Option to send mail to local addresses, like "root" or "cron"

[markstos]

Some Linux utilities will send mail from a local address with no @ sign, like "cron" , to a local email address like "root" (again, no "@" sign or domain).

While msmtp has features to alter the envelope sender and recipient, it doesn't alter the "To:" or "From:" message itself.

When the Envelope doesn't match these details, it can be considered spam. AWS SES is an example of an SMTP service that won't accept mail addressed to "root", even if the Envelope recipient is valid. But sending out cron mails is exactly the kind of thing that msmtp should be good for!

One issue about this in the msmtp bug tracker is here:
marlam/msmtp#98

So I propose that the Ansible role introduce a small feature to address, since the msmtp maintainer considers it out of scope.

I successfully tested the solution of adding my own sendmail wrapper. In my case, I hard-coded an email address to use, but a proper solution could use a template variable and a variable for this:

#!/usr/bin/sh
# If either the "From" or "To" contain a bare local address like just "root"
# Then rewrite that to be [email protected]
# This feature is missing from msmtp.
# Ref: https://github.com/marlam/msmtp-mirror/issues/98
sed -e '/From:[^@]*$/ s/From:.*$/From: [email protected]/;/To:[^@]*$/ s/To:.*$/To: [email protected]/;' | /usr/bin/msmtp $@

Then in Ansible:

- name: Install mstmp wrapper to fix local addresses
  tags: mail
  ansible.builtin.copy:
    src: usr/local/sbin/sendmail
    dest: /usr/local/sbin/sendmail
    # Must be setuid
    mode: "u+rwx,g=sr,o=x"
    group: msmtp

I tested this with the mail app (mailx) on Ubuntu 22. It relies on clients looking up sendmail in $PATH. If some place has hardcoded the path to /usr/sbin/sendmail, my fix wouldn't cover that since I don't replace that file.

[marlam]

What msmtp can do is this:

• replace the From header with the envelope-from address (via set_from_header on)
• replace the To/Cc/Bcc headers with To: undisclosed-recipients:; (via set undisclosed_recipients on)

That should be enough to make all mail services accept the mail.

Yes, I currently do consider rewriting the headers to arbitrary values to be outside the scope of msmtp, because I think the above is sufficient -- but that does not mean that I cannot change my mind if you can explain why it's not sufficient ;)

External scripts can help, of course, but it's hard to prevent them from modifying the body of the mail instead of just the headers if a line in the mail body happens to start with From: or To:.

[markstos]

I looked into set undisclosed_recipients on, but it sets the value unconditionally. I only would want something like that if the To/Cc/Bcc is a local address.

[marlam]

Msmtp currently does not offer this flexibility and configurability. For your use case I would recommend using postfix.

[markstos]

@marlam The combination of msmtp along with the sendmail wrapper script above that I posted above is working fine for me. Ansible makes that customization easy to manage. I came from Postfix and was looking for something less complex.

It's up to the Ansible role maintainer whether they support a wrapper like that or not.

[markstos]

I'm reporting back that I've been testing the wrapper for about a year and it's been working fine.