Previous Page
Next Page

7.6. Configuring the sendmail Server

sendmail is a robust email server. Like Apache, it has an enormous number of configuration options to handle many different service scenarios, even though many of these scenarios are pretty rare. With a small amount of configuration, sendmail can be configured to handle most mail-serving tasks.

7.6.1. How Do I Do That?

Fedora's default sendmail configuration will:

  • Start the sendmail service at each boot

  • Accept mail from local users for local mailboxes and place it in those mailboxes

  • Accept mail from local users for remote systems, place it in a queue, and attempt to deliver it directly to the remote mail hosts

This configuration may or may not work for you, depending on how you are connected to the Internet. Preparing to configure sendmail and activating changes

To configure sendmail easily, install the sendmail-cf package:

# yum install sendmail-cf

Changes to the sendmail configuration are made to the file /etc/mail/ However, this isn't the sendmail configuration file! Instead, it's a file that is used to generate the sendmail configuration file, /etc/mail/

To generate a new file:

# cd /etc/mail
# make

This must be done after each change is made to Reload the sendmail server to make your changes take effect:

# service sendmail reload

(You can also use the Restart button in the Services tool.) Configuring sendmail to use a mail relay

Some Internet Service Providers (ISPs) block email traffic to all mail servers except their own. This is intended to block viruses that set themselves up as a mail server, but it also interferes with Fedora's default sendmail configuration, which expects to be able to send email directly to the destination system.

To configure sendmail to send your outbound email through your ISP's mail server, find the line in /etc/mail/ that contains the word SMART_HOST:

dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(\QSMART_HOST',\Q

In this file, dnl means discard to newline, which effectively turns this line into a comment. Uncomment the SMART_HOST line by removing the dnl and then replace smtp.your.provider with the name of your ISP's mail server:

           ') Configuring sendmail to accept inbound email

Fedora's standard sendmail configuration does not accept email from remote systems, a feature that must be enabled if the system is going to act as an Internet email host.

To enable remote inbound connections, locate the line in that contains the loopback address

dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(\QPort=smtp,Addr=, Name=MTA')dnl

Add dnl to the start of this line to comment it out:

                  dnl DAEMON_OPTIONS(\QPort=smtp,Addr=, Name=MTA')dnl

sendmail will then accept connections on all network interfaces and deliver mail that is addressed to a user on the local host. For example, if the hostname is, then email addressed to will be delivered to the mailbox of the local user chris, which is /var/spool/mail/chris.

To configure sendmail to accept mail for other destinations, add those destinations to the file /etc/mail/local-host-names:

# local-host-names - include all aliases for your machine here.


Remember to enable inbound connections on port 25 (SMTP) in your firewall configuration. Using aliases

There are many standard email addresses that people expect to be able to use: webmaster to reach the person responsible for the web server and content, abuse to report spam problems, info as a general information contact, and so forth. Mail sent to these standard addresses can be redirected to the mailbox of chosen users through the sendmail alias facility.

Aliases are configured in the file /etc/aliases, which looks like this:

#  Aliases in this file will NOT be expanded in the header from
#  Mail, but WILL be visible over networks or from /bin/mail.
#       >>>>>>>>>>      The program "newaliases" must be run after
#       >> NOTE >>      this file is updated for any changes to
#       >>>>>>>>>>      show through to sendmail.

# Basic system aliases -- these MUST be present.
mailer-daemon:  postmaster
postmaster:     root

# General redirections for pseudo accounts.
bin:            root
daemon:         root
adm:            root
...(Lines snipped)...
info:           postmaster
marketing:      postmaster
sales:          postmaster
support:        postmaster

# trap decode to catch security attacks
decode:         root

# Person who should get root's mail
#root:          marc

You'll notice that all of the standard aliases are redirected to rootbut on most systems, no one checks the root mailbox, so you should start by defining who is to receive mail addressed to root. Uncomment the last line of this file and replace marc with a valid user ID:

root:          chris

Run the newaliases command after each edit to the /etc/aliases file to ensure that the changes are put into effect immediately:

# newaliases/etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total

Next, change any aliases that you do not wish to redirect to root, sending the mail to the user of your choice:

info:           sam
marketing:      frida
sales:          angela
support:        henry

Destination mailboxes do not have to be local:


And it's possible to specify multiple destinations for an alias, separated by commas:

webmaster:      frank,

This opens up the possibility of using aliases to create simple mailing lists. For example, all of your sales people could be reached through one address:

sales-team:     angela, sue, mike, olgovie, george


Note that alias destinations can be on multiple lines.

You can create as many aliases as you want, whenever you want. Aliases are handy for creating disposable email addresses. I create batches of made-up addresses from time to time and use them when I register for a conference or web site, or when I enter a contest:

daa:            chris
dab:            chris
dac:            chris
dad:            chris
dae:            chris
daf:            chris

When I use one of these addresses, I record who I gave it to, and if I see spam arriving with that address, then I know who has been abusing my personal information. I can discontinue receiving mail at that address simply by removing the offending alias from the aliases file.

This strategy is also effective when publishing email addresses on a web site: simply change the address on the web site periodically, using a different disposable email address each time. If a spammer harvests your email address from the web page, it will be useful to them only for a short time. Configuring virtual users

Aliases (and regular user accounts) have one critical limitation: they apply to all of the domains for which sendmail is accepting mail. If you have a server that is accepting mail for as well as, and you define an alias or create a user account named chris, then mail to and mail to will end up in the same mailbox.

To overcome this limitation, use the /etc/mail/virtusertable file to define where mail to each address should be sent. Each line in this file consists of an address, a space, and the destination. Here is an example:            chris

Note that the syntax for /etc/mail/virtusertable differs from the syntax for /etc/aliases: there are no colons, and only one destination address may appear in each entry.

virtusertable also permits the redirection of entire domains, by leaving out the username portion of the email address:             joseph                 chris

The last entry will redirect all mail to the domain to the local user chris, except for mail addressed to or (because they are listed first, and the file is processed in the sequence given).

Like /etc/mail/, the virtusertable file must be processed before it is used:

# cd /etc/mail
# make 
        Configuring Masquerading

sendmail includes masquerading capability, which enables outbound mail to be modified so that it looks like it came from another system. This is commonly used to remove hostname information from the email address. To configure so that outbound mail appears to be from user instead of user, locate the MASQUERADE_AS line in /etc/mail/

dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from
dnl #
dnl MASQUERADE_AS(\')dnl

Uncomment the MASQUERADE_AS line and replace with the domain name you wish to use:


Masquerading is not applied to email from the root and mailer-daemon users because those addresses are used for error messages. If several machines in a domain were masquerading with the same name, it would not be possible to determine where the error messages were originating.

7.6.2. How Does It Work?

Fedora's email system, like most others, is divided into three parts:

mail transport agent (MTA)

Transports mail between systems. sendmail is the default MTA.

mail delivery agent (MDA)

Delivers mail to local users, optionally performing filtering or sending vacation replies ("Jane is away from the office until Monday; she will read and reply to your mail when she returns"). Fedora uses procmail in this role.

mail user agent (MUA)

The email client that interacts with the user. A Fedora user can choose from many different MDAs, including Evolution, Thunderbird, SquirrelMail, and the text-based mail command.

Originally written when a wide range of email transportation schemes were in use, sendmail is designed to route mail through and between these different systems, each with their own address format and message queuing system. Because of this heritage, sendmail has a sophisticated and complex configuration system, but many of the configuration options are not used for Internet email servers.

sendmail is now used almost exclusively with the Simple Mail Transport Protocol (SMTP), which is a human-readable transfer protocol that uses TCP/IP connections on port 25. You can use telnet to connect to an SMTP server and manually send mail if you want:

$ telnet smtp
Connected to (
Escape character is '^]'.
220 ESMTP Sendmail 8.13.5/8.13.5; Thu, 2 Mar 2006 13:07:11 -0500
250- Hello [], pleased to meet you
250 HELP
MAIL From:
250 2.1.0 Sender ok
250 2.1.5 Recipient ok
354 Enter mail, end with "." on a line by itself

                  Subject: Greetings!Date: Thu, Mar 2006 12:08:11 -0500
Hi there -- just dropping you a quick note viatelnet. Hope your day is going well.
250 2.0.0 k22I7BTo016133 Message accepted for delivery
221 2.0.0 closing connection

Notice the blank line separating the email headers from the message bodyjust like HTTP transfers. The HTTP format is derived from the email format.

You can also send mail by sending it to the standard input of a sendmail process:

$ /usr/bin/sendmail chris@concord2.proximity.on.caSubject: Test II
Did you remember to renew the domain registration?If not, please take care of this before next Tuesday.[Ctrl-D]

Outbound mail is queued in /var/spool/mqueue/. Inbound mail is delivered via procmail to users' mailboxes in /var/spool/mail/. The mailboxes are simply text files containing all of the messages concatenated end to end; this format is sometimes called mbox format.

The /etc/mail/ file used for configuration is an m4 macro file. It is interpreted by the m4 command using files in /usr/share/sendmail-cf/m4/ to build /etc/mail/ While it is possible to construct the file by hand, it's typically eight times as long as the file and uses a very cryptic structure. Here's a snippet:

R< > $+                 $: < > < $1 <> $&h >            nope, restore +detail

R< > < $+ <> + $* >     $: < > < $1 + $2 >              check whether +detail
R< > < $+ <> $* >       $: < > < $1 >                   else discard
R< > < $+ + $* > $*        < > < $1 > + $2 $3           find the user part
R< > < $+ > + $*        $#local $@ $2 $: @ $1           strip the extra +
R< > < $+ >             $@ $1                           no +detail
R$+                     $: $1 <> $&h                    add +detail back in

Most system administrators would much rather deal with than

7.6.3. What About... ...using an alternate MTA?

Postfix is an alternate MTA shipped as part of Fedora. For most users, sendmail will work well, but if you are familiar with Postfix configuration you may want to use it instead.

You can easily switch between sendmail and Postfix using the alternatives command:

# alternatives --config mta

There are 2 programs which provide 'mta'.

  Selection    Command
*+ 1           /usr/sbin/sendmail.sendmail
   2           /usr/sbin/sendmail.postfix

Enter to keep the current selection[+], or type selection number: 

You can also switch graphically, using the system-switch-mail command available through the menu option SystemAdministrationMail Transport Agent Switcher (this requires the somewhat obscure package system-switch-mail). The window shown in Figure 7-20 will be displayed; select the MTA you wish to use and click OK.

Figure 7-20. The Mail Transport Agent Switcher tool. ...fetching mail from a remote mailbox?

If you're using Fedora at a location that does not have a permanent Internet connection with a static IP address, incoming email cannot be delivered directly to sendmail. Instead, you'll have to arrange for the email to be delivered to mailboxes on another system and then pick up the mail from that system.

Many MUAs such as Evolution will directly access remote mailboxes, but sometimes you want to have that mail flow through the local mail system so that alias handling and procmail processing take place.

Fetchmail can retrieve mail from a remote mailbox and feed it to sendmail on the local system. To configure Fetchmail, create the file ~/.fetchmailrc using a text editor. Here is a simple configuration:

# Check for email at five-minute (300-second) intervals
set daemon 300        

# Poll the system using the POP3 protocol
poll with protocol POP3:

        # Describe how the usernames on this machine relate 
        # to the usernames on
        user chris here is chris.tyler there, password "FedoraRules!"
        user diane here is diane.tyler there, password "BiggestSecret";

This will fetch the mail for two users from one server using the Post Office Protocol, Version 3 (POP3). Fetchmail can retrieve mail using many different protocols and has an uncommonly readable configuration syntax; consult its extensive manpage for the gritty details.

Once you have set up the ~/.fetchmailrc file, execute the fetchmail command:

$ fetchmail

It will run in the background until you stop it by running fetchmail with the -q option:

$ fetchmail -q
fetchmail: background fetchmail at 8025 killed.

To make fetchmail run automatically whenever you log in, place it in your ~/.bash_profile.

7.6.4. Where Can I Learn More?

Previous Page
Next Page