How to use Oracle Email Delivery Service

Email Delivery Setup with Sendmail in Oracle Cloud

RELAY the mails to Oracle SMTP Server from Linux Server

Before we start make sure whether email delivery setup has already been done or not, before making any changes. (It’s advisable to check in and each compartment for safety purpose). And check whether you are receiving any mail from server using sendmail.

echo “Test email from server, testing email delivery” | mail -s -v “Test Email Delivery Setup” <your_email_address>

This will be two-step process; in first step we will be setting up the Oracle Email Delivery using the Console and in second step we will be configuring the sendmail from Linux server.

Step A: Setup Email Delivery in OCI

Brief Overview:

1. Create a Policy.
2. Create Approved Sender.
3. Generate SMTP Credentials, if not generated.
4. Use Suppression limit, if you want to stop sending emails to particular address.
5. Make sure you already have configured the SPF.

1. Create a Policy

Below example is showing policy created at tenancy level, whereas you can create the policy at the compartment level as well.

Allow group Administrators to manage approved-senders in tenancy

For Suppression List, add below statement as well.

Allow group Administrators to manage suppressions in tenancy

2. Create Approved Sender

Find out the Domain Name of the company. (Eg oracle.com). So that approved sender will be like this.

username@domain_name

Example: no-reply@oracle.com

If you are not using the masquerade, then add the Approved Sender as below.

First get FQDN from server, use below command for fully qualified domain name.

hostname -f

username@fqdn

Navigation to create the Approved Sender from OCI Console

Hamburger Menu → Solutions and Platform → Email Delivery → Email Approved Sender

Now, Click on Create Approved Sender

3. Generate SMTP Credentials, if not generated. (This is very important)

Navigation:

Hamburger Menu → Solutions and Platform → Email Delivery → Email Configuration

Note: This is very important step, note down all the details mentioned below, which will be useful in configuring sendmail.

1. SMTP Server Name

2. SMTP OCID

3. Password of user. (This is very crucial to save, as there’s no option to get the password back)

In above picture underlined URL is our SMTP Server Name. Next, click on Manage SMTP Credentials and Generate SMTP Credentials.

Copy this Username and Password and SMTP Server Name, and we will now configure the sendmail side, and we are done with Step A.

Step B: Configure Sendmail on Linux Server

Now logon to the server from where you want to send email. And connect as a root user/user which have sudo access.

Brief Description:

1. Make sure sendmail and m4 are installed already.
2. Create Authfile.
3. If you are using the PLAIN Authentication then make sure cyrus-sasl-plain is installed.
4. Add RELAY.
5. Backup Sendmail config file.
6. Update the sendmail.mc
7. Restart the sendmail.

1. Make sure sendmail and m4 are installed already.

Use below command to verify if sendmail is installed or not, if not install using the yum repository only.

rpm -qa sendmail

rpm -qa m4

If not already installed,

yum install -y sendmail

yum install -y m4

2. Create Authfile.

This is important step again, re-collect all the information gathered in step A Modify the authinfo file, create it if not exist already, and take a backup of original one before modifying it.

vi /etc/mail/authinfo

Add the following lines:

AuthInfo:<SMTP connection endpoint> "U:root" "I:<username from smtp credentials>" "P:<password from smtp credentials>" "M:PLAIN"
#write and quit file
:wq!

Fill the details in brackets < >

1. SMTP Connection endpoint is your SMTP Server Name. (example: smtp.us-phoenix-1.oraclecloud.com)
2. Username from smtp credentials will be your user OCID (example: ocid1.user.oc1..abcd@ocid1.tenancy.oc1..abcd)
3. Password from SMTP Credentials will be your password.

After filling the details save the file and exit (wq!)

Now, Generate the /etc/mail/authinfo.db file. Run the following command:

sudo sh -c ‘makemap hash /etc/mail/authinfo.db < /etc/mail/authinfo’

Add support for relaying to the Oracle Cloud Infrastructure Email Delivery SMTP endpoint. Run the following command:

sudo sh -c ‘echo “Connect:<SMTP connection endpoint> RELAY” >> /etc/mail/access’

Regenerate /etc/mail/access.db. Run the following command:

sudo sh -c ‘makemap hash /etc/mail/access.db < /etc/mail/access’

Create a backup of the sendmail.cf and sendmail.mc files. Run the following command:

sudo sh -c ‘cp /etc/mail/sendmail.cf /etc/mail/sendmail_cf.backup && cp /etc/mail/sendmail.mc /etc/mail/sendmail_mc.backup’

Update the /etc/mail/sendmail.mc file.

Run the following command:

sudo vi /etc/mail/sendmail.mc

Find the MAILER() definitions.

Type /MAILER and press ENTER.

In Insert mode, add the following settings before any MAILER() definitions:

define(`SMART_HOST', `<SMTP connection endpoint>')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 25')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db')dnl
MASQUERADE_AS(`<sending_domain>')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl

Example:

define(`SMART_HOST', `smtp.us-ashburn-1.oraclecloud.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 25')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db')dnl
MASQUERADE_AS(`abc.com')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl

Make Sendmail writeable. Run the following command:

sudo chmod 666 /etc/mail/sendmail.cf

Regenerate sendmail.cf. Run the following command:

sudo sh -c ‘m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf’

Note: If you receive an error, such as “Command not found” or “No such file or directory,” confirm that the m4 and sendmail packages are installed on your system.

Reset permissions for sendmail.cf to read only. Run the following command:

sudo chmod 644 /etc/mail/sendmail.cf

Restart Sendmail. Run the following command:

sudo service sendmail restart

Test the configuration by sending a test email. Run the following command:

echo “Test email from server, testing email delivery” | mail -v -s “Test Email Delivery Setup” <your_email_address>

Known Issue:

If you now restart sendmail and you will receive the following error in /var/log/maillog

(1002/1007), delay=00:00:01,xdelay=00:00:01, mailer=relay, pri=120587, relay=smtp.us-phoenix-1.oraclecloud.com. [138.1.38.16],dsn=4.0.0, stat=Deferred: Temporary AUTH failure

Solution:

We still need package cyrus-sasl-plain installed, I’ve enabled public Oracle Linux repo to get it installed:

yum -y install cyrus-sasl-plain

NOTE:

1. Please check pricing details before implementing the changes.

2. Also make sure you have SPF configured properly.

3. And you can send mails up to 2 MB size only and this is not configurable as of now.

4. Checkout below blogpost for more FAQs on Email Delivery.

https://www.oracle.com/in/cloud/networking/email-delivery-faq.html

References:

Overview of the Email Delivery Service

Configuring OCI Email Delivery with OCI Exadata to send emails

Email Delivery FAQ

https://docs.cloud.oracle.com/en-us/iaas/Content/Email/Reference/sendmail.htm