Tuesday, April 29, 2025

Setting Up Sendmail as a Relay Server on RHEL 9 | CentOS 9

Introduction

Setting up Sendmail as a relay server on RHEL 9 or CentOS 9 can be an essential task for organizations that need to route their emails through a central mail server. Sendmail is a powerful and flexible mail transfer agent (MTA) widely used in Unix-based systems. It is known for its robustness and scalability, making it a popular choice for enterprise environments. Configuring Sendmail as a relay server allows you to direct all outgoing emails through a designated server, improving security and manageability.

Prerequisites

Before starting, ensure you have the following:

  • A running instance of RHEL 9 or CentOS 9
  • Root or sudo access to the server
  • Basic knowledge of command-line operations

Setting Up Sendmail as a Relay Server: A Step-by-Step Guide

Install Sendmail

First, you need to install Sendmail and related packages. Open a terminal and run the following command:

sudo dnf install sendmail sendmail-cf m4

This command installs Sendmail and the configuration tools required to customize its settings.

Configure Sendmail

Next, you need to edit the Sendmail configuration file to set up the relay server. The main configuration file is located at /etc/mail/sendmail.mc.

Open the file with a text editor:

sudo vim /etc/mail/sendmail.mc

Locate the following line:

dnl define(`SMART_HOST',`smtp.your.provider')dnl

Uncomment the line by removing the dnl at the beginning and replace smtp.your.provider with the address of your relay server:

define(`SMART_HOST',`relay.example.com')dnl

If your relay server requires authentication, you will need to add the following lines:

define(`RELAY_MAILER_ARGS', `TCP $h 587')
FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db')dnl

Configure Authentication

Create a file named /etc/mail/authinfo to store your authentication information:

sudo nano /etc/mail/authinfo

Add the following content, replacing relay.example.com with your relay server’s address, and username and password with your actual credentials:

AuthInfo:relay.example.com "U:username" "P:password" "M:PLAIN"

Save the file and then create the database file from it:

sudo makemap hash /etc/mail/authinfo < /etc/mail/authinfo

Rebuild Sendmail Configuration

After editing the configuration file, you need to rebuild the Sendmail configuration:

cd /etc/mail
sudo m4 sendmail.mc > sendmail.cf

This command processes the sendmail.mc file and generates the sendmail.cf file, which Sendmail uses as its main configuration file.

Start and Enable Sendmail

Now that the configuration is set, start the Sendmail service and enable it to start on boot:

sudo systemctl enable --now sendmail

Open Firewall Ports

Ensure the necessary ports are open in the firewall to allow Sendmail to communicate. By default, Sendmail uses port 25. To open this port, run:

sudo firewall-cmd --permanent --add-port=25/tcp
sudo firewall-cmd --reload

Verify Sendmail Configuration

To verify that Sendmail is correctly set up as a relay server, send a test email:

echo "Test email from Sendmail" | sendmail -v recipient@example.com

Replace recipient@example.com with an actual email address. Check the mail logs for any errors:

sudo tail -f /var/log/maillog

Additional Configuration Options

#1. Restricting Relaying: To prevent unauthorized use of your relay server, you can configure access control rules in Sendmail. Edit the /etc/mail/access file to specify which domains or IP addresses are allowed to relay mail through your server.

sudo vi /etc/mail/access

Add lines for allowed and denied hosts:

Connect:192.168.1.1      RELAY
Connect:example.com      RELAY
Connect:spamdomain.com   REJECT

After editing the file, rebuild the access database:

sudo makemap hash /etc/mail/access < /etc/mail/access
sudo tail -f /var/log/maillog

#2. Logging and Monitoring: Sendmail provides extensive logging options. You can adjust the verbosity of the logs by editing the /etc/syslog.conf file. Increasing log verbosity can help in troubleshooting issues and monitoring email traffic. Here’s an example:

# Sendmail logging
mail.debug      /var/log/sendmail.log

This configuration line does the following:

  • mail.debug: This specifies the logging facility (mail) and the severity level (debug). The debug level captures detailed logging information, which is the most extensive level of logging available. It includes all messages from all severity levels (emergalertcriterrwarningnoticeinfo, and debug).
  • /var/log/sendmail.log: This specifies the file where the log entries will be written. You can change the path if you prefer a different location for the log file.

NOTE:  Ensure the log file exists or create it. Also, apply the appropriate permissions and restart the rsyslog service.

Troubleshooting Tips

  • Authentication Issues: Ensure that the relay server address and credentials are correct. Mistyped credentials or incorrect relay addresses are common issues.
  • Firewall Blocking: Check that your firewall is not blocking outgoing mail. Use the firewall-cmd commands to open the necessary ports.
  • DNS Settings: Verify DNS settings if you’re using a hostname for the relay server. Incorrect DNS settings can cause mail delivery failures.
  • Consult Documentation: The Sendmail documentation is an invaluable resource for advanced configuration options and troubleshooting.
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

HTTP Appache Server LAB 7

 Apache HTTP Server (httpd) Configuration,