Setting Up Sendmail: A Comprehensive Guide

by

Sendmail is a powerful and flexible Mail Transfer Agent (MTA) used to route and deliver email on Unix-based systems. It is known for its reliability and configurability, making it a preferred choice for mail servers. This guide provides a step-by-step process to install, configure, and secure Sendmail on your server.

Benefits of Using Sendmail

  • Highly Configurable: Supports complex routing and policy configurations.
  • Scalability: Suitable for both small and large-scale mail delivery systems.
  • Compatibility: Works seamlessly with other mail tools like SpamAssassin and ClamAV.
  • Security: Offers TLS encryption and access controls to secure communications.

Prerequisites

  • A Unix/Linux-based system (e.g., Ubuntu, CentOS, or Debian).
  • Root or sudo access.
  • Basic knowledge of Linux command-line operations.

Step 1: Installing Sendmail

On Ubuntu/Debian

sudo apt update sudo apt install sendmail

On CentOS/RHEL

sudo yum install sendmail sendmail-cf m4

Step 2: Configuring Sendmail

1. Check Sendmail Configuration

The main configuration file for Sendmail is located at:

/etc/mail/sendmail.mc

2. Customize the Configuration

Open the sendmail.mc file for editing:

sudo nano /etc/mail/sendmail.mc

To enable mail relay for a specific network (e.g., 192.168.1.0/24), add the following line:

DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl FEATURE(`access_db')dnl LOCAL_NETS(`192.168.1.0/24')dnl

Save and exit the editor.

3. Compile the Configuration

Use the m4 macro processor to apply changes:

sudo m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

Step 3: Setting Up Access Control

Edit the access file to define allowed or denied email addresses and domains:

sudo nano /etc/mail/access

Example entries:

# Allow local network 192.168.1 RELAY # Block spam domain spammer.com REJECT

Update the access database:

sudo makemap hash /etc/mail/access < /etc/mail/access

Step 4: Configuring DNS for Sendmail

Ensure you have correct MX and A records for your domain. Example example.com zone:

example.com. IN MX 10 mail.example.com. mail IN A 192.168.1.100

Verify DNS setup:

dig MX example.com

Step 5: Enabling and Starting Sendmail

Enable Sendmail to start on boot:

sudo systemctl enable sendmail

Start the Sendmail service:

sudo systemctl start sendmail

Check the status:

sudo systemctl status sendmail

Step 6: Testing Sendmail

Send a test email:

echo "Test email" | mail -s "Sendmail Test" user@example.com

Check mail logs for issues:

tail -f /var/log/maillog

Step 7: Securing Sendmail

Enable TLS Encryption

  1. Generate a TLS certificate (using Let’s Encrypt or OpenSSL).
  2. Edit /etc/mail/sendmail.mc and add:
define(`confCACERT_PATH', `/etc/ssl/certs')dnl define(`confCACERT', `/etc/ssl/certs/ca-certificates.crt')dnl define(`confSERVER_CERT', `/etc/ssl/certs/sendmail-cert.pem')dnl define(`confSERVER_KEY', `/etc/ssl/private/sendmail-key.pem')dnl
  1. Rebuild configuration:
sudo m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf sudo systemctl restart sendmail

Restrict Open Relay

Ensure only authorized networks can relay emails:

FEATURE(`relay_entire_domain')dnl

Step 8: Troubleshooting Sendmail

  1. Verify configuration:
sendmail -d0.1 -bv root
  1. Check logs:
tail -f /var/log/maillog
  1. Test mail sending and delivery:
echo "Test" | mail -s "Test Email" user@example.com

Conclusion

Setting up Sendmail involves installation, configuration, and applying security best practices. With the steps outlined above, you can deploy a secure and reliable mail server to handle your email traffic effectively.

Leave a Comment