Sendmail Installation

Goal: This readme attempts to cover two installation configurations for sendmail

  • standard port installation i.e. port 25 inbound and outbound
  • non standard port insallation, i.e., port 25 outbound and port 26 inbound. This is necessary if your ISP blocks port 25 downstream. Port 26 is the port that domain registrars support if they support “mail forwarding”.

Conventions: text in italics applies to the non standard port configuration while all other text applies to both configurations.

Assumptions:

  • that you are using the rpm version of Fedora’s Sendmail
  • if your choose to not use the rpm version of Sendmail, but instead choose to down load the latest version of Sendmail then you can use this readme to configure the downloaded version.
  • you have your own domain name
  • in the event your ISP blocks port 25 downstream your domain registrar must support “mail forwarding”. If your registrar does not support “mail forwarding” then you will have to:
    • find one that does, www.dnsexit.com for example
    • modify your domain registrar’s DNS servers to point to www.dnsexit.com if this is the registrar you will use i.e.,
      • ns1.dnsexit.com
      • ns2.dnsexit.com
  • if using a router or firewall then appropriate ports will have to be configured to support Sendmail. Configuring routers and firewalls is beyond the scope of this readme. Please note that when you open ports on your firewall, you are exposing your “underbelly” to the jackals of the internet. Sendmail must be properly secured so read “alot” about it and do not rely solely on this “readme”.

Prerequisites:

Sendmail is installed from either an rpm or from a tar file downloaded from http://www.sendmail.org/

If Sendmail is installed from rpm then do the following:

  • rpm -q sendmail
  • rmp -q sendmail-cf

The above packages are the minimum required. If you have installed from a tar file then you will get “everything” needed. The paths however will be different than the paths noted in this readme which reflect an rpm installation.

The following configuration files by directory are used. Note that the path will be different if Sendmail is not installed from rpm, but from a download from Sendmail’s website. The contents of these files are discussed in the “Configuration Files” section later in this readme.

  • a. /usr/share/sendmail-cf/cf
    • yourhostname.mc – described later in thi readme.
  • b. /usr/share/sendmail-cf/ostype
    • /fedora.m4
  • c. /usr/share/sendmail-cf/domain
    • fedora.m4
  • d. /etc/mail
    • access.txt/access.db
    • local-host-names
    • relay-domains
    • sendmail.cf
    • aliases/aliases.db

Be sure to save these files. You can use them when upgrading to a new OS level.

You are now ready to build the sendmail.cf file. This file is the Sendmail configuration file for your system based upon the contents of the files noted above in steps a ~ c.

A. If this is your first Sendmail build/installation then do this:

  • cd to: /usr/share/sendmail-cf/cf
  • cp generic-linux.mc yourhostname.mc
  • chmod 644 yourhostname.mc
  • make install-cf CF=yourhostname ( this will generate a file called “doodah.cf” if your hostname is doodah )

NOTE!!! you might get this error:

../../devtools/bin/install.sh: Command not found ( this files might be missing from your Linux distribution ). This is an install script which should copy yourhostname.cf to /etc/mail/sendmail.cf. If the script is missing do this manually as noted below.

B. If this is an upgrade to Sendmail or an OS level upgrade then do this:

  • If this is an upgrade of sendmail then use yourhostname.mc found in the previous version’s corresponding directory.
    Be sure to change the “include” line to the proper release directory.
  • Also note that yourhostname.mc refereneces the following files:
    /usr/usr/share/sendmail-cf/ostype —> fedora.m4
    and
    /usr/share/sendmail-cf/domain —> hostname.m4
  • In the yourhostname.mc file you might have DAEMON_OPTIONS entries to change the ports on which sendmail listens, i.e., port 26 for example. It must have this format:
    • DAEMON_OPTIONS(`Port=26, Name=MTA’)dnl
    • DAEMON_OPTIONS(`Port=25, Name=MTA1′)dnl
      • Both DAEMON_OPTIONS are required. You are listening on 26 to receive email and on 25 to send it. If you do not use the MTA1 entry then you will be unable to send email. Again the DAEMON_OPTIONS entries are only required if your ISP has blocked port 25 downstream forcing you to now listen on 26. If your ISP has blocked the the outbound port 25 then you have additional reconfiguration required not covered here.
  • save any existing copy of /etc/mail/sendmail.cf
  • cd /usr/share/sendmail-cf/cf
  • make install-cf CF=yourhostname <— this will generate the yourhostname.cf file
  • if you get: make: ../../devtools/bin/install.sh: Command not found copy then
    cp yourhostname.cf /etc/mail/sendmail.cf

Base Test Procedure:

To test do this:

  • sendmail -v -t -C ./yourhostname.cf
    • ctrl ^d
    • No recipient address found in header.

now execute the following:

make sure all the identified configuration files (noted below) are properly configured

if you have not done so do:

  • cd /etc/mail
  • newaliases
  • sendmail -v -bi

if this returns stuff like:
WARNING: writable directory /etc
WARNING: writable directory /var/spool/mqueue
then you need to make appropriate changes to these directories permissions.

you should get something like: /etc/mail/aliases: ##aliases, longest 16 bytes, ### bytes total

Starting Sendmail:

If the above test succeeded then we need to start send mail. Here is how:

  • service sendmail stop
  • service sendmail start

Configuration Files:

  • /etc/sysconfig/sendmail

NOTE: THIS FILE (REAcaDME_sendmail) IS CRITICAL TO SENDMAIL STARTUP. IT COULD BE RNAMED TO AN “rpm” EXTENSION SO RENAME IT BACK OR SENDMAIL WILL NOT START CORRECTLY. IF THIS THE FIRST INSTALL OF SENDMAIL THEN CREATE /etc/sysconfig/sendmail WITH THE FOLLkOWING TWO LINES

DAEMON=yes
QUEUE=1h

  • /etc/mail/aliases must exist and look like the following:

—————cut here——————
#
#
# Aliases in this file will NOT be expanded in the header from
# Mail, but WILL be visible over networks or from /bin/mail.
#
# >>>>>>>>>> The program “newaliases” must be run after
# >>>NOTE>>> this file is updated for any changes to
# >>>>>>>>>> show through to sendmail.

# Basic system aliases — these MUST be present

MAILER-DAEMON: postmaster
postmaster: root

# General redirectons for psuedo accounts.

bin: root
daemon: root
games: root
ingres: root
nobody: root
system: root
toor: root
uucp: root

# Well known aliases.

manager: root
dumper: root
operator: root
webmaster: root

# trap decode to catch security attacks

decode: root

# NOTE: the following can cause you some problems if you are not set up
# correctly so you might just comment them out to begin with and
# uncomment later when you have everything else configured.

# Person who should get root’s mail

root: staff

# System administrator mailing list

staff: doodah@somenode

————–cut here—————-

newaliases

when newaliases is run it will create: aliases.db

  • /etc/mail/relay-domains file should contain:
    • your_hosts_numeric_ip (555.555.555.555 <– a bad example)
  • /etc/mail/local-host-names file should contain:
    • yourhostname
    • your domainname (without the www for example)
  • /usr/share/sendmail-cf/cf/yourhostname.mc
    • Note that this file references two other files:
      • usr/share/sendmail-cf/ostype/fedora.m4
      • /usr/share/sendmail-cf/domain/fedora.m4

# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#

#
# This is a generic configuration file for Linux.
# It has support for local and SMTP mail only. If you want to
# customize it, copy it to a name appropriate for your environment
# and do the modifications there.
#

divert(0)dnl
VERSIONID(`$Id: Fedora Core 4 Linux generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $’)
OSTYPE(fedora)dnl
DOMAIN(anyname, your hostname for example)dnl
MAILER(local)dnl
MAILER(smtp)dnl
DAEMON_OPTIONS(`Port=26, Name=MTA’)dnl <— only for mail forwarding.
DAEMON_OPTIONS(`Port=25, Name=MTA1′)dnl

  • /usr/share/sendmail-cf/ostype

divert(-1)
#
# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#

divert(0)
VERSIONID(`$Id: linux.m4,v 8.13 2000/09/17 17:30:00 gshapiro Exp $’)
define(`confDEF_USER_ID’,“8:12”)dnl
define(`ALIAS_FILE’, `/etc/mail/aliases’)dnl
define(`STATUS_FILE’, `/var/log/mail/statistics’)dnl
define(`confEBINDIR’, `/usr/sbin’)dnl
define(`confAUTH_OPTIONS’,`A’)dnl
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
define(`confAUTH_MECHANISMS’, `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
FEATURE(`smrsh’)dnl
define(`PROCMAIL_MAILER_PATH’, `/usr/bin/procmail’)dnl
FEATURE(local_procmail)dnl

  • /usr/share/sendmail-cf/domain

divert(-1)
#
# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
#
# By using this file, you agree to the terms and conditions setCc
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#

#
# The following is a generic domain file. You should be able to
# use it anywhere. If you want to customize it, copy it to a file
# named with your domain and make the edits; then, copy the appropriate
# .mc files and change `DOMAIN(generic)’ to reference your updated domain
# files.
#
divert(0)
VERSIONID(`$Id: generic.m4,v 8.15 1999/04/04 00:51:09 ca Exp $’)
define(`confFORWARD_PATH’, `$z/.forward.$w+$h:$z/.forward+$h:$z/.forward.$w:$z/.forward’)dnl
define(`confMAX_HEADERS_LENGTH’, `32768′)dnl
FEATURE(`always_add_domain’)dnl
FEATURE(`access_db’)dnl
FEATURE(`blacklist_recipients’)dnl
FEATURE(`redirect’)dnl
FEATURE(`use_cw_file’)dnl
EXPOSED_USER(`root’)

  • The following is also critical to sendmail:

-r-xr-sr-x root smmsp … /PATH/TO/sendmail
drwxrwx— smmsp smmsp … /var/spool/clientmqueue
drwx—— root wheel … /var/spool/mqueue
-r–r–r– root wheel … /etc/mail/sendmail.cf
-r–r–r– root wheel … /etc/mail/submit.cf

Pay particular attention to BOTH permissions and to owner/group.

Use chown and/or chmod to make appropriate adjustments.

Realistic Sendmail test:

Now for a more realistic test:

make sure sendmail is running (service sendmail start)

sendmail -v -t (enter the “To:”, “From:”, and “Subject:” followed by your ISPaccount and hostname)

To: you@yourISPaccountEmail
From: root@yourhostname
Subject: Test
ignore test

This email should be transmitted to the recipient if sendmail is functioning correctly.

Tips:

  • To determine which ports sendmail is listening on do this:
    netstat -plant | grep sendmail
    it will ouput something like:

tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 14524/sendmail: acc
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 14524/sendmail: acc
tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 14524/sendmail: acc

Note that in the above output ports 587, 26, and 25 are the ports sendmail is listening on. The defaults would be 587 and 25 if the DAEMON_OPTIONS feature is not used to further configure port 26. Look in your sendmail.cf file noted above and you will see that these 3 ports are also identified in that file.

Leave a Reply

Bad Behavior has blocked 195 access attempts in the last 7 days.