Install msmtp for Gmail on Debian 10

- 2 min read

I don’t want my server to be an SMTP-server but I do want it to be able to send me e-mails. Hence, Postfix is overkill and I settled with msmtp and Gmail.

Install msmtp for Gmail on Debian 10

Installation

Installation is straightforward. msmtp is available in Debian’s repositories.

$ sudo apt update && sudo apt install msmtp msmtp-mta

On my system, this installs ca-certificates libgsasl7 libntlm0 msmtp openssl.

Preparation

msmtp is not a full-blown SMTP relay. We want it to send e-mails through Gmail’s SMTP-servers. While you can go the long way and go for OAUTH2 as explained in the Arch Linux wiki, I went for the short version with app passwords. you can read more about this on the Google help pages.

First, make sure you enabled 2-factor authentication for your Gmail account.

Next, generate an app password: https://security.google.com/settings/security/apppasswords. It looks like this: fgoelxqlduacnryt. Write it down or temporarily save it to a file because you’ll only see this once. You’ll have to create a new password then.

Create an app password

Options don’t matter much but can be handy for later identification.

The generated password

You’ll only see this password once.

Possibly, unblock with the captcha: https://accounts.google.com/DisplayUnlockCaptcha

Configuration

In my case I only set up one account, the default. I don’t need individual users to be able to send their own e-mails.

The configuration resides in one file:

sudo nano /etc/msmtprc

# Copy the contents below
account        default
auth           on
tls            on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile        /var/log/msmtp

# gmail
host           smtp.gmail.com
port           587
from           youraccount@gmail.com
user           youraccount
password       yourapppassword

# Syslog logging with facility LOG_MAIL instead of the default LOG_USER
syslog LOG_MAIL

# Aliases file
aliases /etc/aliases

In the aliases file the system looks for the address where to send the e-mails to. Hence, we populate the file.

$ sudo nano /etc/aliases

# Copy the contents below
# Bug: recursive lookup doesn't seem to work in current Debian version
# Setting every e-mailaddress explicitely
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
...
root: youraccount@gmail.com

Test and finalize!

Send an email:

$ echo "Hello this is sending email using msmtp" | msmtp bertmelis@gmail.com

There might be a problem with the setup. Somehow msmtp doesn’t create its log file.

$ sudo touch /var/log/msmtp
$ sudo chown msmtp:msmtp /var/log/msmtp
$ sudo chmod g+w /var/log/msmtp

Now it works:

echo "hello there username." | msmtp -a default username@domain.com

One more thing. The app password is stored in plain text. So we should limit access to this file.

# limit access
sudo chmod 660 /etc/msmtprc
# create a group called 'msmtp' not needed, probably already there
# sudo groupadd msmtp
# repeat the following for each group member
sudo usermod -aG msmtp username

We’re all done!

Mailbox image by anSICHThoch3 from Pixabay

Bert Melis's Picture

About Bert Melis

My name is Bert Melis. I'm a reliability engineer by profession and a IoT enthusiast by heart. I try to make my small home smart without spending too much money.

Read Next