Services     Software     Commentary     Design     Astral Musings   
Config tips for the world's most ubiquitous MTA
Sendmail is a popular Mail Transfer Agent (MTA) that is installed by default on most Linux/UNIX systems. It only delivers mail to other services running locally or to other remote systems that are listening to the standard SMTP port. Not itself and end user solution, some other service that sendmail delivers messages to must be used to store and access email (e.g. POP or IMAP server). Typically end user then use a popular email client (e.g. Thunderbird, Seamonkey, Microsoft Outlook, ...) to access there mail fromt the server it is stored on.  
IMAP/POP servers

rickatech 2016-09

Elsewhere [edit]

# yum install sendmail

# yum install mailx 

# yum install cyrus-sasl-plain

# rpm -qa | grep -i cyrus


# rcsdiff 

  > define(`SMART_HOST', `')dnl
  > dnl # needed for sendgrid
  > define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
  > define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl

# systemctl status sendmail

# tail -f /var/log/messages  

# mailq

# tail -f /var/log/maillog  
The config files shown at right are from the first mail server in a two mail server scenario. The first server has port 25 exposed to the Internet and directly hosts mail for: The second server is internal only, but has the first server relay mail to it for domains:,,,,

Somehow this helps elucidate many of the common config tasks that sendmail setup entails even though it may be an atypical setup.

Tips ...
  • Sendmail will process email with local virtualusertable and aliases lookups if domain is listed in local-host-names. It _may_ be sufficient to omit locally processed domains from access file?
  • Sendmail processing skips local virtualusertable and aliases lookups if domain is NOT in local-host-names file. Typically there will be some sort of redirect in mailertable to another server for such domains. access file must have domain RELAY declared for non-locally processed domains.
# cat local-host-names

  # local-host-names - include all aliases for your machine here.
  # Rick - ONLY put domains here that resolve to mail accounts on THIS
  #        machine.  If domains are relayed THROUGH this machine, only
  #        place directives for those domains in the access and mailertable
  #        files.  Otherwise mail for accounts WILL NOT be relayed to
  #        other machines!!!!!  Classic symptom is a 550 error for accounts
  #        that only exist on other machines, with LOCAL accounts intercepting
  #        any email that was supposed to be relayed that happens to match.

# cat mailertable

  # Without entries below, typically the external MX servers for messages
  # waiting to be sent with these address/domains would be looked up.  With the
  # the entries below, external MX lookups are skipped and delivery is attempted
  # to the port/host specified.  Typically port/host would be a host on the
  # local network that knows how to handle mail for these address/domains.                     esmtp:[]                     esmtp:[]           esmtp:[]                  esmtp:[]                     esmtp:[]

# cat virtualusertable                  oakleaf                oakleaf                    oakleaf                oakleaf                  oakleaf                   elia

# cat access

  # Check the /usr/share/doc/sendmail/ file for a description
  # of the format of this file. (search for access_db in that file)
  # The /usr/share/doc/sendmail/ is part of the sendmail-doc
  # package.
  # by default we allow relaying from localhost...
  localhost.localdomain           RELAY
  localhost                       RELAY                       RELAY                     RELAY                     RELAY                  RELAY           RELAY                     RELAY                  OK

Sendmail has a notion of what domains it will process mail for directly, and which domains it simple forwards mail for. The latter occurs when a domain is listed in mailertable
$ cat /etc/mail/mailertable              esmtp:[]

The act of connecting to an MTA solely for the purpose of sending a new email is refered to as 'relaying'. Relaying is what the access config file controls. Due to spam and other exploits it is important to limit the hosts that can relay to an MTA. This is not to be confused with hosts that are simply transfering mail, for which connections should almost allways be allowed (1).

Allowing other hosts to relay mail ...
  • RedHat 5.X/sendmail before 8.9 ...
    > cat /etc/mail/ip_allow

    > cat /etc/mail/relay_allow

  • RedHat 6.X/sendmail 8.9 and later ...
    > cat /etc/mail/access
    # only allow relaying from the following ...
    localhost.localdomain RELAY
    localhost             RELAY             RELAY
    192.168.254           RELAY       RELAY       RELAY

It is unlikely that a system will allow mail from the Internet to be accepted without configuring
> cat /etc/
# all aliases for your system

sendmail Connection refused (redhat 7.X)
Default sendmail install does not accept network connections from any host other than the local computer
  • Edit /etc/mail/ and change DAEMON_OPTIONS to listen on network devices or comment out
  • Regenerate cf file with m4
        # m4 /etc/mail/ > /etc/

Don't forget to restart sendmail ...
> /etc/rc.d/init.d/sendmail status

> /etc/rc.d/init.d/sendmail stop

> /etc/rc.d/init.d/sendmail start

sendmail stores mail for each user in different files. Its a good idea to periodically back these up in case the inevatable happens. These files can usually be found here ...

Often standard Linux installations do not install POP/IMAP, even though they usually install sendmail. Just find the appropiate IMAP RPM file (or equivelent tar or other installable file) and install it. Most distributions ship with this even if they don't automatically install it. If POP/IMAP is installed but clients can't connect, check that /etc/inetd.conf has the following uncommented ...
# Pop and imap mail services et al
pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d
pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d
imap  stream tcp nowait root /usr/sbin/tcpd imapd
Using an IMAP mail client like Netscape may work best if mail IMAP preferences are set thusly:
Email aliases ...
Edit /etc/aliases. Afterwards, make sure you run newaliases
Sendmail and Inetd
Some Linux distribution may not install inetd server components by default under certain cirbumstances. Classic symptom: properly configured sendmail stubbornly refuses to accept remote SMTP connections. Need to install inetd.
Virtual User Tables
This is a great way to have email directed at different domains handled by a single sendmail server. See HOWTO section for an example.
Secondary mail relay / Allowing other hosts to use you as a mail transfer agent (MTA)
named allows multiple mail servers for a given domain. Multiple MX tags in a zone file for a domain will resolve with the first MX as the primary, second MX as seconadary, ... For sendmail servers (starting at RH 6.X) that are acting as non-primary, make sure you have /etc/mail/access include the domain to act as secondary for.

Normally sendmail refuses to receive mail (i.e. be used as an MTA) from systems not sited in the same /etc/mail/access used for allowing secondary relaying. This helps prevent spammers from using your sendmail box as an origin. Of course if you have setup a LAN, you will need to add its hosts/network addresses so they can send mail.

Dovecot IMAP/POP server (Centos 4, installation)

This server enables standard mbox accounts with IMAP/POP access.
# wget

# yum install postgresql-libs

# rpm -ivh dovecot-1.0.5-15_61.el4.i386.rpm

# service dovecot
zap technologies
tablet | printable