Email Configuration
In this stage, we will setup mail alert such as: Sguild, Wazuh, Zeek,...
Using smtp server in your localhost Setup postfix and mailutils
sudo apt-get install postfix mailutils
Create your password file with
vi /etc/postfix/sasl_passwd
Populate the password file. Example:
[smtp.gmail.com]:587 myusername@gmail.com:mypassword
Secure the file by running
chmod 600 /etc/postfix/sasl_passwd
Replace the contents of the config file by running
vi /etc/postfix/main.cf
Place the following in the file:
relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
Encode password file by running
postmap /etc/postfix/sasl_passwd
Restart postfix service by running
systemctl restart postfix.service
Replace you@example.com with your email in the following code and test sending mail:
echo "Test mail from postfix" | mail -s "Test Postfix" you@example.com
Give google a min to process. You should see the sent mail in your sent folder for your gmail account and in the inbox of the specified destination account. If the mail doesn't come, check
tail -f /var/log/mail.log
Automatically Setup
If you want to configure email, you can run so-email and it will automatically configure automated server-side email for you as described below. Simply run the following command and follow the prompts:
sudo so-email
Select email you want to recieve email
Enter your email
Enter your smtp server (localhost is my SMTP server) Select daily report
Another for Sguil, OSSEC
Click Yes and waiting for setup
Testing DDOS using hping3:
View result in email
Write up by Fr0st