Sending E-Mail notifications

[szeoguprer]

Is there something already built into Proxmox for sending automated e-mail notifications if updates are available or other events happen?

Or do I have to come up with my own solution for this?

I couldn't find anything in the documentation.

 

[RokaKen]

Yes, but notification depends on configuring a valid e-mail address for 'root@pam' in Datacenter > Permissions > Users > root as mentioned in 14.1.1. System administrator (and that assumes you installed 'postfix' or equivalent MTA with a configuration to relay the mail as appropriate).

 

[szeoguprer]

I've already set a valid e-mail address for root via the GUI.
But that's the only thing I've done.

Could I also use msmtp for that?

 

[RokaKen]

Could I also use msmtp for that?

It's possible, but your level of effort may be higher. Note that PVE expects/monitors 'postfix' specifically under Node > {nodename} > System > postfix; however, that doesn't mean it's required. For instance, I _hate_ systemd-timesyncd so I run chronyd instead and ignore the status in PVE.

 

[szeoguprer]

In that case it would make sense to use Postfix I guess.
So I tried to set it up. But I couldn't get it to work properly.

I want it to send mails only via a remote SMTP server of my mail provider.
This provider only accepts mail where the 'from' address matches with my registered address.
So I somehow have to rewrite the from address.

#edit: I could get it to work like this:

# /etc/postfix/main.cf

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl/accounts

smtp_tls_security_level = encrypt
smtp_tls_wrappermode = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

sender_canonical_maps = hash:/etc/postfix/sender_canonical

# /etc/postfix/sasl/accounts

[smtp.domain.tld]:465 address@domain.tld:password

# /etc/postfix/sender_canonical

root address@domain.tld

postmap /etc/postfix/sasl/accounts
postmap /etc/postfix/sender_canonical

chown root:root /etc/postfix/sasl/accounts /etc/postfix/sasl/accounts.db
chmod 0600 /etc/postfix/sasl/accounts /etc/postfix/sasl/accounts.db

systemctl reload postfix

echo "test" | mail -s "test subject" address@domain.tld

In the Postfix documentation it says that wrappermode is a legacy thing for servers that don't support STARTTLS.
Is it less secure to turn this on? If I turn it off, I can't send the mail successfully.

But I'm confused about this anyway.
My mail provider does support STARTTLS but only on port 587.
And it also supports SSL/TLS on port 465.
Since SSL/TLS should be more secure than STARTTLS I want to use that one. But that's only possible with wrappermode turned on.