Configure Sendmail MTA on CentOS 8 to work as SMTP Relay

No Comments
Hidden24 VPN


Sendmail is an easy to implemant, lightweight electronic Mail Transport Agent (MTA), which enables you to automate the process of sending e-mail messages from your Linux host. It can play a significant role as a background mechanism for processing outbound emails from monitoring software to deliver status notifications to the system administrators or send diagnostic information at specified time schedule.
In this article I present how to install and configure Sendmail on CentOS 8 to work as SMTP Relay for outbound traffic to OVH mail server.

0. Prerequisites

Sendmail daemon requires configured hostname for proper operation.
Set hostname for your host (if not already set):

[root@chronos ~]# hostnamectl set-hostname chronos

Include your hostname in /etc/hosts file:

[root@chronos ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 chronos
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

1. Install sendmail service

Install sendmail and corresponding RPM packages:
sendmail-cf package includes configuration files required to generate sendmail.cf configuration file.
cyrus-sasl-plain package contains the Cyrus SASL plugins which support PLAIN and LOGIN authentication. 

[root@chronos ~]# dnf install sendmail sendmail-cf cyrus-sasl-plain

Note: If you don’t have cyrus-sasl-plain package installed and your SMTP relay host requires authentication, you might encounter the following error in sendmail log:

Jan 05 00:37:07 chronos sendmail[758]: 004NXT6g000357: AUTH=client, available mechanisms do not fulfill requirements

2. Generate authentication information for SMTP relay

Create authinfo text file containing SMTP relay authentication info:

[root@chronos ~]# touch /etc/mail/authinfo

Edit the file, provide SMTP Relay FQDN and authentication credencials:

AuthInfo:ssl0.ovh.net "U:root" "I:admin@tuxfixer.com" "P:XXXXXXXXX" "M:LOGIN PLAIN"

where:
I: account username at your ISP
P: account password at your ISP

Generate the authentication database, based on authinfo text file (this will overwrite existing /etc/mail/authinfo.db file):

[root@chronos ~]# cd /etc/mail/
[root@chronos mail]# makemap hash authinfo < authinfo

Change permissions of both authinfo and authinfo.db files (read/write access for root only):

[root@chronos ~]# chmod 600 /etc/mail/authinfo*

3. Modify sendmail configuration source file

Edit sendmail.mc source file (DO NOT edit resultant sendmail.cf configuration file):

[root@chronos ~]# vim /etc/mail/sendmail.mc

Uncomment and modify SMART_HOST related line:

define(`SMART_HOST', `ssl0.ovh.net')dnl

Add authentication database file related line to let the sendmail daemon find authentication credencials:

FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db')dnl

Regenerate /etc/mail/sendmail.cf file:

[root@chronos ~]# /etc/mail/make

4. Launch the sendmail service

Start and enable sendmail daemon:

[root@chronos ~]# systemctl start sendmail
[root@chronos ~]# systemctl enable sendmail

Verify, if sendmail started successfully:

[root@chronos ~]# systemctl status sendmail

5. Test the e-mail delivery via SMTP Relay

Now it’s time to test sendmail functionality and send test e-mail from Linux command line.
Prepare example e-mail body:

[root@chronos ~]# echo "Subject: Mail Delivery Test" > /tmp/mail.txt
[root@chronos ~]# echo "This is the example e-mail body" >> /tmp/mail.txt

Send the test e-mail using sendmail command:

[root@chronos ~]# sendmail -v admin@tuxfixer.com < /tmp/mail.txt

I am using -v parameter for increased verbosity (to see the whole communication with SMTP relay server).

You can also check systemd journal to see if the e-mail was sent successfully:

[root@chronos ~]# journalctl -f -u sendmail
...
Jan 05 22:19:26 chronos sendmail[30978]: STARTTLS=client, relay=ssl0.ovh.net., version=TLSv1.2, verify=OK, cipher=ECDHE-RSA-AES256-SHA, bits=256/256
Jan 05 22:19:27 chronos sendmail[30978]: 005LJPGI030976: to=, ctladdr= (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=relay, pri=120375, relay=ssl0.ovh.net. [193.70.18.144], dsn=2.0.0, stat=Sent (Ok: queued as 04209DE605A0)

Finally, check the recipient’s Inbox (or SPAM box), the test e-mail should be delivered successfully.

Additionally, to see mail queue, execute the command:

[root@chronos ~]# mailq