(system) mails via sendgrid

When you run multiple servers it might happen that you have one - or multiple - that run local jobs. In addition those jobs might need to mail results somewhere.

Or you have software that wants to send our e-mails - or you want that this software does, like the Graylog Reporting.

Back in the good old days you would have just installed exim or postfix local on all servers that need to send mails - created a little mess of configuration to have the right sender and ready to rumble.

But we are not anymore in this time and you need to have in mind that your mails need to be delivered. Mail policies of your sender domain need to be followed. That include SPF and DKIM - means it would become a real mess to send messages out from everywhere.

Should you already have sendgrid available it becomes easy again. I just discovered that over the last day and write my findings.


It is possible to use sendgrid as smtp relay system what already makes it easy to integrate in some kind of application that accepts a configuration. But you can combine that smtp relay with opensmtpd and even your cron jobs could send dkim/spf honoring emails out.

The following configuration for opensmtpd will listen on localhost and the internal network interface, accept any connection on that without authentication and send everything via the sendgrid relay out.

# write username/pass in that
table secrets file:/etc/opensmtpd/secrets

# listen on localhost & internal network
listen on 127.0.0.1 inet4 port 25 hostname localhost
listen on 192.168.0.1 inet4 port 25 hostname mgmt.horse

# do not mess with ipv6 internal
limit mta inet4

# only send mails out via relay
accept from any for any relay via \
    tls+auth://secret-sendgrid@smtp.sendgrid.net:587 \
    auth <secrets> \ 
    as "root@mgmt.horse" hostname mgmt.horse

Yes, that creates an open mail relay - but I trust the servers that can use it. So please be careful and do not run the above non-secure configuration on public available servers.

Just place the sendgrid API key inside the /etc/opensmtpd/secrets with the identifier and after you have started opensmtpd your server can mail it cron results.

secret-sendgrid apikey:yos9im3aes9roahieloh7saV6eesu1jeer4Ah

Writing the configuration for opensmtp is different - but once you understood it is straight forward.

Show Comments