How To Configure Sendmail On Ubuntu?

Published September 25, 2024

Problem: Configuring Sendmail on Ubuntu

Sendmail is a mail transfer agent for Linux systems, but setting it up on Ubuntu can be difficult. Correct configuration is needed for emails to be sent and received properly, preventing delivery problems or security issues.

Installing Sendmail on Ubuntu

Steps to Install Sendmail

To install Sendmail on Ubuntu:

  1. Open a terminal on your Ubuntu system.

  2. Install Sendmail using apt-get:

    sudo apt-get install sendmail
  3. Enter your system password when asked.

  4. Wait for the installation to finish.

  5. Check if Sendmail is installed:

    sendmail -v

    This shows Sendmail's version if installed correctly.

  6. Check Sendmail's service status:

    sudo systemctl status sendmail

    This shows if Sendmail is active and running.

After these steps, you will have Sendmail installed on your Ubuntu system.

Tip: Configuring Sendmail

After installing Sendmail, you may need to configure it. To do this, edit the Sendmail configuration file:

sudo nano /etc/mail/sendmail.mc

Make your changes, then rebuild the configuration:

sudo make -C /etc/mail
sudo systemctl restart sendmail

Basic Sendmail Configuration

Running sendmailconfig

The sendmailconfig command sets up the basic configuration for Sendmail. Here's what you need to know about this command:

  • To run sendmailconfig, use:

    sudo sendmailconfig
  • This command updates Sendmail's configuration files.

  • It asks questions about your mail setup and creates the configuration based on your answers.

  • The tool aims to create a working configuration for common setups.

  • It updates files like /etc/mail/sendmail.cf and /etc/mail/submit.cf.

  • The command may ask about your system's fully qualified domain name (FQDN).

  • It might prompt you to choose between IPv4 and IPv6 protocols.

  • You may need to confirm changes to existing configuration files.

The main purpose of this initial configuration step is to:

  • Set up a basic working Sendmail configuration.

  • Help users who are not familiar with Sendmail's configuration structure.

  • Create a starting point for further customization if needed.

  • Reduce the chance of misconfiguration that could cause security or functionality issues.

Remember, while sendmailconfig provides a good starting point, you may need to make more changes for specific requirements or advanced setups.

Tip: Backup Your Configuration

Before running sendmailconfig, it's a good practice to backup your existing Sendmail configuration files. You can do this by copying the main configuration files:

sudo cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.backup
sudo cp /etc/mail/submit.cf /etc/mail/submit.cf.backup

This allows you to revert changes if needed.

Locating and Editing Sendmail Configuration Files

Key Configuration Files

Sendmail uses several configuration files to control its behavior. The main files you need to know about are:

  • /etc/mail/sendmail.conf: This file contains general settings for Sendmail. It controls options like the maximum message size, the number of queue runners, and the location of Sendmail directories.

  • /etc/cron.d/sendmail: This file sets up scheduled tasks for Sendmail. It contains entries for running the queue and updating Sendmail's databases at intervals.

  • /etc/mail/sendmail.mc: This is the main configuration file for Sendmail. It's written in m4 macro language and defines most of Sendmail's operational parameters. After editing this file, you need to compile it into sendmail.cf for the changes to take effect.

To edit these files:

  1. Open a terminal on your Ubuntu system.

  2. Use a text editor with root privileges to open the file. For example:

    sudo nano /etc/mail/sendmail.mc
  3. Make your changes in the file.

  4. Save the file and exit the editor.

  5. If you edited sendmail.mc, compile it to sendmail.cf:

    sudo m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
  6. Restart Sendmail to apply the changes:

    sudo systemctl restart sendmail

Remember to back up these files before making changes. This allows you to revert to a working configuration if needed.

Tip: Use Version Control for Configuration Management

Consider using a version control system like Git to manage your Sendmail configuration files. This approach allows you to track changes, revert to previous versions easily, and collaborate with team members when managing complex configurations. Here's a basic workflow:

  1. Initialize a Git repository in your /etc/mail directory:

    cd /etc/mail
    sudo git init
  2. Add your configuration files to the repository:

    sudo git add sendmail.mc sendmail.cf
  3. Commit your changes:

    sudo git commit -m "Initial commit of Sendmail configuration"
  4. Before making changes, create a new branch:

    sudo git checkout -b new-config-changes
  5. After making and testing your changes, commit them:

    sudo git commit -am "Updated SMTP relay settings"
  6. If the changes work as expected, merge them back to the main branch:

    sudo git checkout main
    sudo git merge new-config-changes

This method provides a safety net and a clear history of your configuration changes.

Testing Sendmail Configuration

Sending a Test Email

After setting up Sendmail, test if it works correctly. You can send a test email using the command line. Here's how:

  1. Open a terminal on your Ubuntu system.

  2. Use this command to send a test email:

    echo "This is a test email from Sendmail" | sendmail -v your_email@example.com

    Replace "your_email@example.com" with your email address.

  3. The -v flag shows the email transmission process.

  4. Check your email inbox for the test message.

To confirm email delivery:

  1. Look for the test email in your inbox.

  2. If you don't see it, check your spam folder.

  3. Check the email headers to confirm it was sent through your Sendmail server.

  4. Review the Sendmail logs for any error messages:

    sudo tail -f /var/log/mail.log

    This command shows real-time log entries.

If the test email doesn't arrive or you see errors in the logs, review your Sendmail configuration or check your network settings.

Tip: Using a Test Script

Create a simple PHP script to test Sendmail functionality:

<?php
$to = "your_email@example.com";
$subject = "Test Email from Sendmail";
$message = "This is a test email sent using PHP and Sendmail.";
$headers = "From: webmaster@example.com";

if(mail($to, $subject, $message, $headers)) {
    echo "Email sent successfully.";
} else {
    echo "Email sending failed.";
}
?>

Save this script and run it through your web server to test Sendmail integration with PHP.

Troubleshooting Email Delivery

If your test email doesn't arrive, try these steps:

  1. Check your firewall settings to make sure port 25 (SMTP) is open.

  2. Verify your DNS settings are correct.

  3. Check the Sendmail queue for stuck messages:

    sudo mailq
  4. If messages are stuck, try flushing the queue:

    sudo sendmail -q

These steps can help find common issues preventing email delivery.

Adding SMTP Relay to Sendmail

Setting Up SMTP Authentication

To add SMTP relay to Sendmail, you need to set up SMTP authentication. This process involves creating an authentication directory and generating an authentication database. Here's how to do it:

  1. Create an authentication directory:

    sudo mkdir /etc/mail/auth
    sudo chmod 700 /etc/mail/auth

    This creates a directory for storing authentication information.

  2. Create a file to store your SMTP server credentials:

    sudo nano /etc/mail/auth/client-info
  3. Add your SMTP server information to the file:

    AuthInfo:your.smtp.server "U:username" "P:password" "M:PLAIN"

    Replace "your.smtp.server", "username", and "password" with your actual SMTP server details.

  4. Generate the authentication database:

    sudo makemap hash /etc/mail/auth/client-info < /etc/mail/auth/client-info

    This command creates a database file that Sendmail can use.

  5. Set the correct permissions for the files:

    sudo chmod 600 /etc/mail/auth/client-info
    sudo chmod 600 /etc/mail/auth/client-info.db

    This restricts access to these files.

After completing these steps, you'll have set up the authentication for SMTP relay. The next step is to modify your Sendmail configuration to use this authentication when sending emails through your SMTP server.

Tip: Securing Your Authentication Information

To improve security, you can encrypt your client-info file:

  1. Install GPG:

    sudo apt-get install gnupg
  2. Generate a GPG key:

    gpg --gen-key
  3. Encrypt the client-info file:

    gpg -e -r "Your Name" /etc/mail/auth/client-info
  4. Delete the original file:

    sudo shred -u /etc/mail/auth/client-info

This approach adds encryption to your SMTP credentials, making them more secure.

Modifying sendmail.mc File

Adding SMTP Configuration

To set up Sendmail to use your SMTP relay, you need to change the sendmail.mc file. This file has the main settings for Sendmail. Here's how to add the SMTP configuration:

  1. Open the sendmail.mc file:

    sudo nano /etc/mail/sendmail.mc
  2. Add these lines before the MAILER_DEFINITIONS section:

    define(`SMART_HOST',`your.smtp.server')dnl
    define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
    define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
    FEATURE(`authinfo',`hash -o /etc/mail/auth/client-info.db')dnl

    Replace 'your.smtp.server' with your SMTP server address.

  3. Save and close the file.

After adding these lines, you need to update the sendmail.cf file. Sendmail reads this file when it starts. To update it:

  1. Run this command:

    sudo m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

    This command turns the sendmail.mc file into sendmail.cf.

  2. Restart Sendmail to apply the changes:

    sudo systemctl restart sendmail

These changes tell Sendmail to use your SMTP server as a smart host, enable authentication methods, and use the authentication information you set up earlier.

Test your setup after making these changes to make sure Sendmail works correctly with your SMTP relay.

Tip: Verify SMTP Configuration

After modifying the sendmail.mc file and restarting Sendmail, you can verify the SMTP configuration by checking the mail logs. Use the following command to view the most recent log entries:

sudo tail -f /var/log/maillog

Look for lines indicating successful connection to your SMTP server and any authentication messages. This can help you identify if there are any issues with your configuration.

Restarting Sendmail Service

Applying Configuration Changes

After changing your Sendmail configuration, restart the Sendmail service to apply these changes. Here's how:

  1. Restart the Sendmail daemon:

    sudo systemctl restart sendmail
  2. For older Ubuntu versions, use:

    sudo service sendmail restart

To check if Sendmail is running with the new settings:

  1. Check the Sendmail service status:

    sudo systemctl status sendmail
  2. Look for "Active: active (running)" in the output.

  3. Check Sendmail logs for error messages:

    sudo tail -f /var/log/mail.log
  4. Send a test email to confirm the new configuration:

    echo "Test email" | sendmail -v your_email@example.com
  5. Monitor the mail queue to see if emails are being processed:

    mailq

If you see errors or if emails aren't being sent, review your configuration changes and check the log files for more information.

Test your Sendmail setup after any configuration changes to make sure it's working correctly.

Tip: Troubleshooting Sendmail Startup Issues

If Sendmail fails to start after configuration changes, try these steps:

  1. Check for syntax errors in your configuration file:
    sendmail -bt < /dev/null
  2. Review the Sendmail log for specific error messages:
    sudo grep sendmail /var/log/syslog
  3. Verify permissions on configuration files:
    sudo ls -l /etc/mail/sendmail.cf

Securing Sendmail on Ubuntu

Best Practices for Sendmail Security

To secure your Sendmail setup on Ubuntu, follow these practices:

Configuring SPF (Sender Policy Framework):

  1. Create an SPF record in your domain's DNS settings:

    v=spf1 ip4:your_server_ip ~all

    Replace "your_server_ip" with your server's IP address.

  2. Install the SPF milter:

    sudo apt-get install spf-milter
  3. Add this line to your sendmail.mc file:

    INPUT_MAIL_FILTER(`spf', `S=local:/var/run/spfd.sock, F=T, T=R:2m')
  4. Restart Sendmail to apply the changes.

Configuring DKIM (DomainKeys Identified Mail):

  1. Install OpenDKIM:

    sudo apt-get install opendkim opendkim-tools
  2. Generate DKIM keys:

    sudo opendkim-genkey -D /etc/dkimkeys/ -d yourdomain.com -s default
  3. Add this to your sendmail.mc file:

    INPUT_MAIL_FILTER(`opendkim', `S=local:/var/run/opendkim/opendkim.sock, F=T, T=R:2m')
  4. Configure OpenDKIM and restart the service.

Implementing anti-spam measures:

  1. Install SpamAssassin:

    sudo apt-get install spamassassin
  2. Add this to your sendmail.mc file:

    MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m')
  3. Configure SpamAssassin and restart the service.

  4. Update your spam rules:

    sudo sa-update

Rebuild your sendmail.cf file and restart Sendmail after making these changes. These measures help protect your email system from spam and spoofing attempts.

Tip: Regular Security Audits

Perform security audits on your Sendmail setup:

  1. Check for open relay:

    telnet localhost 25
    HELO example.com
    MAIL FROM: test@example.com
    RCPT TO: test@example.com

    If this succeeds, your server might be an open relay.

  2. Review your access control lists in /etc/mail/access.

  3. Keep your system and Sendmail updated with the latest security patches.