Skip to content

Instantly share code, notes, and snippets.

@tomdaley92
Last active October 15, 2024 19:12
Show Gist options
  • Save tomdaley92/9315b9326d4589c9652ce0307c9c38a3 to your computer and use it in GitHub Desktop.
Save tomdaley92/9315b9326d4589c9652ce0307c9c38a3 to your computer and use it in GitHub Desktop.
Proxmox - Email Alerts Setup (gmail)

Proxmox - Email Alerts Setup (gmail)

  1. SSH into proxmox node and become root user. Run the following commands to download extra software dependencies we'll need.

    apt update
    apt install -y libsasl2-modules mailutils
  2. Enable 2FA for the gmail account that will be used by going to security settings

  3. Create app password for the account.

    1. Go to App Passwords
    2. Select app: Mail
    3. Select device: Other
    4. Type in: Proxmox or whatever you want here
  4. Write gmail credentials to file and hash it. Again, make sure you are root.

    echo "smtp.gmail.com [email protected]:yourpassword" > /etc/postfix/sasl_passwd
    
    # chmod u=rw
    chmod 600 /etc/postfix/sasl_passwd
    
    # generate /etc/postfix/sasl_passwd.db
    postmap hash:/etc/postfix/sasl_passwd
  5. Open the Postfix configuration file with editor of your choice.

    nano /etc/postfix/main.cf
  6. Append the following to the end of the file:

    relayhost = smtp.gmail.com:587
    smtp_use_tls = yes
    smtp_sasl_auth_enable = yes
    smtp_sasl_security_options =
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem
    smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
    smtp_tls_session_cache_timeout = 3600s
    

    IMPORTANT: Comment out the existing line containing just relayhost= since we are using this key in our configuration we just pasted in.

    Screen Shot 2022-09-26 at 10 36 42 AM

  7. Reload postfix

    postfix reload
  8. Test to make sure everything is hunky-dory.

    echo "sample message" | mail -s "sample subject" [email protected]
@tomdaley92
Copy link
Author

@pixitha
Copy link

pixitha commented Jul 24, 2022

If you have installed proxmox on top of debian (instead of a normal install) you will need to install mailutils before you can send a sample message.

sudo apt-get install mailutils

@tomdaley92
Copy link
Author

Thanks for catching that @pixitha

@Jerhaad
Copy link

Jerhaad commented Aug 30, 2022

It looks like you're using two different styles of password maps, but without detail on why. Which method works best?

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_sasl_password_maps = /etc/postfix/sasl_passwd.db

@tomdaley92
Copy link
Author

tomdaley92 commented Sep 26, 2022

@Jerhaad Thanks for catching that. I think I was trying out a few things and forgot to update the screenshot. I have now fixed the screenshot to show smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

Also, @pixitha I have added the mailutils to the apt install command in step 1, thanks!

@The-Drobe
Copy link

The-Drobe commented Dec 18, 2022

if doing this on proxmox for it to send emails properly you may also need to hash your aliases with postalias /etc/aliases so items addressed to root get sent to you for example ZFS array scrubbing or smart errors

@hhhhhojeihsu
Copy link

hhhhhojeihsu commented Jan 10, 2023

I got the error message in /var/log/mail.log

Must issue a STARTTLS command first

Update the CA first: update-ca-certificates --fresh

Also the main.cf should be

smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_enforce_tls = yes
smtpd_use_tls = yes

@stixif
Copy link

stixif commented Jan 14, 2023

thanks a lot!
but i have to install postfix to...

@SecureCPU
Copy link

Hey,
Thank you for these instructions!!

I got this error,
Would anyone know how to change it?

SendAsDenied; [email protected] not allowed to send as [email protected]

@SecureCPU
Copy link

SecureCPU commented Jan 19, 2023

Fixed it.
I created the file /etc/postfix/header_check and added the following code /From:.*/ REPLACE From: [email protected]

Then added the following line to /etc/postfix/main.cf

smtp_header_checks = regexp:/etc/postfix/header_check

that changed the sendas address to match my email address

credit: https://vectops.com/2022/02/how-to-set-up-a-smtp-relay-on-your-proxmox-node/

@shawnhaywood
Copy link

shawnhaywood commented Oct 25, 2023

Thank you for these setup instructions! If it helps anyone, I didn't log in as root when installing the dependencies. I purged them and reinstalled. For some reason, I still had to use sudo for some commands, like the postmap. Also, followed @SecureCPU advise to add custom from address followed by systemctl restart postfix.service to restart.

@RK62
Copy link

RK62 commented Nov 16, 2023

Big THANK YOU! Works fine!

@WizardTo
Copy link

Hi, thank you for the most detailed setup you did.
If you have a network unreachable error it might be caused by the fact that google smtp server address is now : smtp-relay.gmail.com:25

@The-Drobe
Copy link

Hi, thank you for the most detailed setup you did. If you have a network unreachable error it might be caused by the fact that google smtp server address is now : smtp-relay.gmail.com:25

Most ISPs block port 25 have you tried using one of the other ports? Such as 587 or 465?

@zzatihz1
Copy link

Thank you! Thorough and easy to follow.

@Pinki0529
Copy link

You forgot to add that the unhashed file with the password should be deleted.
Thanks for the tutorial.

@aaronwald
Copy link

Thank you

@digitalqualms
Copy link

I installed Proxmox over Debian FWIW, and I ran into this default settings causing errors:

default_transport = error

Commenting it out fixed the issue

@Chia-Chih
Copy link

Chia-Chih commented Oct 11, 2024

Hi, thank you for the most detailed setup you did. If you have a network unreachable error it might be caused by the fact that google smtp server address is now : smtp-relay.gmail.com:25

The address smtp.gmail.com is still functional. Also, if you want to use a different SMTP server, remember to update the SMTP server in /etc/postfix/sasl_passwd.

If you get a "network is unreachable" error and the syslog shows that the SMTP server uses IPv6:

connect to smtp.gmail.com[IPv6]:587: Network is unreachable

Here is my solution:

  1. Open /etc/postfix/main.cf, change inet_protocols = all to inet_protocols = ipv4(or just add it).
  2. Restart postfix using service postfix restart.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment