Compiling, Installing, and Configuring Sendmail 8.9.3 By Ed, 2-23-00 www.narced.com/linux The goal of this helpfile is to show the user how to compile, install, and configure sendmail with its most useful options (for an ISP-like mail server): STEP 1: Download Sendmail and BerkeleyDB The latest version of Sendmail (as of this writing) is 8.9.3, and it is available at: ftp://ftp.sendmail.org/pub/sendmail/ Then, get BerkelyDB from: http://www.sleepycat.com/download.html The latest version is 3.0.55. I've used 2.7.7 successfully, but have not tried 3.0.55 yet. Like pretty much all other software, both Sendmail and BerkelyDB come in the .tar.gz format. STEP 2: Install BerkelyDB Copy the BerkelyDB tar.gz file to a directory like /install or something, and then extract it like this: tar -xzvf db-3.0.55.tar.gz This will extract all files in this archive into a subdirectory called db-3.0.55 . Run this: cd /install/db-3.0.55/build_unix ../dist/configure make make install STEP 3: Install Sendmail Extract this file in the /install directory as well (you can delete all the stuff in /install when you're done) like this: tar -xzvf sendmail.8.9.3.tar.gz Then, do this: cd sendmail-8.9.3/ cd src sh Build -c -I/usr/local/BerkeleyDB/include -L/usr/local/BerkeleyDB/lib This will create the sendmail binary inside of: /install/sendmail-8.9.3/src/obj.Linux.2.2.14.i586 . Copy this file to /usr/sbin, and change the permissions/ownership to look like this: -r-sr-sr-x 1 root bin 564481 Nov 28 10:41 /usr/sbin/sendmail Here's how: chmod 6555 /usr/sbin/sendmail chown root:bin /usr/sbin/sendmail STEP 4: Configure Sendmail This part can be huge. There but I'll try are entire books on how to configure Sendmail (O'Reilly's comes to mind... ~1000 pages!), but I'll try to only include useful stuff. First off, you need to generate a sendmail.cf file. This file usually sits in the /etc directory, but a lot of people put in /etc/mail and make a symlink (ln -s /etc/mail/sendmail.cf /etc/sendmail.cf). Anyway, the best thing to do is make our own .mc file, and generate the .cf file based on that. Here's how: cd /install/sendmail-8.9.3/cf/cf pico mydomain.mc ################### mydomain.mc ##################### divert(-1) VERSIONID(`@(#)generic-bsd4.4.mc 8.7 (Berkeley) 5/19/1998') OSTYPE(bsd4.4)dnl DOMAIN(generic)dnl FEATURE(access_db) FEATURE(`always_add_domain') FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable')dnl FEATURE(mailertable,`hash -o /etc/mail/mailertable') FEATURE(`local_procmail', `/usr/bin/procmail') FEATURE(rbl,`rbl.maps.vix.com',` Mail from $&{client_addr} rejected; see http://mail-abuse.org/cgi-bin/lookup?$&{client_addr}') FEATURE(rbl,`dul.maps.vix.com',` Mail from dial-up rejected; see http://mail-abuse.org/dul/enduser.htm') MAILER(local)dnl MAILER(smtp)dnl FEATURE(`use_cw_file')dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') ##################################################### Save this file, and then generate the sendmail.cf file by typing this: m4 ../m4/cf.m4 mydomain.mc > sendmail.cf Then copy it to the /etc directory. You may want to back up the original one just in case: cd /etc mv sendmail.cf sendmail.cf.old cp /install/sendmail-8.9.3/cf/cf/mydomain.cf /etc/sendmail.cf .mc File Definitions This file is doing a few things. First, it's using the generic bsd 4.4 mc file (because there ISN'T one for linux). Below is a short definition of what each feature does. Access_db --------- This file starts as a text file that has to be made into a database file using the makemap program. Here's a sample /etc/mail/access text file: friendlydomain.com RELAY anotherbuddy.com RELAY spammer.com REJECT 123.45.67.89 REJECT # exact IP 132.54.79 REJECT # class C # block spammer's full address retire_early@moneymaker.com REJECT # block the same spam from multiple domains - username only here: Make_big_money@ REJECT # block the same spam from multiple domains - domain only here: @fake_from.com REJECT Issue this command to make the access.db: makemap hash /etc/mail/access < /etc/mail/access You might even want to make this a script... something like "newaccess." You don't need to restart sendmail when rebuilding the access file. Another, similar feature to consider is the "relay-domains" file in the /etc/mail directory. This is a plain text file that simply lists domains or IP addresses. It may be wise to keep this list short. Sendmail needs to be restarted when this list is changed. Long lists are better put in access database lists (like above) because the hash databases are quicker than plain-text files. Always_add_domain ---------------- This feature will force all email to have the entire domain name attached to the end of the username. The only time I've ever seen this have an effect is when using mailx. Virtusertable ------------- The "virtusertable" allows other domains to be mapped in an "aliases"-type file. For example: tim@anotherdomain.com bob @hosted-domain.com joe@other-domain.com <-- This is how to set up a floodgate The "-o" means that the presence of that file is OPTIONAL. The virtusertable is set up like an aliases file, and allows domains to be mapped to other domains, as well as "floodgates." A floodgate will make ANY email at a domain forward to ONE address. For example, steven@hosted-domain.com, bob@hosted-domain.com, mary@hosted-domain.com will ALL forward to joe@other-domain.com . Mailertable ----------- The mailertable allows your server to queue mail for another server. For example, consider the following DNS setup: @ IN MX 5 mydomain.com. @ IN MX 20 friends-domain.com. If I need friends-domain.com to queue mail for my incase mydomain.com goes down (sendmail dies, server crashes, network connection fails, etc.), I would need friends-domain.com to set up a mailertable file that looks like this: mydomain.com smtp:mydomain.com With this setup, mail that is sent to me@mydomain.com tries to connect to mydomain.com. If mydomain.com is down, the sender's server will connect to friends-domain.com and it will queue there (probably in /var/spool/mqueue if it's a linux box). This type of setup can be tested by sending an email to this address: user%mydomain.com@friends-domain.com The email will be sent to friends-domain.com, which will then chop off it's own domain and translate the % into a @, and then deliver the message to user@mydomain.com . Local_procmail -------------- This says to use procmail and the Mail Delivery Agent (Mlocal). This is MUCH better than mail.local (the default) because procmail is extremely configurable. Run 'man procmail' and 'man procmailex' to see how awesome it is. Use_cw_file ----------- The last 2 lines tell sendmail to OPTIONALLY use a sendmail.cw file. The sendmail.cw file is a list of hosts to accept mail for (and deliver that mail locally). Here's a sample: mydomain.com neptune.mydomain.com With this setup, users can receive mail to user@mydomain.com AND user@neptune.mydomain.com .