Forward system / Cron mails via msmtp on Debian

By default your Debian server will try to deliver system / Cron emails to your mailbox server directly. While this is convenient for very simple setups, you might run into trouble if your inbox server expects DKIM-signed mails or does not accept emails from every IP address, but only from mail senders with good reputation. For that reason I’m running a single, well configured email gateway server, which is forwarding the mails from all my hosts into the internet. But how to tell all the hosts to send their mails via a central gateway? Installing and configuring Postfix is one way …

… but there’s a much cheaper alternative: The msmtp client.

While Postfix is way overpowered for such simple tasks, msmtp is the perfect tool for the job: It is a Sendmail compatible mail client, which does nothing but forwarding mail to the gateway.

Install msmtp-mta from the official Debian repositories (not to be confused with msmtpd!):

apt install msmtp-mta

… and create a new system-wide config file /etc/msmtprc:

account default
aliases /etc/aliases
host gateway.mydomain.tld
auto_from on
domain myhost01.mydomain.tld
maildomain myhost01.mydomain.tld
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
syslog LOG_MAIL
  • myhost01.mydomain.tld is the host name of the system that uses msmtp (web server, application server, … )
  • gateway.mydomain.tld is the FQDN of the central email gateway, running e.g. a full featured Postfix instance

That’s it! If you’re interested in tweaking your configuration and finding out more, have a look at the example config at /usr/share/doc/msmtp/examples/msmtprc-system.example.

Just one more thing: Usually you want to have all the mail to all system users forwarded to an administrative account. In my case the admin account is admin@mydomain.tld. In that case, change /etc/aliases to:

default: admin@mydomain.tld

You will receive all emails in that mailbox, now. To check your settings, issue an example mail from your myhost01.mydomain.tld:

apt install bsd-mailx
echo "This is a test mail" | mail -s "Testmail" root