Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Where do i begin with sendmail ?
From what I've been reading sendmail is one of the oldest and strongest mail servers around.
Just a tiny bit hard to setup.
I wanna set it up, but really have no idea where to begin.
Having a dynamic IP, I checked my port 25 and from what i can tell my ISP is blocking it.
Is there someone how had the same problems and has a mail server running.
Some help would be welcome
Been there.
And done viewed some others how2 to
For as far as i can tell it could work.
Code:
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # /etc/mail/make
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Do not advertize sendmail version.
dnl #
dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
dnl #
dnl # default logging level is 9, you might want to set it higher to
dnl # debug the configuration
dnl #
dnl define(`confLOG_LEVEL', `12')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl #
dnl define(`SMART_HOST', `skynet.be')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl # Please remember that saslauthd needs to be running for AUTH.
dnl #
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl # cd /etc/pki/tls/certs; make sendmail.pem
dnl # Complete usage:
dnl # make -C /etc/pki/tls/certs usage
dnl #
dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The following limits the number of processes sendmail can fork to accept
dnl # incoming messages or process its message queues to 20.) sendmail refuses
dnl # to accept connections once it has reached its quota of child processes.
dnl #
dnl define(`confMAX_DAEMON_CHILDREN', `20')dnl
dnl #
dnl # Limits the number of new connections per second. This caps the overhead
dnl # incurred due to forking new sendmail processes. May be useful against
dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address
dnl # limit would be useful but is not available as an option at this writing.)
dnl #
dnl define(`confCONNECTION_RATE_THROTTLE', `3')dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment
dnl # the following 2 definitions and activate below in the MAILER section the
dnl # cyrusv2 mailer.
dnl #
dnl define(`confLOCAL_MAILER', `cyrusv2')dnl
dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl #DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # enable both ipv6 and ipv4 in sendmail:
dnl #
dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`dezuttere.mine.nu')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`dezuttere.mine.nu')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl MAILER(cyrusv2)dnl
DAEMON_OPTIONS(`Name=MTA,Modifiers=a')
Its a really default setup so far
This is what i get back when i try to send something
Code:
Deferred: Connection reset by in.mx.skynet.be.
Deferred: Connection timed out with dezuttere.com.
Nope noting so far still keep getting the same error.
I could be wrong but don't i need to define a User account and Pass before the relay server from skynet will accept my connection ?
You need to use a connection from skynet.
What is the smtp server you where given by skynet?
Seems to me there is a problem with dezuttere.mine.nu and dezuttere.com
Quote:
Connection timed out with dezuttere.com.
It tries to deliver to dezuttere.com, but gets a timeout
I would suggest to start with a basic setup and go from there
I see you also reside in Belgium.
May i ask do you have a mail server running?
I'm trying to get one up under windows as it is more noob proof.
Learning to crawl before i start to walke
But no go there either.
Using this port scanner i checked to see whats open and whats not.
It seems if ports 25 and 110 are open but it seems there locked?
That they closed 25 i can understand that but why would they close 110 ?
For as far as i now
25 is the default port for SMTP - sending
110 for receiving.
I'm trying to send email put nothing is coming in.
The ports are forwarded to the server inside my router and firewall.
I used to run a mail server, when I was working on the support department of a ISP, and had 2 fixed IP's.
Since I left, I have a dynamic IP, and don't run a mailserver anymore, since most SMTP servers don't accept
connections from a dynamic IP, and the cost to run a server 24/7 are to high :-)
Now I use the SMTP from gmail to send mails, so I can sent mail, whatever connection I use
(at home, with friends, on holiday)
For the record, I always used exim, never used sendmail.
I can see your webserver, ftpserver and ssh is working.
However, no connection on port 25 or 110
Quote:
25 is the default port for SMTP - sending
110 for receiving.
25 is the defaul port for sending and recieving.
The external SMTP server will connect to your port 25 in order to deliver mail, you will connect via port 25 in order to send mail.
110 is the port to pop mail from your server
If you want to use dezuttere.com as your domain, you need to make sure the MX records of that domain point to your server, you need to setup reverse DNS, meaning the domain needs to point to the IP, and the IP needs to point back to the domain.
Most SMPT server do a check for that.
Also you need to setup a backup MX, in case your server, or the connection goes down.
A portscan shows:
Code:
cannabis:/home/repo# nmap -P0 xxxxxxxxx.mine.nu
Starting Nmap 4.68 ( http://nmap.org ) at 2009-08-03 09:12 CEST
Interesting ports on xxx.xxx.xxx.xxx.adsl-dyn.isp.belgacom.be (xxx.xxx.xxx.xxx):
Not shown: 1711 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
1723/tcp closed pptp
Nmap done: 1 IP address (1 host up) scanned in 234.319 seconds
cannabis:/home/repo#
Dezuttere.com has no MX records setup
Code:
cannabis:/home/repo# host dezuttere.com
dezuttere.com has address 209.51.223.69
dezuttere.com mail is handled by 0 dezuttere.com.
cannabis:/home/repo#
I don't know if you can change the DNS records for dezuttere.com
And I don't know if you can use dyndns to send and recieve mail.
In short, most SMTP servers refuse connections from dynamic IP's, and they check for reverse DNS
Another problem, if your IP changes, and that IP is blacklisted somewhere for sending SPAM, due to an infection of that computer, your mailserver is blacklisted at that moment also, until you change IP.
You can see if your hosting provider has an option to forward all mail from your domain to an emailaddress.
I can forward all mail from my domain to my gmail account, or create aliasses so only certain users are forwarded,
FYI, take a look at edpnet, they offer a connection from 24 Mbps/1024 kbps, traffic 100 GB, and they block no ports for 29,95 euro/month http://www.edpnet.be
Thanks Repo
This is really some information that i can use.
I also found out that dezuttere.com has no MX record.
This is really strange because this is the mail/web server i'm renting.
And my mail and everything else works fine there.
The tools they provide tells me that the "dezuttere.no-ip.org" mx record is pointing to my servers IP.
So i'm almost a 100% sure that part is working fine.
But since port 25 is blocked its seems a will need to activate a "mail hopper" service to redirect port 25 to a none default port.
This will cost me about €25 a year with DynDNS.
In the total cost of my studies now that is nothing.
Working to get my CompTIA A+ (finals in sep.), Server+, Network+ and CCNA.
Never the less thanks for your time and the all off the information you have been providing.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Sendmail - where to start
