Tuesday, May 26, 2009

Setting up Email forwarding System for GIT

The post is a derivative of the omapzoom wiki page. Disclaimer: my mastery of the wiki tags are dismal.. apologies... some day i hope to have time to post it here

Many new developers have been stumped when they need to use git-send-email in corporate environment – usually, if not as a norm, ms exchange servers form the backbone of such an email server system. This page was written based on one of such requirements.

To get started, we shall consider common scenarios:
a) Setting up a mail forwarding system with postfix on ubuntu
b) Setting up a mail forwarding system on a fedora machine
c) Using msmtp for using gmail
a. to send a patch using a gmail ID
b. to send a patch using your corporate ID but through gmail

Postfix on Ubuntu – mail forwarding
For setting up postfix, you need:
a) A mail relay server which will allow your machine to talk to it -> speak to your IT representatives/ other developers sitting next to you
b) Super user privileges on the machine you are working on.

Step 1: Check if the required packages are present
$ dpkg --get-selections grep postfix
postfix install

Step2: If postfix is already installed and not properly configured, uninstall the same:
$ sudo apt-get purge postfix

Do you want to continue Y/n?? y
(Reading database ... 260051 files and directories currently installed.)
Removing mailutils ...
Purging configuration files for mailutils ...
Removing postfix ...
* Stopping Postfix Mail Transport Agent postfix OK?
Purging configuration files for postfix ...
Processing triggers for libc6 ...
ldconfig deferred processing now taking place
Step3: Reinstall postfix:
$ sudo apt-get install postfix

When you install postfix, we go through a few screens as follows:

a) postfix gives a bit of help information -> read through it -> esp the idea of a “Satellite System” – this is what we will be using here.



b) postfix now asks you about what type of mail server do you wish to setup here -> say you want a “Satellite system”
c) now postfix will ask you for your machine’s domain name -> give the name of the machine you are using -> note, this is not the same as the relay server we will be using.
d) Post fix now asks for your email relay server information -> provide the complete machine information here

Postfix on Fedora – mail forwarding
Please refer 'Postfix Pre-Installation Steps', 'Installing Postfix on Fedora Linux' and 'Starting Postfix on Fedora Linux' sections of this link

Note: Before moving on to the 'Starting Postfix on Fedora Linux' section of the link, open /etc/postfix/main.cf file and edit the following parameters only

myhostname = (Enter your hostname here)
relayhost = (Put the appropriate server here for your location)
Using msmtp as the email forwarding system for gmail

Note: If you successfully configured postfix you dont need to configure msmtp.
Step 1: You now need to make a choice -> if you would like to configure your gmail account to send emails on behalf of your corporate mail ID, you need to configure gmail for the same - else skip this step ;)
a) go to gmail.com and log in with your user id and password
b) click on settings:
c) Select accounts

d) Click on “Add another email address you own”
e) A pop up appears: Fill up the required information and click on Send verification

f) Look in your mail account you added for the confirmation number:
g) Provide this to the pop up window
h) Set up gmail settings to always reply to the same email id which send the email as follows:
That is it. You can now send email from your gmail account as if it were send by your corporate account.

Step 2: Installing msmtp is as simple as “sudo apt-get install msmtp” or “sudo yum install msmtp” as required for your distro.. worst case you can build and install it yourself from http://msmtp.sourceforge.net/

Step 3: You now need to configure msmtp -> create a ~/.msmtprc file with permissions for 400 (user readonly).. as follows:
# Example for a user configuration file
# Set default values for all
following accounts.
defaults
tls on
# The ca-bundle.crt is the file
with CA certificates for Fedora Core 6.
# for other distros you might have
to dig it up from somewhere else.
# On Ubuntu
/etc/ssl/certs/ca-certificates.crt should be used, for example.
# My
shortcut has been to use ‘locate ca-bundle.crt’ and use which ever one I think
is good ;)
tls_trust_file /etc/pki/tls/certs/ca-bundle.crt
logfile
~/.msmtp.log
# My email service
account gmail
host smtp.gmail.com
port 587
#NOTE: if you are using your corporate email ID and have
configured gmail -> provide that below
from some.user.name@gmail.com
auth on
#The following IS your gmail ID and password
user
some.user.name@gmail.com
password my-secret
# Set a default account
account default : gmail

The example here is for a Gmail account, but can easily be changed to use the local SMTP server as well.

Step 4: Now, by giving the full path name to the msmtp program as smtp server to git-send-email, you can send the patches through gmail or some other smtp account with TLS and/or user authentication.
git-send-email --smtp-server /usr/bin/msmtp
An alternative to setting --smtp-server each time is to set the global sendemail.smtpserver value.
git-config --global sendemail.smtpserver /usr/bin/msmtp
Another option is to configure a local smtp server on your machine, using a well-known SMTP server as smarthost. Then, all applications using localhost as a mail server (e.g. /usr/bin/mail) will work.

NOTE: On OS X with macports, msmtp can be installed with 'sudo port install msmtp', and '/usr/share/curl/curl-ca-bundle.crt' should work for tls_trust_file.
And your email forwarding system is setup:)

2 comments:

Pavan Savoy said...

Does any of these work over a proxy ? Unfortunately @ work I access gmail over a proxy and even my official mail id's smtp server over a proxy [it's portkey.. you must be aware of it]

Nishanth Menon said...

yes, ones like squid - they usually do allow things to go thru, and in my work place, it does work.

But note: certain proxies are notorious to the level of "security" they can implement, so it might even restrict it to only accessing certain ports with certain type of data flowing in (checks for mime headers etc..).. I have heard of portkey, but I think portkey configuration probably varies place to place. you will have to check with your IT admin to get further information