Home
Docu
Projects
Links
Admin
Impressum

 


 

LINUX MTA - sendmail, qmail, etc Internet mail is broken down into three basic parts:
  1. MTA or Mail Transfer Agents - sendmail, qmail, etc - Links/Info
  2. Mail Retrieval Software - pop3, imap, etc - Links/Info
  3. Mail User Agent (MUA): E-Mail client - Netscape, MUTT, etc - Links/Info

Internet mail is sent from the e-mail client to the mail server which routes it to the intended destination which will also be an mail server. The protocol by which the mail servers communicate is called SMTP (Simple Mail Transfer Protocol) and the mail server software is known as the MTA or Mail Transfer Agent. This tutorial lists the popular MTA programs used and basic sendmail configuration. Also listed are Mailing List programs and the RFC's (Request For Comments) on which the internet e-mail standards are currently or eventually based.

Contents:

Mail Transfer Agents (MTA):

Commercial MTA's:

Anti-Spam:

Open Relay Check:

Execute the following from your SMTP server: 

   telnet mail-abuse.org
This site will run a series of relay tests and return the results in the telnet session.

Basic sendmail configuration:

Sendmail is the default MTA on the RedHat Linux distribution. Do NOT use linuxconf to configure sendmail as it has NOT been updated to work with current versions of sendmail!!! (The tool linuxconf is no longer included with current versions of Red Hat Linux 7.3+)
Steps to run mail server using sendmail:

The default configuration is fairly secure and usable. For Red Hat 6 and earlier systems, you are ready to mail. For Red Hat 7 systems, there is one more step. See changes below required to recieve mail.
Note: A user defined in the aliases file is valid for all domains hosted by the system, unless you have configured virtual hosting.

For alternate configurations change the file: /etc/sendmail.cf

Actually most people use the m4 macro package to generate this file from a sendmail.mc file. Preconfigured "mc" files can be found in the directory:

Default Red Hat sendmail.cf configurations:

Red Hat 7.1 default Sendmail change to allow sendmail to recieve mail:

If you just upgraded to red Hat 7.1 and noticed that your mail server no longer works, it is because Red Hat changed the default sendmail configuration. The default configuration for Red Hat 7.1 sendmail does not allow for the recieving of mail except from yourself (localhost). To recieve mail:
  1. Backup the files /etc/mail/sendmail.mc and /etc/sendmail.cf
  2. Edit the file /etc/mail/sendmail.mc and change/comment the line: 
       From: DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
   To:   dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
    or delete the line. Sendmail will then use the default which allows it to recieve mail from other systems.
  3. Optional: Anti-spam option:
    To turn on the anti-spam feature of sendmail add the directive: FEATURE(dnsbl)
    This will use the Realtime Blackhole List for spam filtering. For more info see Mail-Abuse.org: MAPS RBL

    FYI: Sendmail Anti-Spam configuration options:

    • Turn off relaying (Relaying is denied by default Red Hat configuration) Do NOT use the following directive: FEATURE(`promiscuous_relay')
    • Check sender information:
      • Accept mail from your own domain: FEATURE(`relay_entire_domain')
      • Accept relay from your mail servers listed in MX record to destination in same domain: FEATURE(`relay_based_on_MX')
    • Use /etc/mail/access file to deny spammers: FEATURE(`access_db') (See above example)
    • Use Realtime Blackhole List: FEATURE(`dnsbl')
    • Check headers. Define rule in sendmail.cf.

  4. Optional: Identify outgoing mail as coming from specified domain: 
        MASQUERADE_AS(your-domain.com)
    MASQUERADE_DOMAIN(your-domain.com)
    FEATURE(masquerade_entire_domain)
    FEATURE(masquerade_envelope)
    This will overide a default of localhost or node.your-domain.com to be that specified. i.e. your-domain.com. This is so that you do not look like a spammer. Domain localhost is often blocked.
  5. Generate a new configuration file: m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
  6. If sending/relaying mail I then recommend you change the line in /etc/sendmail.cf: 
       Cwlocalhost.localdomain
    to your actual fully qualified node name (Cwnode-name.your-domain.com). This will allow you to send mail without having the mail look like it came from "localhost.localdomain" which is often blocked by spam filters.
    You can also add the statement: DMyour-domain.com
  7. Restart sendmail: /etc/rc.d/init.d/sendmail restart

Also see: Sendmail.org: Sendmail 8.9.x configuration files

[Potential Pitfall]: Some distributions have a default configuration which causes failure. The /etc/hosts.deny entry ALL:ALL will cause failure to recieve mail.

/etc/mail/sendmail.mc:

DirectiveDescription
divert(-1)m4 macro directive. File output not diverted
OSTYPE(`linux')Required before definitions. Definitions tied to OSTYPE.
define('VARIABLE','VALUE')Change a setting in sendmail.
See list
undefine(`UUCP_RELAY')Remove UUCP email processing capability
undefine(`BITNET_RELAY')Remove BITNET addressed email processing
FEATURE()See list of features
FEATURE(redirect)Reject redirected email addressed to user@domain.com.REDIRECT
Message returned to announce that one should send email to address defined by alias.
FEATURE(always_add_domain)Append fully qualified domain name of host to user name.
FEATURE(use_cw_file)File /etc/sendmail.cw defines alternate names of host.
MAILER()See list of Mailers
MAILER(procmail)Defines procmail as the local mail program on server.
MAILER(smtp)Remote mail program.

dnl: m4 directive to delete whitespace in input

See Sendmail.org: cf-readme - HTML version (not as up to date)

Examples:

DirectiveDescription
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl Disable "vrfy" so that spammers cannot "verify" typical email addresses such as info, admin, staff, etc.
define(`ALIAS_FILE', `/etc/aliases')dnl This states the obvious. Email adress aliases are defined in the file: /etc/aliases
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl Execute Sendmail using the Sendmail restricted shell

Sendmail documentation:

DNS and Sendmail Presentation at LUGFest 2000 - (Star Office 5.2 "sdd" file) - More configuration insight and information.

Sendmail tools:

Files used by sendmail for a mail server.

Mailing Lists:

SMTP dialog:

This is a sample of the dialog an e-mail client makes when connecting to an SMTP server for sending mail: 

   telnet server-name 25     - SMTP communicates on port 25. See: /etc/services
   HELO your-domain          - This identifies the source of the mail.

   HELP                      - List the SMTP commands that are supported. (Included FYI and not part of a typical dialog)
   MAIL FROM: your-email-address
   RCPT TO: recipient-email-address
   DATA                      - End of DATA section is punctuated with a single dot on it's own line.
   Subject: E-mail-Subject

   Text of e-mail goes here
   .                         - The single dot
   QUIT

SMTP return codes let the e-mail client know if all went well.

See: RFC 822 for more information.

Mail headers and tracking a spammer:

Return-Path: <sender-of-email@domain-of-sender.com>    - This is the information that they provide and may easily be forged

Received: from domain-of-spammer-mail-server.com (MTA-node-name.domain-of-spammer-mail-server.com [XXX.XXX.XXX.XXX])     - Where XXX.XXX.XXX.XXX is the IP address of the MTA relay server used by the spammer. Block this IP.
        by MTA-node.domain-name-of-server-recieving-spam.com (8.11.6/8.11.6) with ESMTP id fAR2XXXX2155
        for <victim@isp.com>; Mon, 26 Nov 2001 20:04:23 -0600
Received: from domain-of-sender.com ([XXX.XXX.XXX.XXX]) by MTA-node-name.domain-of-spammer-mail-server.com - Where XXX.XXX.XXX.XXX is the IP address of the computer which sent the email to the MTA relay. Block this as well if you want to double protect yourself.

 (iPlanet Messaging Server 5.1 (built May  7 2001))
 with ESMTP id <0GNG0XXXXXXXVQ@MTA-node-name.domain-of-spammer-mail-server.com> for
 victim@isp.com; Tue, 27 Nov 2001 06:10:28 -0600 (CST)
Date: Tue, 27 Nov 2001 06:04:36 -0600
From: Claimed Name of Spammer <sender-of-email@domain-of-sender.com>
Subject: Re: FYI
To: victim@isp.com
The information within the "[ ]" is fairly reliable. Everything else can be set in the MTA configuration.

Links:

SMTP RFC's:

Books on internet email programming: (Amazon)

Links:

Books:

"Sendmail"
by Bryan Costales, Eric Allman
ISBN #156592222, O'Reilly & Associates

The most comprehensive book on Sendmail.

Amazon.com
"Sendmail Desktop Reference"
by Bryan Costales, Eric Allman, Gigi Estabrook (Editor)
ISBN #1565922786, O'Reilly & Associates

Amazon.com
"Sendmail: Theory and Practice"
by Frederick M. Avolio, Paul Vixie (Contributor)
ISBN #1555581277, Butterworth-Heinemann

Amazon.com
"Linux Sendmail Administration"
by Craig Hunt
ISBN #0782127371, Sybex

Amazon.com
"Postfix"
by Richard Blum
ISBN #0672321149, Sams

Amazon.com
"Exim"
by Philip Hazel
ISBN #0596000987, O'Reilly & Associates

Amazon.com
"An Introduction to Qmail"
by Dave Sill
ISBN #1893115402, APress

Amazon.com
"Running qmail"
by Rich Blum, Richard Blum
ISBN #0672319454, Sams

Amazon.com
"Hewlett-Packard Announces Last Call for OpenMail Customers"
ASIN #B00005MBR4, IDC

Requires Acrobat PDF reader.

PDF document may be purchased through Amazon. (Expensive)

Amazon.com
"Stopping Spam"
by Alan Schwartz, Debby Russell (Editor), Simson Garfinkel
ISBN #156592388X, O'Reilly and Associates

Amazon.com
"Removing the Spam : Email Processing and Filtering"
by Geoff Mulligan
ISBN #0201379570, Addison-Wesley Networking Basics Series

Amazon.com

Get Firefoxnotcpa