Sendmail Installation & Configuration: (26 Jan 2006) SMTP (Simple Mail Transfer Protocol) Email Primer: An email address: emailId@domainà bms@iitk.ac.in à bms is email Id & iitk.ac.in is domain Mail client: A system from where a sender (person) can send an email using any email client like mail, mh, elm, pine, Netscape messenger, Mozilla, Outlook Express, Eudora, Horde, Squirrelmail etc. Mail host: It is able to decode any address and reroutes the mail within the domain. Relay Host: It manages communication with network outside the domain. If you want a local mail system for your organization then relay host is not required. A good system for relay host is a router to internet. Gateway: It is a system between differing communication networks, like a mail from a Unix user must pass through a gateway to reach a VMS user. Mail Server: A mail storage system. This server keeps all mail boxes in /var/spool/mail (Linux) or /var/mail (Solaris) Standard Practice: Practically only one machine can act as: (Mailhost + MailRelay+ MailServer). Another configuration: Use separate servers for incoming & outgoing mails. Email Address resolution: When email sender sends an email. Destination address will be match with sender’s local aliases kept in .mailrc|.addressbook (pine uses it)|.elm/aliases.text etc. In second step it will try to expand/resolve destination address using local /etc/mail/aliases In third step it will try to expand/resolve the address using NIS aliases (If NIS is running and aliases are kept in NIS database) In fourth step it will use /etc/mail/aliases of mailhost to expand the destination Address. At last it will refer .procmailrc/.forward file of destination user for mail redirection. Mail Processing: Message is composed by any mail client program. Message is collected by this client program and passed to sendmail. Message is routed. Sendmail acts as a MTA (Message Transfer Agent) and it routes the message to final destination through other MTAs. The sendmail daemon analyzes the address. If address is local. It performs the aliasing if necessary and passes the message to program /usr/bin/mail (procmail) for delivery. If address is not local.The message is routed to another MTA, where entire process (analyzing the address, aliasing and delivery if local or routing if not local) is re done. If sendmail is not able to route the mail because the receiving MTA is not responding, the message is stored in a mail queue located in /var/spool/mqueue subdirectory. The queue is automatically run at specified interval (default is one hour in case of solaris) sendmail –bd –q30m & à queue will be cleared every 30 minutes sendmail will try to send the queued message up to a certain limit (default is 3 days). Message is delivered: The message is stored by /usr/bin/mail in the user’s mailbox /var/mail/login_name on the mail server. Now recipient can read the mail through any mail client program of his choice. Sendmail Installation and Configuration: Steps for installation & configuration of a Linux PC as mail server: 1. 2. Load latest linux (RedHat/Mandrake/Fedora etc.) Restrict ssh/sftp access: edit /etc/ssh/sshd_config file Add following line: AllowUsers *@172.27.17.46 *@172.27.17.45 root@172.27.16.12 root@172.27.17.55 root@172.27.17.90 *@172.27.18.1 chandan@172.27.17.55 nadeem@172.27.17.90 root@172.30.2.98 root@deepak.cse.iitk.ac.in root@deepak1.cse.iitk.ac.in *@172.27.17.165 3. 4. 5. 6. Explaination for above line is, allow any user from machine 172.27.17.46, allow root from deepak.cse.iitk.ac.in etc. Stop all daemons except sendmail,dovekot, nfs {mailbox export for backup}, nis & sshd Configure /etc/resolv.conf, /etc/nsswitch.conf, /etc/hosts, /etc/auto.master, /etc/auto.misc If recipient is not a valid user & it is not present in /etc/mail/aliases, it means it is an invalid recipient and mail will bounce back. Implement quota system for all the users to avoid unwanted mail flooding. Steps for sendmail installation: {In most of the Linux Systems SendMail RPM format} If sendmail is not installed in the system, get latest Sendmail from site: www.sendmail.org 1. Uncompress the latest sendmail tar.gz file. 2. cd <Uncomress sendmail source directory> 3. ./configure 4. make 5. make install Steps for sendmail configuration: is available in • • Intranet SendMail Configuration Internet SendMail Configuration Setup DOMAIN, domain name masquerading (if needed), mailertable etc. in sendmail.mc. Also do not forget to comment the following line in the same file. If you are not commenting this line, this mail server will not accept mail from any other system. dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') 1. run m4 to generate sendmail from sendmail.mc m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf or equivalent command is: make sendmail.cf 2. Create mailertable as per requirement & run make to create dbm/hash database file for mailertable as follows from /etc/mail directory: make mailertable {One must prefer this command only} or { for dbm database file} makemap dbm mailertable < mailertable or if you are using hash makemap dbm mailertable < mailertable 3. Then create a file named 'access' & run following command to create access.db file: make access.db 4. Add local users aliases in /etc/aliases 5. Run /bin/newaliases to update alias database files. 6. Restart the sendmail as: service sendmail restart or cd /etc/rc.d/init.d ./sendmail restart {If one has done any changes in any configuration files like aliases, access, mailertable, sendmail.mc etc., sendmail daemon must be restarted. During restart script will take care if any changed done in any configuration file and it will automatically create respective .db file for the same and finally starts the sendmail service.} 7. Test mail server configurationit by testing following test suit: • from local user à to other local user • from local user à to user of other department/section • from local user à to remote user • reply from local user • reply from user of other department/section • reply from remote user Sample files used in Intranet Sendmail Server: /etc/mail/access file: {By default sendmail will relay the message for any IP which is not mentoned in this file} localhost.localdomain RELAY localhost RELAY 127.0.0.1 RELAY # 172.27.16 RELAY 172.27.17 RELAY 172.27.18 RELAY 172.27.19 RELAY 172 REJECT /etc/mail/domaintable: {Keep it blank} /etc/mail/hack: {This file has to be included in sendmail.cf after generating sendmail.cf from sendmail.mc} CPREDIRECT # Following entries are made to optimize. # If new domains come and even if we do NOT add them here # by default(last line in mailertable) they are forwarded to # main Relay system mail.iitk.ac.in CPMUSEUM BITNET IUNET CPAERO ARPA COOP INFO NATO NAME CPBIZ COM EDU GOV INT MIL NET ORG CPAD AE AF AG AI AL AM AN AO AQ AR AS AT AU AW AZ BA BB BD BE BF BG BH BI BJ BM CPBN BO BR BS BT BV BW BY BZ CA CC CF CG CH CI CK CL CM CN CO CR CS CU CV CX CY CPCZ DE DJ DK DM DO DZ EC EE EG EH ER ES ET FI FJ FK FM FO FR FX GA GB GD GE GF CPGH GI GL GM GN GP GQ GR GS GT GU GW GY HK HM HN HR HT HU ID IE IL IN IO IQ IR CPIS IT JM JO JP KE KG KH KI KM KN KP KR KW KY KZ LA LB LC LI LK LR LS LT LU LV CPLY MA MC MD MG MH MK ML MM MN MO MP MQ MR MS MT MU MV MW MX MY MZ NA NC NE NF CPNG NI NL NO NP NR NT NU NZ OM PA PE PF PG PH PK PL PM PN PR PS PT PW PY QA RE CPRO RU RW SA SB SC SD SE SG SH SI SJ SK SL SM SN SO SR ST SU SV SY SZ TC TD TF CPTG TH TJ TK TM TN TO TP TR TT TV TW TZ UA UG UK UM US UY UZ VA VC VE VG VI VN CPVU WF WS YE YT YU ZA ZM ZR ZW /etc/mail/helpfile: {No Change} /etc/mail/local-host-names: {Here mail.iiitdm.in is internet mail gateway} # local-host-names - include all aliases for your machine here. iiitdm.in /etc/mail/mailertable: . smtp:mail.iiitdm.in /etc/mail/sendmail.mc: divert(-1)dnl dnl # dnl # This is the sendmail macro config file for m4. If you make changes to dnl # /etc/mail/sendmail.mc, you will need to regenerate the dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is dnl # installed and then performing a dnl # dnl # make -C /etc/mail dnl # include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for Red Hat Linux')dnl OSTYPE(`linux')dnl define(`confMAX_MESSAGE_SIZEE',`15728640')dnl define(`confDEF_USER_ID',``8:12'')dnl define(`confTO_CONNECT',`1m')dnl define(`confTO_QUEUERETURN',`5d')dnl define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl define(`ALIAS_FILE',`/etc/mail/aliases')dnl define(`consSMTP_LOGIN_MSG',`$j $b')dnl FEATURE(`no_default_msa',`dnl')dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`nouucp',`reject')dnl FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl FEATURE(`always_add_domain',`iiitdm.in')dnl FEATURE(`masquerade_entire_domain')dnl FEATURE(`use_cw_file')dnl FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl FEATURE(`accept_unresolvable_domains')dnl FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl MASQUERADE_AS(`iiitdm.in')dnl MASQUERADE_DOMAIN(`iiitdm.in')dnl EXPOSED_USER(`root')dnl MAILER(`smtp')dnl MAILER(`procmail')dnl /etc/mail/submit.mc: { No Change} divert(0)dnl include(`/usr/share/sendmail-cf/m4/cf.m4') VERSIONID(`linux setup for Red Hat Linux')dnl define(`confCF_VERSION', `Submit')dnl define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet define(`confTIME_ZONE', `USE_TZ')dnl define(`confDONT_INIT_GROUPS', `True')dnl define(`confPID_FILE', `/var/run/sm-client.pid')dnl dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C') FEATURE(`use_ct_file')dnl dnl dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] FEATURE(`msp', `[127.0.0.1]')dnl /etc/mail/trusted-users: { No Change} /etc/mail/virtusertable: { No Change} Sample files used in Intranet Sendmail Server: /etc/mail/access file: {Used during mail receive} 172.27.16.2 172.27.16 172.27.17 172.27.18 172.27.19 RELAY REJECT REJECT REJECT REJECT /etc/mail/domaintable: {No Change} {Used during mail delivery} /etc/mail/helpfile: {No Change} /etc/mail/local-host-names: {Used during mail receive} # local-host-names - include all aliases for your machine here. iiitdm.in /etc/mail/mailertable: {No Change, No Entry} /etc/mail/sendmail.mc: {Used during mail delivery} divert(-1)dnl dnl # dnl # This is the sendmail macro config file for m4. If you make changes to dnl # /etc/mail/sendmail.mc, you will need to regenerate the dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is dnl # installed and then performing a dnl # dnl # make -C /etc/mail dnl # include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for Red Hat Linux')dnl OSTYPE(`linux')dnl define(`confMAX_MESSAGE_SIZE',`5242880')dnl define(`confDEF_USER_ID',``8:12'')dnl define(`confTO_CONNECT',`1m')dnl define(`confTO_QUEUERETURN',`5d')dnl define(`ALIAS_FILE',`/etc/aliases')dnl define(`MAIL_HUB',`smtp:mailhost.iiitdm.in')dnl FEATURE(`no_default_msa',`dnl')dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`nouucp',`reject')dnl FEATURE(`always_add_domain',`iiitdm.in')dnl FEATURE(`masquerade_entire_domain')dnl FEATURE(`accept_unresolvable_domains')dnl FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`use_cw_file')dnl /etc/mail/submit.mc: { No Change} divert(0)dnl include(`/usr/share/sendmail-cf/m4/cf.m4') VERSIONID(`linux setup for Red Hat Linux')dnl define(`confCF_VERSION', `Submit')dnl define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet define(`confTIME_ZONE', `USE_TZ')dnl define(`confDONT_INIT_GROUPS', `True')dnl define(`confPID_FILE', `/var/run/sm-client.pid')dnl dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C') FEATURE(`use_ct_file')dnl dnl dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] FEATURE(`msp', `[127.0.0.1]')dnl /etc/mail/trusted-users: { No Change} /etc/mail/virtusertable: { No Change} IMAP/POP Configuration: {dovecot is used here for IMAP/POP requestes} /etc/mail/dovcot.conf: protocols = imap imaps pop3 pop3s imap_listen = [::] pop3_listen = [::] login_dir = /var/run/dovecot-login login = imap login = pop3 default_mail_env = mbox:/var/mail/%u.mbox:INBOX=/var/mail/%u:INDEX=/var/mail-index/%u mbox_locks = fcntl auth = default auth_mechanisms = plain auth_userdb = passwd auth_passdb = pam auth_user = root {Make sure Authentication method is using NIS with out MD5 & shadow} {mail.index is to speedup mailbox loading} How to use Pine (Help): Starting pine: Writing a message: Listing Messages: Viewing Message: pine c {Now start writing message. After completion of message hit ^x (to send message)} ^j in attachment field, then ^t to select the file from your home directory. i go to message using up/down arrow keys and hit <return> Forwarding Message: f File Attachment: Replying Message: To Cancel sending: Delete messaging: Undelete message: Saving Message: Quit pine: r ^c d {It will mark message as deleted, It will delete on exit} u s q Menu up/down Traveling: Using Address Book: < or > On pine Main Menu, Select Address Book option and follow options shown on the screen. Like use @ to add new address/alias, use d to delete address/alias, for editing, select the address and hit <return> <HOMEDIR>/.pinerc {sample file can be downloaded from web.cse.iitk.ac.in( Under “User Configuration Files” heading) Configuration file: