Django site - need to send emails - 100% newb
I want to be able to send email from the site but have no idea how to set this up securely.
I have seen the options are qmail, postfix and exim. Exim4 is installed on my Ubuntu 8.04 image. I can't figure it out.
I also read that using gmail to do the smtp was a better solution, and I tried the help I found on [
After all that, what is the simplest lowest-maintenance and highest security means of getting a web-app to be able to send emails to users?
Thanks,
\d
5 Replies
Okay, so there are two basic approaches. One is to use a mail server installed on your linode by creating a file in the standard email format, and then calling an external program like 'mail' or 'mailx' to submit it. SImple and pretty immune to temporary network problems. OTOH, you have to configure your mail server properly.
A second approach is to talk SMTP directly to a mail server (this is what the Django functions do). That server could be your own (on the linode), or an external server that you have permission to use. You could talk to the gmail server, but you'd only be able to send messages to gmail accounts (unless you've bought their remote mail service, I suppose). If you want to receive messages on your linode, you'll still need to configure your own server.
As far as security, there's a couple of issues. One is the server itself; in particular, it must not act as a open relay. (An "open relay" is one that accepts mail from anyone, delivered to anyone.) By default, the mail servers installed on Debian and Ubuntu are not open relays. A second issue is the webapp interface. It should not be able to send mail to arbitrary addresses, or accept mail from non-authorized users. (If you're talking about e-mailing notifications internally, that's fine.)
As far as configuring the mail server itself, there's all kinds of docs and how-tos out there. Configure it to work using the "normal" tools, like mailx or mutt. Accessing it from the web app isn't that different.
@SteveG:
OTOH, you have to configure your mail server properly.
That's what concerns me. I started reading the exim docs and they go to great lengths to warn people off the whole idea!
(
So, I looked all over the Linode wiki (and google) for guides about setting up a MTA safely, but it's a voodoo area.
> A second approach is to talk SMTP directly to a mail server … That server could be your own (on the linode)
Is this SMTP server the same as the mail/mailx you spoke of earlier, or some other beast?
> or an external server that you have permission to use.
Do you know if Linode offers a paid service for this? If not, can you recommend one?
> You could talk to the gmail server, but you'd only be able to send messages to gmail accounts
Just to be sure : Does this mean I do not need to setup anything in postfix or exim or any other system on the Linode? It just zips out to that other server? If not, what should I be setting and where?
> If you want to receive messages on your linode, you'll still need to configure your own server.
Thanks, little tidbits of info make all the difference from my newb perspective!
> By default, the mail servers installed on Debian and Ubuntu are not open relays.
Would it not be of advantage to Linode to include good information in the docs/wiki about how not to screw up the default settings? I mean it's too easy for someone like me to hack conf files (based on random web searches) trying to get something to work and not know when I am creating a relay!
> A second issue is the webapp interface. It should not be able to send mail to arbitrary addresses, or accept mail from non-authorized users.
Another good tip. I shall be extra-cautious in my Python code.
> Configure it to work using the "normal" tools, like mailx or mutt. Accessing it from the web app isn't that different.
Okay, at least I have two more keywords to search on than I did earlier.
Thanks for the input.
\d
I think it's because I was sending mail to myself (same from and to) and that gummed-up the works.
So, to confirm for others: You can send email from Django via gmail smtp, just don't send it to yourself!
The code that worked was:
Ps, use: python manage.py shell and set these vars in your settings.py:
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'YOU@gmail.com'
EMAIL_HOST_PASSWORD = 'yourpassword'
EMAIL_PORT = 587
from django.core.mail import send_mail
send_mail('Test', 'This is a test', 'YOU@gmail.com',['SOMEONEELSE@BLAH'],fail_silently=False)
Hope that helps.
\d
@donn:
So, I looked all over the Linode wiki (and google) for guides about setting up a MTA safely, but it's a voodoo area.
…
Would it not be of advantage to Linode to include good information in the docs/wiki about how not to screw up the default settings? I mean it's too easy for someone like me to hack conf files (based on random web searches) trying to get something to work and not know when I am creating a relay!
Well, it's actually pretty easy to keep things safe if one starts with a known good config (which Debian/Ubuntu do), and just make small changes, such as adding a particular domain or user alias. It is admittedly harder when you are completely new to the whole concept, but I was there once, and the information is out there. I'm not sure, though, that a "how not to screw up" document is possible.
>
> A second approach is to talk SMTP directly to a mail server … That server could be your own (on the linode)
Is this SMTP server the same as the mail/mailx you spoke of earlier, or some other beast?
A different beast. SMTP is the network protocol used to send messages between hosts. Exim and postfix are examples of SMTP servers (among other things). The unix programs mail and mailx are simple text-based mail clients, like Outlook, only better :-). Unlike Outlook, they don't use networking to talk to the mail server. Instead they just submit a file to a local mail server system using the "sendmail" program (both postfix and exim have a "sendmail" program that Does The Right Thing.) For exim and postfix, SMTP and "sendmail" are just two different ways to submit an e-mail message; the result is equivalent.
>
> or an external server that you have permission to use.
Do you know if Linode offers a paid service for this? If not, can you recommend one?
Linode does not. I don't have any basis to recommend, but there are plenty out there.
>> You could talk to the gmail server, but you'd only be able to send messages to gmail accounts
Just to be sure : Does this mean I do not need to setup anything in postfix or exim or any other system on the Linode? It just zips out to that other server? If not, what should I be setting and where?
Yes - as you've setup Django in your following message, your linode is completely bypassed: the python function just talks directly to the gmail servers. And, if you're logged in, it even lets you send to anyone.
I'm not sure how well gmail smtp will work, nor what it's limitation may be but I'll get around to mail after my to-do list has become much shorter.
\d