Documente Academic
Documente Profesional
Documente Cultură
msmtp (https://marlam.de/msmtp/) is a very simple and easy to use SMTP client Related articles
with fairly complete sendmail compatibility.
mutt
OfflineIMAP
SSMTP
Contents
S-nail
Installing
OpenSMTPD
Basic setup
Using the mail command
Test functionality
Cronie default email client
Password management
GNOME Keyring
GnuPG
Miscellaneous
Using msmtp offline
Vim syntax highlighting
Send mail with PHP using msmtp
Using XOAUTH2 Authentication for Gmail
Troubleshooting
Issues with TLS
Server sent empty reply
Issues with GSSAPI
Installing
Install the msmtp (https://www.archlinux.org/packages/?name=msmtp) package. Additionally, install
msmtp-mta (https://www.archlinux.org/packages/?name=msmtp-mta), which creates a sendmail alias to
msmtp.
Basic setup
The following is an example of a msmtp configuration (the file is based on the per-user example file located at
/usr/share/doc/msmtp/msmtprc-user.example ; the system configuration file belongs at /etc/msmtprc
and its corresponding example file is located at /usr/share/doc/msmtp/msmtprc-system.example ):
~/.msmtprc
# Gmail
account gmail
host smtp.gmail.com
port 587
from username@gmail.com
user username
password plain-text-password
# A freemail service
account freemail
host smtp.freemail.example
from joe_smith@freemail.example
...
Note: If you are using SSL/TLS and receive a "Server sent empty reply" error message, see
#Server sent empty reply.
The user configuration file must be explicitly readable/writeable by its owner or msmtp will fail:
To avoid saving the password in plain text in the configuration file, use passwordeval to launch an external program,
or see the #Password management section below. This example using Gnu PG is commonly used to perform
decryption of a password:
Warning: Most shells save command history(e.g. .bash_history .zhistory). To avoid this, use
gpg with shell stdin: gpg --encrypt -o .msmtp-gmail.gpg -r <email> - . The ending dash is not
a typo, rather it causes gpg to use stdin. After running that snippet of code, type in your
password, press enter, and press Control-d so gpg can encrypt your password.
~/.msmtprc
/etc/mail.rc
set mta=/usr/bin/msmtp
A .msmtprc file will need to be in the home of every user who wants to send mail or alternatively the system wide
/etc/msmtprc can be used.
msmtp also understands aliases. Add the following line to the defaults section of msmtprc or your local configuration
file:
/etc/msmtprc
aliases /etc/aliases
and create an aliases file in /etc
/etc/aliases
Test functionality
The account option ( --account=,-a ) tells which account to use as sender:
To: username@domain.com
From: username@gmail.com
Subject: A test
Hello there.
Tip: You can use --read-envelope-from instead of -a default to automatically chose account by
From: field in message you are going to send.
/etc/systemd/system/cronie.service.d/msmtp.conf
[Service]
ExecStart=
ExecStart=/usr/bin/crond -n -m '/usr/bin/msmtp -t'
Then you must tell cronie or msmtp what your email address is, either by:
1. Add to /etc/msmtprc :
aliases /etc/aliases
— OR —.
MAILTO=email@address.com
Password management
Passwords for msmtp can be stored (https://marlam.de/msmtp/msmtp.html#Authentication) in plaintext,
encrypted files, or a keyring.
GNOME Keyring
Storing passwords in GNOME Keyring is supported natively in msmtp. Setup the keyring as described on the linked
wiki page and install libsecret (https://www.archlinux.org/packages/?name=libsecret). Then, store
a password by running:
GnuPG
The password directive may be omitted. In that case, if the account in question has auth set to a legitimate value
other than off , invoking msmtp from an interactive shell will ask for the password before sending mail. msmtp will
not prompt if it has been called by another type of application, such as Mutt. For such cases, the --passwordeval
parameter can be used to call an external keyring tool like GnuPG.
To do this, set up GnuPG, including gpg-agent to avoid having to enter the password every time. Then, create an
encrypted password file for msmtp, as follows. Create a secure directory with 700 permissions located on a tmpfs to
avoid writing the unencrypted password to the disk. In that directory create a plain text file with the mail account
password. Then, encrypt the file with your private key:
Remove the plain text file and move the encrypted file to the final location, e.g.
~/.mail/.msmtp-credentials.gpg . In ~/.msmtprc add:
~/.msmtprc
Normally this is sufficient for a GUI password prompt to appear when, for example, sending a message from Mutt. If
gpg prompt for the passphrase cannot be issued, then start the gpg-agent before. A simple hack to start the agent is to
execute a external command in your muttrc using the backtick ` command ` syntax. For example, you can put
something like the following in your muttrc
muttrc
Note: If you do this, you will have to restart mutt after gpg-agent clears the password to start
sending emails again
An alternative is to place passwords in ~/.netrc , a file that can act as a common pool for msmtp, OfflineIMAP,
and associated tools.
Miscellaneous
The scripts are installed under /usr/share/doc/msmtp/msmtpqueue . You might want to copy the scripts to a
convenient location on your computer, ( /usr/local/bin is a good choice).
Finally, change your MUA to use msmtp-enqueue.sh instead of msmtp when sending e-mail. By default, queued
messages will be stored in ~/.msmtpqueue . To change this location, change the
QUEUEDIR=$HOME/.msmtpqueue line in the scripts (or delete the line, and export the QUEUEDIR variable in
.bash_profile like so: export QUEUEDIR="$XDG_DATA_HOME/msmtpqueue" ).
When you want to send any mail that you've created and queued up run:
$ /usr/local/bin/msmtp-runqueue.sh
Adding /usr/local/bin to your PATH can save you some keystrokes if you're doing it manually. The README file
that comes with the scripts has some handy information, reading it is recommended.
# vim:filetype=msmtp
Note that you can not use a user configuration file (ie: one under ~/) if you plan on using msmtp as a sendmail
replacement with php or something similar. In that case just create /etc/msmtprc, and remove your user configuration
(or not if you plan on using it for something else). Also make sure it's readable by whatever you're using it with (php,
django, etc...)
From the msmtp manual: Accounts defined in the user configuration file override accounts from the system
configuration file. The user configuration file must have no more permissions than user read/write
So it's impossible to have a conf file under ~/ and have it still be readable by the php user.
To test it place this file in your php enabled server or using php-cli.
<?php
mail("your@email.com", "Test email from PHP", "msmtp as sendmail for PHP");
?>
account gmail
host smtp.gmail.com
port 587
from your@gmail_login_email
tls on
tls_starttls on
tls_certcheck off
auth plain
user any_thing_here
passwordeval "get-gmail-token"
logfile ~/.msmtp.log
The get-gmail-token script can be found from the source files of the AUR package. See more information on
getmail link (https://www.bytereef.org/howto/oauth2/getmail.html) about how this works. And see Gmail
API quickstart (https://developers.google.com/gmail/api/quickstart/python) for instruction on
registering a Gmail APP and authorizing it to access emails.
Troubleshooting
msmtp: TLS certificate verification failed: the certificate hasn't got a known issuer
If you are completely desperate, but are 100% sure you are communicating with the right server, you can always
temporarily disable the cert check:
To let msmtp use TLS over port 465, add the following line to ~/.msmtprc :
tls_starttls off
GNU SASL: GSSAPI error in client while negotiating security context in gss_init_sec_context() in SASL librar
y. This is most likely due insufficient credentials or malicious interactions.
Try changing your auth setting to plain, instead of gssapi in your .msmtprc file [1] (https://bbs.archlinux.org/vie
wtopic.php?id=138727):
auth plain
Content is available under GNU Free Documentation License 1.3 or later unless otherwise noted.