Join Log in
Score:0
bilogic avatar Ubuntu

How does postfix intercept root's mail?

bj flag
bilogic
  1. Quite a number of apps e.g. cron etc will send mail to root if there are errors.
  2. I saw some tutorials which involve installing postfix + quite a bit of configuration to have them forwarded to gmail or some alternative. Too much configuration work.
  3. How does postfix detect there are new mails to root? Checking some folder? Or?
  4. On a fresh installation of Ubuntu, cron can still send mail to root. How does it work?
  5. I wish to know this and intercept these mails to root, then forward them to telegram/webhook or something.

Possible? I mean, how does postfix do it anyway?

157
3 + 1
bilogic avatar
bj flag
bilogic
https://github.com/gstracquadanio/sendtelegram solved my "main" problem
0
Reply
Score:3
avatar Ubuntu
ru flag
Thomas Ward

Postfix doesn't "intercept" the emails. It provides sendmail which the local system calls to send mail to root for cronjobs and other local mail delivery tasks. In-depth understanding of how Postfix processes email on the other hand is critical to one of your questions, so read on.

  1. Quite a number of apps e.g. cron etc will send mail to root if there are errors.
  2. I saw some tutorials which involve installing postfix + quite a bit of configuration to have them forwarded to gmail or some alternative. Too much configuration work.

These aren't questions, so I'm going to ignore those parts.

  1. I wish to know this and intercept these mails to root, then forward them to telegram/webhook or something.

Firstly, as I said, you don't "intercept" these messages. You configure Postfix or the MTA (Mail Server) on your system to process messages accordingly. In this case, you'd configure Postfix so messages to root or such get piped into custom code that it calls to process the messages into items that get put into a webhook or such that deliver to Telegram or whatever process you want to use. This is the only way to make that work.

  1. On a fresh installation of Ubuntu, cron can still send mail to root. How does it work?

A fresh Ubuntu installation installs basic mailer functionality into the system just for email delivery to root for cronjob tasks. Typically this is some application that provides sendmail locally. The actual internal processes for how this works varies based on which provider for the sendmail script/binary exists, but for how Postfix does it, continue on.

  1. How does postfix detect there are new mails to root? Checking some folder? Or?

Without going into too much depth, Postfix has multiple components in its design and architecture that handles mail in general. This is described and visible better here at the Postfix main site: https://www.postfix.org/OVERVIEW.html - If you really want to understand how the internals work I would start here on that page and read through the entire page as it really explains everything in-depth.

But I'll do my best to include bits from there.

To start with, mail delivery happens in several mechanisms before it hits the incoming queue which are all handled as 'live' components of the Postfix process. As evidenced in this 'diagram' from the Postfix pages:

Mail delivery diagram

Email messages from the Internet, etc. are all delivered to a "cleanup" process. Messages delivered locally typically use the sendmail call (which cron does in fact call!) and are put into the postdrop process, which in turn puts it into the maildrop process and then into a pickup process which then leads to cleanup for the message (which includes identifying rewrites, redirection of accounts based off of Postfix config, etc.). Then it goes into the incoming queue which is then processed by Postfix's delivery mechanisms internally.

That cleanup processor then alerts Postfix's queue manager that there's stuff to pick up and then the queue manager processes those items. However, this is internal components of Postfix, and happen whether mail is from the Internet or locally.

ULTIMATELY, for any mail delivery, Postfix delivers everything to the incoming queue then alerts Postfix's internal system manager that there's items to review in the queue. This happens transparently though.

Once it's in the incoming queue, it goes through more processes before being delivered:

enter image description here

ULTIMATELY with local mail delivery being processed via the local, virtual, or pipe calls - local is direct delivery to a mailbox in the inbox locations configured by Postfix (default drops into /var/mail/USER/INBOX I believe but don't quote me on that), and that's what happens for local mail delivery to root for cronjobs, etc.

+ 9
bilogic avatar
bj flag
bilogic
Thanks for the very detailed write up. In your opinion, are there any opportunities between `Local`, `sendmail` and `postdrop` to catch each of root's mail individually? I assume `maildrop` is already part of postfix (Which I don't wish to install)? I don't need to parse the mails, but I do want them broken up so that I get 5 webhooks for 5 emails. I will read up on the things you mentioned in a bit
0
Reply
ru flag
Thomas Ward
@bilogic No, but I edited my post. The only way to configure this is to configure Postfix or the MTA to deliver to a script for `root` and then let the script process the data. As stated in the point of "custom code". You don't "intercept" anything in Postfix / email. You configure the system for how to deliver the mail. I'll have to review some configurations on my systems where I have this to give you a better idea of how to do that, but the part of actually handling each message and doing something other than SMTP/email with it is customized coding and I can't help you at that part.
0
Reply
raj avatar
cn flag
raj
You basically write in your answer the same (although from a slightly different point of view) that was in my answer that you deleted. Both your and my answer concentrate on the point that Postfix does not "intercept" mail, but is a necessary component to send and receive mail at all. I think it was wrong from your side to delete my answer and then write something that is basically the same in idea (although worded differently)
0
Reply
bilogic avatar
bj flag
bilogic
Ok, since these servers will never have to send mails of any sort, it does sound like I could write a drop in replacement for sendmail. I have no wish install postfix and have to deal with the possible misconfiguration etc. Now I recall once using ssmtp https://github.com/davecb/ssmtp as a drop-in replacement for sendmail.
0
Reply
bilogic avatar
bj flag
bilogic
https://github.com/gstracquadanio/sendtelegram problem solved.
0
Reply
ru flag
Thomas Ward
@raj your post doesnt answrr OP's actual questin about how it works behind the scenes with mail delivery which *is* what OP asks about. OP was asking how it gets from cron to mailbox (sendmail -> process -> local mail box) which you only go insofar as saying "You need an MTA" which is effectively NOT what OP asked which is how to *intercept* those messages. There are numerous approaches to fix sendmail to NOT need a mailserver. What OP wants is to replace the mailserver components with a telegram or web hook call which doesnt *need* a mailserver. Which is why i said "not an answer".
0
Reply
bilogic avatar
bj flag
bilogic
Thomas, I would appreciate it if you would be so kind as to add the `sendtelegram` github link to the top of your answer as a solution to my "main" problem. Thank you.
0
Reply
raj avatar
cn flag
raj
The OP asked how "**Postfix intercepts**" these messages and "detects" them, to which I tried my best to answer that Postfix does **not** "intercept" nor "detect" them, but is **explicitly called** to deliver them. It's at least partial answer and it doesn't deserve deletion.
0
Reply
Organic Marble avatar
us flag
Organic Marble
This is informative and explains a lot of stuff I've blundered around.
0
Reply
Score:0
raj avatar Ubuntu
cn flag
raj

Postfix does not "intercept" the mail. For the system to be able to handle any mail at all, you need a mail server to be installed. Postfix is one of such mail servers (others are eg. Exim or sendmail).

When cron (or any other application) wants to send mail, it calls a mail server to do it (technically, it calls /usr/sbin/sendmail binary, which is a part of the mail server). This is how Postfix (or any other mail server) "detects" there is email to handle - it is explicitly asked by the application to deliver that email.

Without a mail server, cron won't be able to send any mail and will just log that fact in the logfile. On a fresh installation of Ubuntu there is no mail server installed by default, and cron does not send any mail to root (confirmed on multiple machines on which I have installed various Ubuntu releases) - of course as long as we are talking about desktop Ubuntu releases (if you just mention "Ubuntu" without any specific adjectives, it is assumed to be the standard desktop release).

On Ubuntu Server, probably some mail server gets installed by default, thus cron is able to send mail to root. As I don't use Ubuntu Server, I don't know which mail server it is. You have to determine which one it is yourself, by looking at the list of installed packages.

If you want to install Postfix, you should uninstall your currently installed mail server (it is possible that installation of Postfix will uninstall it automatically, but I'm not sure), as two different mail servers cannot coexist on the same machine. Postfix installation will replace your current /usr/sbin/sendmail binary from your current mail server by a new /usr/sbin/sendmail binary being a part of Postfix. However, you do not need to replace your current mail server with Postfix to forward mail to anywhere else, because pretty much every mail server has similar forwarding capabilities. The /etc/aliases file described in the other answer should work the same way regardless of the mail server being used.

If you put the following line in your /etc/aliases file:

root: [email protected]

it will forward root's mail to Gmail, but Gmail might not accept that mail due to various reasons I won't go into here (but these are the reasons why the tutorials you can find on the Net are so complicated). Forwarding to other services may give better results.

If you want root's mail to be processed by some script instead (for example a script that posts it to Telegram), use the following line in /etc/aliases:

root: |/path/to/your/script

Finally, you should take into account that it is generally strongly discouraged to forward root's mail (it is even written in a comment in the standard default /etc/aliases file). root account is treated by the mail server as a "last resort" mail destination: if for any reason mail cannot be delivered either to recipient or returned back to sender, it is sent to the root account. If you forward root's mail and an error occurs while forwarding, you don't get any "last resort" destination and the mail is lost.

+ 4
ru flag
Thomas Ward
The GMail portions are not relevant. I would not include those.
0
Reply
raj avatar
cn flag
raj
I removed the Gmail part and added some examples on how to manipulate root's mail.
1
Reply
bilogic avatar
bj flag
bilogic
I think cron is calling `sendmail` regardless if postfix is installed or not.
0
Reply
raj avatar
cn flag
raj
Yes, it always calls `sendmail` regardless of which mail server is installed (like all applications that send mail). But if no `sendmail` binary is installed, cron cannot send any mail at all and logs that fact in a log file.
0
Reply
Score:0
avatar Ubuntu
in flag
Simon Banks

Thanks for adding which mail agent is is. See 'man aliases' to see what postfix says about mail aliases.

/etc/aliases is a file which contains a list of user aliases that are using by sendmail to redirect mail.

e.g.

root: mouser

Would create an alias for all emails directed at user 'root' to user 'mouser'.

+ 4
bilogic avatar
bj flag
bilogic
Thank you. I updated my OP to make my question clearer.
0
Reply
in flag
Simon Banks
Thanks so man aliases should give you a the information you require. On my postfix server I've also got a virtual mapping defined which is very similar.
0
Reply
bilogic avatar
bj flag
bilogic
My question about postfix actually is, how does it detect there is an email to handle? (not the part where it knows where re-forward the email to)
0
Reply
ru flag
Thomas Ward
@bilogic it's a mail server / MTA. It listens on local protocols (and `sendmail` calls) for local mail delivery like in `/etc/aliases` for cronjobs delivering to root@localhost, etc. and has a mail spool to process all other incoming mail. It doesnt' "detect" there's an email to handle. Something has to call `sendmail` or drop something into the mail queue/spool. You might want to read https://www.postfix.org/OVERVIEW.html which gives you a diagram for delivery and outlines the entire Postfix architecture review so you can read specific bits in depth.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.