sendmail: Introduction and Configuration

 in
A guide for those of you configuring your first e-mail server.

With the growth of the Internet, e-mail has quickly become the main vehicle to spread information through the public at large. As the demand for fast, cheap and reliable e-mail grows, more individuals are turning to Linux to provide a fast, cheap and reliable solution.

sendmail was originally developed by Eric Allman, in 1979, as "delevermail", which first shipped with BSD 4.0. This program was not very flexible and required configuration at compile time. With the growth of TCP protocol and other factors, it became obvious that delevermail was not flexible enough to handle these new demands. Eric Allman had to recreate sendmail from scratch, and what he produced has become the standard for MTAs. Rather than reject messages that were did not conform to protocols, sendmail is designed to be tolerant of these messages. For those individuals who have never configured an e-mail server, this article will demonstrate how to configure sendmail 8.11.2 after a fresh install of Red Hat Linux 7.1.

By default, sendmail 8.11 is installed during the Red Hat Linux 7.1 installation. As Red Hat has progressed over the years, the installation process has become very easy. Though this article will not go into installation details, further documentation is provided on the Red Hat CD set.

For your new e-mail server to work, you must first get all the DNS issues straight. First, add the hostname and IP address for the new e-mail server to your DNS server and confirm the address with nslookup:

[root@testmail /root]# nslookup -sil testmail.blank.com
Server:         192.168.100.1
Address:        192.168.100.1#53
Name:   testmail.blank.com
Address: 192.168.100.134

It is also important that your administrator put a reverse DNS entry to prevent delays in mail delivery. Most modern e-mail servers use reverse lookup as a means of authentication for mail transfer. Again, confirm this setting is correct using the nslookup command on your IP address.

[root@testmail /root]# nslookup -sil 192.168.100.134
Server:         192.168.100.1
Address:        192.168.100.1#53
134.100.168.192.in-addr.arpa    name = TESTMAIL.blank.com.

As you can see, the DNS entries are setup and working correctly, so let's move on to actually configuring sendmail. By default, sendmail installations on Red Hat will only allow SMTP traffic on the localhost. The output of netstat -nl will show you all ports that have a dæmon listening; note the line that says 127.0.0.1:25. This means the server is only listening on the loop back interface for connections on port 25 (SMTP).

[root@testmail /root]# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address
State
tcp        0      0 0.0.0.0:32768           0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*
LISTEN
tcp        0      0 127.0.0.1:25            0.0.0.0:*
LISTEN
udp        0      0 0.0.0.0:32768           0.0.0.0:*
udp        0      0 0.0.0.0:667             0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     1119   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     1172
/tmp/.font-unix/fs7100

This will keep your mail dæmon from accepting e-mail from any computer except the localhost. To fix this issue, we must tell sendmail to listen for connections on the external interface. In the case of our new server, there is only one Ethernet card, with eth0 being the external interface. To confirm the IP on eth0, simply perform an ifconfig. Depending on your configuration, this IP can be different than the address defined by your DNS server, but in our example the addresses are the same.

   
[root@testmail /root]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:60:97:DE:E9:99
          inet addr:192.168.100.134  Bcast:192.168.100.255
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12421 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0xe000
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
 

This machine has an address of 192.168.100.134 on the eth0 interface. Once you have that address, edit the /etc/sendmail.cf file and configure the sendmail dæmon to listen on the address.

# SMTP daemon options
O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA

change to

O DaemonPortOptions=Port=smtp,Addr=192.168.100.134, Name=MTA

Once you have completed this task, save this file and restart the sendmail dæmon using the rc script /etc/init.d/sendmail.

[root@testmail /root]# /etc/init.d/sendmail restart
Shutting down sendmail:                                    [  OK  ]
Starting sendmail:                                         [  OK  ]
[root@testmail /root]#

Now check to see if there has been a change with the netstat -nl command. As you can see the output clearly shows that a dæmon (sendmail) is listening on port 25 of the IP address 192.168.100.134 that is assigned to our interface eth0.

[root@testmail /root]# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q send-Q Local Address           Foreign Address
State
tcp        0      0 0.0.0.0:32768           0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*
LISTEN
tcp        0      0 192.168.100.134:25      0.0.0.0:*
LISTEN
udp        0      0 0.0.0.0:32768           0.0.0.0:*
udp        0      0 0.0.0.0:667             0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     1119   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     1172
/tmp/.font-unix/fs7100
[root@testmail /root]#

Now that we have sendmail accepting external connections, we need to assign the domains that can be accepted. This can be accomplished with the /etc/mail/local-host-names file. Simply put the domain name, blank.com, in the file.

# local-host-names - include all aliases for your machine here.
blank.com

Once this information is saved in this file, restart the sendmail dæmon with the rc script sendmail found in /etc/init.d/sendmail restart. sendmail can accept e-mail for multiple domains on the same server. Insert the domain name into this file each time you want to add a new domain.

You now have a fully working e-mail server from the localhost. It can accept e-mail from anywhere in the world, but can only send e-mail or relay e-mail from the localhost. Another default security feature is that sendmail will not allow the relay of any mail to prevent spam originating from your server. If your users log directly into the server, this configuration does not need modification. But if your organization is like most, clients are using e-mail from remote sites. If your users use clients like KMail or Outlook Express, you will need to allow those machines to relay e-mail using your new server, but you do not want to open your site up to complete relay. This can be done by adding the following line to the /etc/mail/access file and running the command make access.db after saving that file.

blank.com                       RELAY
# Check the /usr/share/doc/sendmail-8.11.2/README.cf file for a
description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail-8.11.2/README.cf is part of the
sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
127.0.0.1                       RELAY
blank.com                         RELAY
 
[root@testmail mail]# make access.db
[root@testmail mail]#

The make access.db command will include your new setting in the hash database used by sendmail to determine who can relay e-mail off your server. This will allow connections from inside the blank.com domain to relay e-mail from your new mail server, and prevent use of the service to nonmembers. One can also put a subnet of IPs, such as 192.168, to limit inside a domain. Keep in mind that if this setting is to open, spammers can bounce huge amounts of e-mail off your system.

Now that you can accept e-mail from anywhere in the world, have configured your domain, and allowed relay e-mail for approved clients, you may want to allow remote access to that mail. This can be accomplished with IMAP or POP. With a default server install, not all required packages are installed to make POP/IMAP mail work. These services can be obtained by the installation of the imap-2000-9 rpm package. To check the install status of this package use the following command: rpm -aq | grep -i imap. If no package is found, insert Disk 2 of the Red Hat 7.1 installation disk set into your cd-rom and mount that media. To accomplish this use the mount /dev/cdrom /mnt/cdrom command.

[root@testmail mail]# mount /dev/cdrom /mnt/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
(Successful Mount of Read-Only Media)
Once mounted you can install the package with rpm -Uvh
        /mnt/cdrom/RedHat/RPMS/imap-2000-9.i386.rpm.
[root@testmail mail]# rpm -Uvh
/mnt/cdrom/RedHat/RPMS/imap-2000-9.i386.rpm
Preparing...                ###########################################
[100%]
   1:imap                   ###########################################
[100%]
As you can see, when I run the rpm search, rpm -aq | grep -i
imap the IMAP package is displayed with output.
[root@testmail mail]# rpm -aq | grep -i imap
imap-2000-9
[root@testmail mail]#

With the correct package install, you now need to enable POP3 connections to your new e-mail server. This can be accomplished in the /etc/xinetd.d directory by modifying the ipop3 file. Set the value for disable to no, and save the file. Remember to maintain the case as it appears in the file.

# default: off
# description: The POP3 service allows remote users to access their mail
\
#              using an POP3 client such as Netscape Communicator, mutt,
\
#              or fetchmail.
service pop3
{
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/ipop3d
        log_on_success          += USERID
        log_on_failure          += USERID
        disable                 = no
}

Now you need to restart the xinetd dæmon to make the new setting work. This is possible by using the rc script /etc/init.d/xinetd. Simply issue the restart command as seen below.

[root@testmail xinetd.d]# /etc/init.d/xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]
[root@testmail xinetd.d]#

Now send a test e-mail to your new server and connect to the server via your favorite pop client. You should now be able to access your e-mail via POP protocol.

One final consideration about your new server is performance. You may receive complaints about slow connection to your POP server if the client traffic is being initiated from behind a firewall. The reason for this delay is that your e-mail server initiates a IDENT session with the client to confirm the identity of the client. If there is no response to that query, the server will invoke a timeout value set by default to 5 seconds. This value can be reduced to 1 second to remove most of the delay caused by IDENT. To change this value edit the /etc/sendmail.cf file, and reduce the timeout value to the desired value.

# timeouts (many of these)
#O Timeout.ident=5s
change to
O Timeout.ident=1s

Your e-mail server is now working and providing service to your users. There are many more configurations for sendmail that are beyond the scope of this article. Linux will provide a very stable, robust platform for your e-mail needs. To find more information about sendmail visit www.sendmail.org.

Eric Jorn Seneca is a UNIX system engineer in Baton Rouge, Louisiana.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Hey, Thanks for such a lovely

Anonymous's picture

Hey,

Thanks for such a lovely doc however when I am doing the ifconfig it is not giving the host IP Address for SMTP Server and it is giving below IP 39.96.8.8. and I think that is the reason it is not giving the port 25 to listen to our IP, instaed it is shwoing 127.0.0.1(Local Host).

Please let me know what should be done from my side.

Thanks,

Thanks

Anonymous's picture

Many thanks, i was struggling to configure sicne long time but after following your post i configure it successfully

thanks a lot

sending mail

Anonymous's picture

am developing an application on mailserver in php and mysql..
can i use roundcube for my application.. how to use it.

Very good document. Thanks

Suman Kumar Mandal's picture

Very good document. Thanks Eric

dsn=2.0.0, stat=Sent

Anonymous's picture

dsn=2.0.0, stat=Sent (n9T5vBsn013704 Message accepted for delivery

Thanks a lot Eric. This

Hoan's picture

Thanks a lot Eric. This article is great.
Your explanation is very easy to follow.

Need Help- How to Configure Send mail in Linux Enterprise Editio

Dibakar Sahoo's picture

Hi
need help how to configure send mail in linux enterprise edition 4.0.

this server is loaded with
Linux ENterprise edition 4.0
IBM Websphere and Oracale

can i configure send mail in this environment.

please help

fantastic, just fantastic

Linn's picture

this is fantastic post.. thanks very much..for sharing

Thanks Eric

echikoz's picture

Hi Eric,
It is good to know that someone who shares my name can be this helpful.Am now able to telnet on 110 of my server.
Cheers,
Erick.

adding comments

venkat raman's picture

i think this is very very useful for me in clarifying various doubts.
but i wants deep in case of sendmail problenm regarding defered DNS I.E. dsn=4.0.0 , state=defered, connection refused by xxx.xxx.com etc
but very useful hint from /etc/mail/local-host-names

I am not really like to

Alex2's picture

I am not really like to leave comments. But this is really a very handy paper. I set up sendmail very quickly after reading it.

Thanks So Much

Adam Doupe's picture

Hey, I really appreciate this article, it helped me set up sendmail quickly. Thanks for the good article.

Problem with spams

parikshit's picture

Hi,
I am developing an application in jsp. we are using java mail api to send email through our application.

The problem with us is that our mais are landing in spam folders in a few public domain email providers.

One of the spam lists says that our mail server is not correctly configured and thats why our mails are landing in spam folder.
here is the link:
http://cbl.abuseat.org/remove.cgi?ip=66.232.112.182

thanks in advance.

creating user accounts after configuring sendmail

Den's picture

Hi,
I do appreciate for your nice material on configuring sendmail.I have successfully managed to follow it the end but question is how do i create email accounts for users in my email server

Excellent job

Anonymous's picture

Excellent job ...............Thanks a lot

thanks Eric!

Vitu's picture

Thanks Eric, this article is great.

Please explain some more

Sreedhar.T.P's picture

I saw ur article and found it intersting. Iam new to Linux and i have a handful of doubts. Will u please explain me...

By configuring sendmail can i add unlimited users

Where will be the email data stored

Will this configuration work in Red Hat Enterprise Linux AS4

Can i configure it it GUI mode.

Is it easy to administer

Expecting a detailed reply

Thanking you

Sreedhar

hello

Larry's picture

I found it very useful.

sendmail config

JaR's picture

need some help
i have a smtp working with pop3 runing
my problem is some ips use my server for spam
how i can stop that?
tcp 0 0 nicolaescumalex.pi:smtp 221.221.234.210:2865 ESTABLISHED
tcp 0 0 nicolaescumalex.pi:smtp 221.221.234.227:2658 ESTABLISHED
tcp 0 0 nicolaescumalex.pi:smtp 221.221.255.137:bmap ESTABLISHED
tcp 0 0 nicolaescumalex.pi:smtp 221.221.255.94:2725 ESTABLISHED
tcp 0 0 nicolaescumalex.pi:smtp 221.221.255.94:4754 ESTABLISHED
tcp 0 0 nicolaescumalex.pi:smtp 221.221.232.215:2402 ESTABLISHED
tcp 0 0 nicolaescumalex.pi:smtp 221.221.255.137:4755 ESTABLISHED

this are the conection to my smtp

they are using big list of email address and have wrong addres in the list
i receive mails like this
From: Mail Delivery Subsystem
Subject: Postmaster notify: see transcript for details
This is a MIME-encapsulated message

--j867TerR011920.1125991785/nicolaescumalex.piatraneamt.rdsnet.ro

The original message was received at Tue, 6 Sep 2005 07:29:40 GMT

my question is
how they can access my smtp and how i can blok it??
thx

prevent spammers from using my sendmail

Anonymous's picture

Has anyone responded to this posting?

Hi, Is it possible to read m

jibu's picture

Hi,
Is it possible to read messages directly from sendmail using java without using pop3?
Thanks
Jibu

Re: Sendmail Configuration.

Abbass's picture

This article is really great.

Can't recieve mail externaly or localy

CharlesB's picture

I am relitivly new to linux "mandrake 10.0" I have read your step by step on setting up sendmail..... "Perfect simple absolutly the best I have read". I can send emails externaly and localy but for the life of me I can not recieve mails sent to the mail server here. I have tryed everything I could think of and have read "including your step by step". Nothing seems to be working at all for me :(

Relaying help needed

Andre's picture

I have a fully working sendmail set up going, I can send mail using a web client (Squirrelmail) and receive mail fine using a POP3 server and IMAP. I cannot send mail from home using a client like Outlook, I get "RELAY DENIED" error, but I can download my mail from the server.

I've tried auth settings on the client side, but nothing seems to work when I send mail to a domain not listed in my relay-domains list. Obviously I can't add all domains or *.com etc, as that will open the relay. Any ideas/comments/suggestions?!

I need to get this working, without using the ISP's SMTP server for sending, I've got a client that wants to use this server in house...

Re: Relaying Help needed

Rohit's picture

Hi,

I am also facing the same problem as you, If you have found some solutions for the same, then pls share with me..

Thanks

It feels good to see smtp working....

Chris Jackson's picture

I have tried and tried to get sendmail working - awesome article. Thanks...

problem in accessinig access file

mks's picture

Hi,

I have read the following line in ur article for configuring sendmail.

This can be done by adding the following line to the /etc/mail/access file and running the command make access.db after saving that file.

blank.com RELAY

But when i tried to access /etc/mail/access file, it is asking for encryption key. What should i do now?

Re: sendmail: Introduction and Configuration

Anonymous's picture

Erick,

YOU ARE THE CHAMPION MY FRIEND.

Miguel
Miami, FL
mfvh@yahoo.com

Re: sendmail: Introduction and Configuration

Anonymous's picture

Very good article because it's simple and complete. It worked fine. The only thing would be to explain thant this pop3 works on port 995

Re: sendmail: Introduction and Configuration

Anonymous's picture

Good Job Eric. Good combination of stuff put together. Good for new linux net admins.
Thanks on every ones behalf

Re: sendmail: Anonymous Email Configuration

Anonymous's picture

Hi ,

I have configured a email mail server , it is working fine .

Now the problem is , I want my email server to accept anonymous emails i.e , if some one responds with anon123@xyz.com (ex my domain is xyz.com) and i don't have such user still i want his mail to land in my email server how do i do it ...........

What configuration should i set in my sendmail.cf file

Sendmail gurus pls help me

Re: sendmail: Anonymous Email Configuration

Anonymous's picture

hi dear,

You don't have to do anything.

Just creat a catchall account in your mail server.

Thanks

Re: sendmail: Anonymous Email Configuration

Anonymous's picture

How do I create a catch all in the mail server

please tell me how to create

Anonymous's picture

please tell me how to create a catch all account in mail server using sendmail.How to create auto responders vacations mail too

Re: sendmail: Introduction and Configuration

Anonymous's picture

hai

i used ur instructions to configure sendmail it worked very fine .

the problem is in virtual domains

when i send mail to the

user@virtdomain.com

it gets aliased to user@mydomain.com

but the reply address for that user will come as user@mydomain.com

plz help me out.

my mail id is

shivakumarnm@yahoo.com

Re: sendmail: Introduction and Configuration

Anonymous's picture

My Name Is Zafrulla Khan

I dont Know ...sendmail Conf i was struggling for a long time to configure the sendmail ......Luckly by the god Grace i found your link for the Google Search Engine .....

I can not say in words how i was benifited from this conf
I will be always thank full to you in my life

Any futher conf about this plz put on the web .....plz

zafaronline@rediffmail.com

Re: sendmail: Introduction and Configuration

Anonymous's picture

Thanks for the help here. I was confused , how come pop3 is not workyby default in linux8.0, once i gone thru the help and set disabled=no in /etc/xinetd , starts working fine. THanks alot.

By the way, i have enabled imapd also in the same fashion, that means my mechine will work as an IMAP server too, is't it??

Re: sendmail: Introduction and Configuration

Anonymous's picture

Thanks for a great help on sendmail only listen on port 25 on loopback. Keep it up.

Re: sendmail: Introduction and Configuration - BRILL!

Anonymous's picture

Absolutely BRILLIANT!!!!!

At last sendmail works, no other tutorial managed that for me!

THANK YOU!

Relay denied

Anonymous's picture

Incredible article! Thanks Eric.....

I

Re: Relay denied

Anonymous's picture

hi i have the same problem... and i'dont know haw to resolve this, can you help me too...

thanks

please send me an e-mail to

vasile_turcu@yahoo.com

Re: Relay denied

Anonymous's picture

Same problem here :(

Altough i can send email inside my network without problems, if i try to send an email i.e. hotmail i get an relay denied error

help please!

Re: sendmail: Introduction and Configuration

Anonymous's picture

Incredible article! Thanks Eric, this piece of text just broke the ice for me regarding linux.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Glad to help

Re: sendmail: Introduction and Configuration

Anonymous's picture

Thank you so very much. I have been without email services on my server for a week because my new host doesn't "manage the servers". I actually did all the steps in reverse because I couldn't find a good (and short) guide, until I found this page using google.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Thank you so much... This is the best article on how to configure sendmail, I tried for 3 days to get this thing work and thanks to this article is working!!

Re: sendmail: Introduction and Configuration

Anonymous's picture

use the chkconfig command for xinetd specific services. After you install the imap package, run chkconfig --list. This will list all rc startup services. Under xinetd you will see the xinetd specific services. ipop2, ipop3, imap, imaps, etc should all say 'no' under startup. Do a 'chkconfig ipop3 on' will turn on ipop3 for all runlevels. Using chkconfig accomplishes the same thing as editing the /etc/xinetd.d/ipop3 but is a cleaner way, and works for all startup rc scripts.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Excellent, I have been having problems with this for a week now, the article is direct strait forward and most of all correct.

A big thank you.

Mike

Re: sendmail: Introduction and Configuration

Anonymous's picture

I'm senior Computer engineer from KMITL ( THAILAND ) My project is webmail opensource. I develop twig and must to config sendmail . I try for a week about sendmail. This article is greate,awful,Even i use mandrake but it work. Thank a lot. thank opensource. My email address is maydream@hotmail.com

Re: sendmail: Introduction and Configuration

Anonymous's picture

It Really Works

Thanx a lot for such an article.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState