."; exit -1; fi

if ! [ -f /etc/postfix/main.cf.original ]; then
  sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.original
fi

sudo tee -a /etc/postfix/main.cf >/dev/null <<__EOF
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_loglevel = 1
#smtp_tls_per_site is now strongly discouraged see:-
#http://www.postfix.org/postconf.5.html#smtp_tls_per_site
#now considered better to use smtp_tls_policy_maps
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_CAfile = /etc/ssl/certs/Equifax_Secure_CA.pem
virtual_alias_maps = hash:/etc/postfix/virtual
__EOF

# N.B. all tees without -a cause an overwrite of the output file
echo "[smtp.gmail.com]:587 $GMAIL_USER:$GMAIL_PASS" | sudo tee /etc/postfix/sasl_passwd >/dev/null
sudo chmod 400 /etc/postfix/sasl_passwd
sudo postmap /etc/postfix/sasl_passwd
#echo "smtp.gmail.com MUST" | sudo tee /etc/postfix/tls_per_site >/dev/null
#sudo chmod 400 /etc/postfix/tls_per_site
#sudo postmap /etc/postfix/tls_per_site
echo "[smtp.gmail.com]:587 verify" | sudo tee /etc/postfix/tls_policy >/dev/null
sudo chmod 400 /etc/postfix/tls_policy
sudo postmap /etc/postfix/tls_policy
# re-write envelope address (forward) mail addressed to admin@example.com to the gmail address,
# note that the message will still appear as to admin@example.com in the message header.
# The envelope "for" field will be changed to the gmail address so "for" as in "for the attention of"
# use canonical mapping to rewrite header and envelope addresses
echo "admin@example.com $GMAIL_USER" | sudo tee /etc/postfix/virtual >/dev/null
sudo chmod 400 /etc/postfix/virtual
sudo postmap /etc/postfix/virtual

# untested
# we currently deliver local mail but we may well want root's email delivered externally
echo
echo "Many system emails, such as the result of cron jobs, are by default delivered to the root user"
echo "It is common to want these emails forwarded to an external email address"
echo "The method used here is to place a new .forward file in /root directory; overwriting any existing file by the same name"
echo
read -e -p "Would you like to forward email for the root user to an external address (y/n): " -i "y" FORWARD_ROOT
if [ "$FORWARD_ROOT" = "y" ]; then
  read -e -p "Email address to forward all of root's incomming email too: " -i $GMAIL_USER ROOT_FORWARD_ADDRESS
  echo "overwriting /root/.forward with the stated email address"
  echo "$ROOT_FORWARD_ADDRESS" | sudo tee /root/.forward >/dev/null
fi

sudo service postfix restart
echo
echo "Configuration done"
echo

read -e -p "Would you like to send a test email using the new configuration? (y/n): " -i "y" TESTEMAIL

function send_test_email() {
if which mail >/dev/null; then
  echo "Sending test email, it should only take a few minutes to arrive"
  mail -s "Email relaying configured at ${HOST}" $GMAIL_USER <<__EOF
  The postfix service has been configured on host '${HOST}'.
  Thank you for using this postfix configuration script.
__EOF
  echo "A test email has been sent to ${GMAIL_USER} from this host '${HOST}'"
else
  echo "There was a problem finding the 'mail' command"
  echo "Test email not sent"
fi
}

if [ "$TESTEMAIL" = "y" ]; then
  if which mail >/dev/null; then
    echo "mail command found"
    send_test_email
  else
    echo "mail command not found; required to send test email"
    read -e -p "Would you like to install mailutils which contains the mail command? (y/n): " -i "y" REPLY
    if [ "$REPLY" = "y" ]; then
      echo "Installing mailutils"
      sudo apt-get install -q mailutils
      send_test_email
    else
      echo "OK proceeding without installing mailutils"
      echo "Test email not sent"
    fi
  fi
else
  echo "OK no test email sent"
fi
	#!/bin/bash

	HOST=$(hostname)

	# preconfigure the postfix install questions via debconf-set-selections
	# debconf-set-selections takes four values per line, one line per question
	# package name, question name, type of value requested(eg boolean), answer
	function install_postfix() {
	echo \| sudo debconf-set-selections <<__EOF
	postfix postfix/root_address string
	postfix postfix/rfc1035_violation boolean false
	postfix postfix/mydomain_warning boolean
	postfix postfix/mynetworks string 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
	postfix postfix/mailname string $HOST
	postfix postfix/tlsmgr_upgrade_warning boolean
	postfix postfix/recipient_delim string +
	postfix postfix/main_mailer_type select Satellite system
	postfix postfix/destinations string $HOST, localhost.localdomain, localhost
	postfix postfix/retry_upgrade_warning boolean
	postfix postfix/kernel_version_warning boolean
	postfix postfix/not_configured note
	postfix postfix/sqlite_warning boolean
	postfix postfix/mailbox_limit string 0
	postfix postfix/relayhost string [smtp.gmail.com]:587
	postfix postfix/procmail boolean false
	postfix postfix/bad_recipient_delimiter note
	postfix postfix/protocols select all
	postfix postfix/chattr boolean false
	__EOF

	echo "Postfix should be configured as Satellite system"
	sudo apt-get install -q -y postfix
	# -q for quiet -y for yes
	}

	if ! dpkg -s postfix >/dev/null; then
	install_postfix
	else
	echo "Postfix is already installed."
	echo "You may consider removing it before running the script."
	echo "You may do so with the following command:"
	echo "sudo apt-get purge postfix"
	echo "N.B. This command will remove all previous configurations of postfix bar /etc/mailname"
	echo
	fi

	if which zenity >/dev/null; then
	GMAIL_USER=$(zenity --entry --title="Gmail username" --text="Enter your gmail username (your email address):")
	GMAIL_PASS=$(zenity --entry --title="Gmail password" --text="Enter your gmail password:" --hide-text)
	else
	read -p "Gmail username (your email address): " GMAIL_USER
	read -p "Gmail password (app specific if 2 factor enabled, WARNING will be visible as you type): " GMAIL_PASS
	fi

	if [ -z "$GMAIL_USER" ]; then echo "No gmail username given. Exiting."; exit -1; fi
	if [ -z "$GMAIL_PASS" ]; then echo "No gmail password given. Exiting."; exit -1; fi

	if ! [ -f /etc/postfix/main.cf.original ]; then
	sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.original
	fi

	sudo tee -a /etc/postfix/main.cf >/dev/null <<__EOF
	smtp_use_tls = yes
	smtp_sasl_auth_enable = yes
	smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
	smtp_sasl_security_options = noanonymous
	smtp_tls_loglevel = 1
	#smtp_tls_per_site is now strongly discouraged see:-
	#http://www.postfix.org/postconf.5.html#smtp_tls_per_site
	#now considered better to use smtp_tls_policy_maps
	smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
	smtp_tls_CAfile = /etc/ssl/certs/Equifax_Secure_CA.pem
	virtual_alias_maps = hash:/etc/postfix/virtual
	__EOF

	# N.B. all tees without -a cause an overwrite of the output file
	echo "[smtp.gmail.com]:587 $GMAIL_USER:$GMAIL_PASS" \| sudo tee /etc/postfix/sasl_passwd >/dev/null
	sudo chmod 400 /etc/postfix/sasl_passwd
	sudo postmap /etc/postfix/sasl_passwd
	#echo "smtp.gmail.com MUST" \| sudo tee /etc/postfix/tls_per_site >/dev/null
	#sudo chmod 400 /etc/postfix/tls_per_site
	#sudo postmap /etc/postfix/tls_per_site
	echo "[smtp.gmail.com]:587 verify" \| sudo tee /etc/postfix/tls_policy >/dev/null
	sudo chmod 400 /etc/postfix/tls_policy
	sudo postmap /etc/postfix/tls_policy
	# re-write envelope address (forward) mail addressed to admin@example.com to the gmail address,
	# note that the message will still appear as to admin@example.com in the message header.
	# The envelope "for" field will be changed to the gmail address so "for" as in "for the attention of"
	# use canonical mapping to rewrite header and envelope addresses
	echo "admin@example.com $GMAIL_USER" \| sudo tee /etc/postfix/virtual >/dev/null
	sudo chmod 400 /etc/postfix/virtual
	sudo postmap /etc/postfix/virtual

	# untested
	# we currently deliver local mail but we may well want root's email delivered externally
	echo
	echo "Many system emails, such as the result of cron jobs, are by default delivered to the root user"
	echo "It is common to want these emails forwarded to an external email address"
	echo "The method used here is to place a new .forward file in /root directory; overwriting any existing file by the same name"
	echo
	read -e -p "Would you like to forward email for the root user to an external address (y/n): " -i "y" FORWARD_ROOT
	if [ "$FORWARD_ROOT" = "y" ]; then
	read -e -p "Email address to forward all of root's incomming email too: " -i $GMAIL_USER ROOT_FORWARD_ADDRESS
	echo "overwriting /root/.forward with the stated email address"
	echo "$ROOT_FORWARD_ADDRESS" \| sudo tee /root/.forward >/dev/null
	fi

	sudo service postfix restart
	echo
	echo "Configuration done"
	echo

	read -e -p "Would you like to send a test email using the new configuration? (y/n): " -i "y" TESTEMAIL

	function send_test_email() {
	if which mail >/dev/null; then
	echo "Sending test email, it should only take a few minutes to arrive"
	mail -s "Email relaying configured at ${HOST}" $GMAIL_USER <<__EOF
	The postfix service has been configured on host '${HOST}'.
	Thank you for using this postfix configuration script.
	__EOF
	echo "A test email has been sent to ${GMAIL_USER} from this host '${HOST}'"
	else
	echo "There was a problem finding the 'mail' command"
	echo "Test email not sent"
	fi
	}

	if [ "$TESTEMAIL" = "y" ]; then
	if which mail >/dev/null; then
	echo "mail command found"
	send_test_email
	else
	echo "mail command not found; required to send test email"
	read -e -p "Would you like to install mailutils which contains the mail command? (y/n): " -i "y" REPLY
	if [ "$REPLY" = "y" ]; then
	echo "Installing mailutils"
	sudo apt-get install -q mailutils
	send_test_email
	else
	echo "OK proceeding without installing mailutils"
	echo "Test email not sent"
	fi
	fi
	else
	echo "OK no test email sent"
	fi