sendmail: Introduction and Configuration

 in
A guide for those of you configuring your first e-mail server.

With the growth of the Internet, e-mail has quickly become the main vehicle to spread information through the public at large. As the demand for fast, cheap and reliable e-mail grows, more individuals are turning to Linux to provide a fast, cheap and reliable solution.

sendmail was originally developed by Eric Allman, in 1979, as "delevermail", which first shipped with BSD 4.0. This program was not very flexible and required configuration at compile time. With the growth of TCP protocol and other factors, it became obvious that delevermail was not flexible enough to handle these new demands. Eric Allman had to recreate sendmail from scratch, and what he produced has become the standard for MTAs. Rather than reject messages that were did not conform to protocols, sendmail is designed to be tolerant of these messages. For those individuals who have never configured an e-mail server, this article will demonstrate how to configure sendmail 8.11.2 after a fresh install of Red Hat Linux 7.1.

By default, sendmail 8.11 is installed during the Red Hat Linux 7.1 installation. As Red Hat has progressed over the years, the installation process has become very easy. Though this article will not go into installation details, further documentation is provided on the Red Hat CD set.

For your new e-mail server to work, you must first get all the DNS issues straight. First, add the hostname and IP address for the new e-mail server to your DNS server and confirm the address with nslookup:

[root@testmail /root]# nslookup -sil testmail.blank.com
Server:         192.168.100.1
Address:        192.168.100.1#53
Name:   testmail.blank.com
Address: 192.168.100.134

It is also important that your administrator put a reverse DNS entry to prevent delays in mail delivery. Most modern e-mail servers use reverse lookup as a means of authentication for mail transfer. Again, confirm this setting is correct using the nslookup command on your IP address.

[root@testmail /root]# nslookup -sil 192.168.100.134
Server:         192.168.100.1
Address:        192.168.100.1#53
134.100.168.192.in-addr.arpa    name = TESTMAIL.blank.com.

As you can see, the DNS entries are setup and working correctly, so let's move on to actually configuring sendmail. By default, sendmail installations on Red Hat will only allow SMTP traffic on the localhost. The output of netstat -nl will show you all ports that have a dæmon listening; note the line that says 127.0.0.1:25. This means the server is only listening on the loop back interface for connections on port 25 (SMTP).

[root@testmail /root]# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address
State
tcp        0      0 0.0.0.0:32768           0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*
LISTEN
tcp        0      0 127.0.0.1:25            0.0.0.0:*
LISTEN
udp        0      0 0.0.0.0:32768           0.0.0.0:*
udp        0      0 0.0.0.0:667             0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     1119   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     1172
/tmp/.font-unix/fs7100

This will keep your mail dæmon from accepting e-mail from any computer except the localhost. To fix this issue, we must tell sendmail to listen for connections on the external interface. In the case of our new server, there is only one Ethernet card, with eth0 being the external interface. To confirm the IP on eth0, simply perform an ifconfig. Depending on your configuration, this IP can be different than the address defined by your DNS server, but in our example the addresses are the same.

   
[root@testmail /root]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:60:97:DE:E9:99
          inet addr:192.168.100.134  Bcast:192.168.100.255
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12421 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0xe000
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
 

This machine has an address of 192.168.100.134 on the eth0 interface. Once you have that address, edit the /etc/sendmail.cf file and configure the sendmail dæmon to listen on the address.

# SMTP daemon options
O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA

change to

O DaemonPortOptions=Port=smtp,Addr=192.168.100.134, Name=MTA

Once you have completed this task, save this file and restart the sendmail dæmon using the rc script /etc/init.d/sendmail.

[root@testmail /root]# /etc/init.d/sendmail restart
Shutting down sendmail:                                    [  OK  ]
Starting sendmail:                                         [  OK  ]
[root@testmail /root]#

Now check to see if there has been a change with the netstat -nl command. As you can see the output clearly shows that a dæmon (sendmail) is listening on port 25 of the IP address 192.168.100.134 that is assigned to our interface eth0.

[root@testmail /root]# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q send-Q Local Address           Foreign Address
State
tcp        0      0 0.0.0.0:32768           0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*
LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*
LISTEN
tcp        0      0 192.168.100.134:25      0.0.0.0:*
LISTEN
udp        0      0 0.0.0.0:32768           0.0.0.0:*
udp        0      0 0.0.0.0:667             0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     1119   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     1172
/tmp/.font-unix/fs7100
[root@testmail /root]#

Now that we have sendmail accepting external connections, we need to assign the domains that can be accepted. This can be accomplished with the /etc/mail/local-host-names file. Simply put the domain name, blank.com, in the file.

# local-host-names - include all aliases for your machine here.
blank.com

Once this information is saved in this file, restart the sendmail dæmon with the rc script sendmail found in /etc/init.d/sendmail restart. sendmail can accept e-mail for multiple domains on the same server. Insert the domain name into this file each time you want to add a new domain.

You now have a fully working e-mail server from the localhost. It can accept e-mail from anywhere in the world, but can only send e-mail or relay e-mail from the localhost. Another default security feature is that sendmail will not allow the relay of any mail to prevent spam originating from your server. If your users log directly into the server, this configuration does not need modification. But if your organization is like most, clients are using e-mail from remote sites. If your users use clients like KMail or Outlook Express, you will need to allow those machines to relay e-mail using your new server, but you do not want to open your site up to complete relay. This can be done by adding the following line to the /etc/mail/access file and running the command make access.db after saving that file.

blank.com                       RELAY
# Check the /usr/share/doc/sendmail-8.11.2/README.cf file for a
description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail-8.11.2/README.cf is part of the
sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
127.0.0.1                       RELAY
blank.com                         RELAY
 
[root@testmail mail]# make access.db
[root@testmail mail]#

The make access.db command will include your new setting in the hash database used by sendmail to determine who can relay e-mail off your server. This will allow connections from inside the blank.com domain to relay e-mail from your new mail server, and prevent use of the service to nonmembers. One can also put a subnet of IPs, such as 192.168, to limit inside a domain. Keep in mind that if this setting is to open, spammers can bounce huge amounts of e-mail off your system.

Now that you can accept e-mail from anywhere in the world, have configured your domain, and allowed relay e-mail for approved clients, you may want to allow remote access to that mail. This can be accomplished with IMAP or POP. With a default server install, not all required packages are installed to make POP/IMAP mail work. These services can be obtained by the installation of the imap-2000-9 rpm package. To check the install status of this package use the following command: rpm -aq | grep -i imap. If no package is found, insert Disk 2 of the Red Hat 7.1 installation disk set into your cd-rom and mount that media. To accomplish this use the mount /dev/cdrom /mnt/cdrom command.

[root@testmail mail]# mount /dev/cdrom /mnt/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
(Successful Mount of Read-Only Media)
Once mounted you can install the package with rpm -Uvh
        /mnt/cdrom/RedHat/RPMS/imap-2000-9.i386.rpm.
[root@testmail mail]# rpm -Uvh
/mnt/cdrom/RedHat/RPMS/imap-2000-9.i386.rpm
Preparing...                ###########################################
[100%]
   1:imap                   ###########################################
[100%]
As you can see, when I run the rpm search, rpm -aq | grep -i
imap the IMAP package is displayed with output.
[root@testmail mail]# rpm -aq | grep -i imap
imap-2000-9
[root@testmail mail]#

With the correct package install, you now need to enable POP3 connections to your new e-mail server. This can be accomplished in the /etc/xinetd.d directory by modifying the ipop3 file. Set the value for disable to no, and save the file. Remember to maintain the case as it appears in the file.

# default: off
# description: The POP3 service allows remote users to access their mail
\
#              using an POP3 client such as Netscape Communicator, mutt,
\
#              or fetchmail.
service pop3
{
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/ipop3d
        log_on_success          += USERID
        log_on_failure          += USERID
        disable                 = no
}

Now you need to restart the xinetd dæmon to make the new setting work. This is possible by using the rc script /etc/init.d/xinetd. Simply issue the restart command as seen below.

[root@testmail xinetd.d]# /etc/init.d/xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]
[root@testmail xinetd.d]#

Now send a test e-mail to your new server and connect to the server via your favorite pop client. You should now be able to access your e-mail via POP protocol.

One final consideration about your new server is performance. You may receive complaints about slow connection to your POP server if the client traffic is being initiated from behind a firewall. The reason for this delay is that your e-mail server initiates a IDENT session with the client to confirm the identity of the client. If there is no response to that query, the server will invoke a timeout value set by default to 5 seconds. This value can be reduced to 1 second to remove most of the delay caused by IDENT. To change this value edit the /etc/sendmail.cf file, and reduce the timeout value to the desired value.

# timeouts (many of these)
#O Timeout.ident=5s
change to
O Timeout.ident=1s

Your e-mail server is now working and providing service to your users. There are many more configurations for sendmail that are beyond the scope of this article. Linux will provide a very stable, robust platform for your e-mail needs. To find more information about sendmail visit www.sendmail.org.

Eric Jorn Seneca is a UNIX system engineer in Baton Rouge, Louisiana.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: sendmail: Introduction and Configuration

Anonymous's picture

I'm senior Computer engineer from KMITL ( THAILAND ) My project is webmail opensource. I develop twig and must to config sendmail . I try for a week about sendmail. This article is greate,awful,Even i use mandrake but it work. Thank a lot. thank opensource. My email address is maydream@hotmail.com

Re: sendmail: Introduction and Configuration

Anonymous's picture

Eric,

Many thanks. I was fumbling around trying to install Sendmail and had almost given up. I was contemplating giving Qmail a try.

Your article had me up and running in an hour.

Thanks again for a short, easy to follow article.

POP3 DOESN'T WORK: BEST CONFIGURATION ARTICLE YET: IMPORTANT QUE

Anonymous's picture

I am new to linux, and the whole open source thing. I found your article really easy to understand and followed the steps and it worked great except for the pop3 account. I seem to not be able to connect from any client to get mail off the server remotely. Please help. I can send mail out fine, send mail to the addresses, no problem. The xinetd.d/ipop3 says that disabled = no

tahnks

Re: POP3 DOESN'T WORK: BEST CONFIGURATION ARTICLE YET: IMPORTANT

Anonymous's picture

make sure you restart the daemon once that setting has been changed.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Eric,
thanks, thanks, thanks

5 minutes and sendmail was tunned.

Re: sendmail: Introduction and Configuration

Anonymous's picture

This is definitly a great article. The explanations are almost idiot proof. Wish the docs/books out there on Linux/Unix were as good as this.

Thanks a lot Eric.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Eric, I realy love you! I've been sitting for hours now staring at sendmail configuration files, but not a single articel or online manual told me to:

DaemonPortOptions=Port=smtp,Addr=192.168.100.134, Name=MTA

Thanks a lot and good night!

Re: sendmail: Introduction and Configuration

Anonymous's picture

This article is a life saver... I had searched every books about sendmail in the largest bookstore in canada.. but couldn't find information on how to do a simple configuration on sendmail.. It may sound unfair but the sendmail books are not much help on newbies like me... T

thank you ERIC... how about writing a book on sendmail...

Re: sendmail: Introduction and Configuration

Anonymous's picture

Thanks Eric for this article. I spent weeks trying to get my email server to work adding the ip address did it. I can't believe no one else has this in their books or articles it would have saved me a lot of time. I almost didn't read this article because I read so many before and nothing worked.

Allen Reed

areed@daplanetearth.com

Re: sendmail: Introduction and Configuration

matta's picture

You all seemed to have problems with the configuration before you read this article. So did I, and decided to try out qmail.

I love it. It's really easy to configure, and it's absolutetly the most advanced and configurable MTA I've ever used. If you have some spare time, I suggest you give it a try.

qmail
A great guide to qmail

Excellent article

Prabhu Seeba's picture

Excellent article

Re: sendmail: Introduction and Configuration

Anonymous's picture

Absolutely AWESOME article... I'd spent most of the day foraging through the web, the RH docs and it was just that darn daemon-port-options!

Thanks a million!

Re: sendmail: Introduction and Configuration

Anonymous's picture

Great Post!! After viewing dozens of "general information" pages looking for specific, step by step, instructions I came across this post. THANK YOU! Thank You! THANK YOU!!

Re: sendmail: Introduction and Configuration

Anonymous's picture

Jorn, thankyou very much for this article, ive spent days trying to work out how to connect to the smtp on a local network, the change from 127.0.0.1 to 198.162.0.1, arrghh its obvious when you see it :))

Re: sendmail: Introduction and Configuration

Anonymous's picture

This was a great idea, and excellently done, my only complain is the fact that it's geared towards Red Hat-type installs. Stopping and restarting daemons, and other commands should've been done from a linux standard standpoint, not a distribution specific standpoint. Just a small thing that I think would've added to the knowledged learned from this, but small things add up to big things. As someone who knows sendmail intimately, this paper does a great job outlining the basics of sendmail, and especially (I loved this) the importance of DNS concerning MX'ing in general. Great job!

Re: sendmail: Introduction and Configuration

Anonymous's picture

It shows I am a bit sleepy, my email is j_broton@yahoo.co.uk

Re: sendmail: Introduction and Configuration

Anonymous's picture

It

Re: sendmail: Introduction and Configuration

Anonymous's picture

You are an absolute Genious, great article I got POP and all my virtual domains to serve emails in ten minutes.

Despite a whole night working with sendmail, other articles, thinking it was the firewall, bla bla bla, etc etc.

Thanks, any help with Javascript, C or C++ send me a message.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Finally, someone has explained something straight forward and simple to understand! Keep up the good work!

Re: sendmail: Introduction and Configuration

Anonymous's picture

What's a great paper , I try to find how to config this sendmail for a week and this is the answer . Thanks a lot to your help. I had been studied in U of SW Louisiana at Lafayet for more than 10 years. I would like to know if I had more than one network (ex. 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24 ) and my linux mail server stays on 192.168.2.x/24 , how does the other network could use this sendmail server.Shoul I config with the DNS or the mail server. I already used the

route add -net IP netmask NETMASK dev eth1

** I had two lan cards.

Thanks again

Amrit Angsusingh

amrit@chaiyo.com

Computer Center

Nakornsawan , Thailand

Re: sendmail: Introduction and Configuration

Anonymous's picture

take a look at /etc/mail/access, which will result in the /etc/mail/access.db

Re: sendmail: Introduction and Configuration

Anonymous's picture

This is a wonderful article. Well written, straight-forward, and precisely the right amount of detail. I really appreciate this article, and the time it took to write.

Thanks again,

Nathan Harrington

nathan@kkkkkkkk.kkk.kkk natejoke.dhs.org because of this article.

Re: sendmail: Introduction and Configuration

Anonymous's picture

What a great article! I've spent the last three days browsing the internet, trying to find straight-forward articles explaing how to get sendmail and pop3 working. This was the ticket!! Thanks a million, Eric!!

Re: sendmail: Introduction and Configuration

Anonymous's picture

Great article...I love articles that are straight forward and down to the point. It has inspired me to look into some of the more complicated and sophisticated setting of sendmail. I would greately appreciate if you could also do an article on procmail and advanced features of sendmail.

Sincerely,

Vijay Avarachen

Re: sendmail: Introduction and Configuration

Anonymous's picture

I agree with you.this is the first aticle about sendmail I can understand.but I have a question.

in redhat 7.0 .I config DNS .when I run

nslookup It would display server name is hostname

Server: dns.blank.com

Address: 192.168.100.1#53

but in redhat7.1 it display Ipaddress

Server: 192.168.100.1

Address: 192.168.100.1#53

who can told me why ? my mail is chenshake@sina.com

Re: sendmail: Introduction and Configuration

Anonymous's picture

great article! sendmail is a beast, eric did a good job of covering basics everyone needs to know.

Re: sendmail: Introduction and Configuration

Anonymous's picture

the whole lecture if i should call it helped me a lot. but only thing is even though i can let the linux server send mails from internally, i can't get the pc's running windows receive and send mail with say outlook or netscape. the only way to do that is to logon by telnet to the server then send or recieve mails. what do i do?

Re: sendmail: Introduction and Configuration

Anonymous's picture

i configured sendmiail but i m not able to send mail from one domain to another pls help me .mail me on rag6040@yahoo.con

golla

Great Work!!!

Anonymous's picture

All I can say's that this is the most sensible and ppactical approach to Sendmail configuration I have ever read. Consider renaming the article "Sendmail for Dummies". Thanks a lot Eric and God bless.

Re: sendmail: Introduction and Configuration

Anonymous's picture

I have a problem where sendmail is translating an external email address to different internal email address. e.x John@x.com becomes John@y.com when passing through send mail. Any help with why this may be happening would be greatly appreciated.

Re: sendmail: Introduction and Configuration

Anonymous's picture

It is written in RedHat.com at this URL:

http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/s1-ema...

For example, if you want all email addressed to any domain.com account to be delivered to , you need to add a line to the virtusertable file:

--------

@domain.com bob@otherdomain.com

--------

Figure 16-1. virtusertable example

Then, to add this new information to the virtusertable.db file, execute makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable as root. This will create a new virtusertable.db that contains the new configuration.

Hope this well be useful.

RIK

Re: sendmail: Introduction and Configuration

Anonymous's picture

yes it worked very fine for me

execpt that the return address for user@virtdomain.com will be user @mydomain.com plz help

Re: sendmail: Introduction and Configuration

Anonymous's picture

If a local user tries to send email, sendmail will only allow the user to provide a different From: address if the user is on the trusted users list. This restriction exists to prevent users from forging email with faked From: addresses origination from your system. Try webmin makes it easy to set up sendmail.

joe

Re: sendmail: Introduction and Configuration

Anonymous's picture

Clear, easy to read and straight to the point! If only every posting on matters like sendmail configuration should like like this one one from Eric.

Congratulations and thanks to Mr SENECA!

Angelo Angelo.

Re: sendmail: Introduction and Configuration

Anonymous's picture

Good Article , as a fresher I learnt the basics of sendmail, and a brief idea of sendmail by reading this article, I would request if any short article on administration of sendmail, which will help me in understanding the complete sendmail.

Sendmail not sending email

Anonymous's picture

Hi all,
I am using Bugzilla on RedHAT Linux 9. This sends mails to the users, but when i check the maillog it shows the status as QUEUED.
What could be the reason for that.

Thanks

Sendmail not sending email

Anonymous's picture

Hi all,
I am using Bugzilla on RedHAT Linux 9. This sends mails to the users, but when i check the maillog it shows the status as QUEUED.
What could be the reason for that.

Thanks

Sendmail not sending email

Anonymous's picture

Hi all,
I am using Bugzilla on RedHAT Linux 9. This sends mails to the users, but when i check the maillog it shows the status as QUEUED.
What could be the reason for that.

Thanks

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState