Automation
(Last updated: Tuesday, April 17, 2007)
Linux, Sendmail and Gmail.com
Last updated: Sunday, Nov. 13, 2009
Update: I'm moving my home server over to Centos 5.4 and things are a little different.
Update: I corrected a missing <TMPF> option in the hash command below. Sorry about that.
Found a few more links on the subject which may help others trying to get sendmail working with Gmail.
- Configure sendmail to work with Gmail smtp relay
- Configuring Sendmail to relay through Gmail SMTP
- Sendmail: Smart Host Authentication by Sender
Some folks may be interested in using Postfix instead of sendmail. For those there are sites such as Soup to nuts - Postfix tutorial.
I found this, on Sendmail, Fetchmail and Google Mail, in Yan Li's blog: Yan Li's Words. Yan Li has a simplified setup (I did a few more things as I wanted to fix a few email problems). More importantly he has the config for setting up fetchmail to get user mail from Google Mail. Careful, he does come back to this page for a portion of the setup.
A work in progress but I actually have this working properly. I started by searching the internet with Google and found only one link that was partially useful. That link, in Portuguese, is appropriately called Sendmail + SMTP GMAIL. Unfortunately the direct instructions didn't work. So I decided to clean up the sendmail.mc file that was supplied and throw in a few changes that had worked for me with my Linux, Sendmail and Comcast.net setup. After double checking various settings (must have been a spelling error) I got my Linux box to work with Sendmail.
There are things to check and lots of little configuration changes to make. Before you start wondering why are you going through this exercise remember that with power comes responsibilty. Sendmail is very power. So lets start with the files you will need to change:
- /etc/mail/sendmail.mc
- /etc/mail/auth/client-info
This is where the files are on my Linux box. There is no /etc/mail/auth directory yet on either my FC6 or Centos box, so I'll create one later. A word of warning, I'm not sure I have everything working properly just yet. I am able to send out email from my machine but I haven't fully checked the headers to see that everything is correct. Also because I have so many copies of sendmail configs lying around I'll post my entire sendmail.mc (FC6) file::
dnl# This is the default sendmail .mc file for Slackware. To generate
dnl# the sendmail.cf file from this (perhaps after making some changes),
dnl# use the m4 files in /usr/share/sendmail/cf like this:
dnl#
dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc
dnl# cd /usr/share/sendmail/cf
dnl# sh Build config.cf
dnl#
dnl# You may then install the resulting .cf file:
dnl# cp config.cf /etc/mail/sendmail.cf
dnl#
dnl# This is where it is on my box, you're box might differ
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`Linux Home Automation FC6 Gmail')dnl
OSTYPE(`linux')dnl
dnl#
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
dnl# FEATURE(masquerade_envelope)
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
dnl# FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`root')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`cookie.uucp')dnl
define(`SMART_HOST',`smtp.gmail.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')
dnl#
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl#
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/CAcert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
FEATURE(masquerade_entire_domain)dnl
dnl #
MASQUERADE_AS(`comcast.net') dnl
FEATURE(genericstable, `hash -o /etc/mail/genericstable') dnl
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')dnl
dnl #
dnl # Leave these at the end, sendmail prefers these last (for the most part)
dnl #
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Remember to change the comcast.net to your appropriate FQDN host. If you're not already familiar with the various redirector services check out DynDNS Inc.. There are others so do your homework. I use the free service and I've been very happy with it.
Note: My Centos sendmail.mc file looks different from the above FC6 sendmail.mc file. For one thing the placement of the lines differs. For another the Centos supports IPV6. I'll post that at a later date once I get it working properly.
Later I'll explain the virtusertable and mailertable entries. I needed all of that so other devices throughout my network can send email to my local machines or to users on the internet.
Changes I made to /etc/mail/submit.mc (added to the end of the file):
FEATURE(`msp', `[127.0.0.1]')dnl
If you don't have an /etc/mail/auth directory, as root, create one like this:
# mkdir -p /etc/mail/auth
# chmod 700 /etc/mail/auth
You won't have the next client-info files so you'll have to create it (with you favorite Unix editor). Change the permissions on the client-info file like this:
# chmod 600 client-info
So using my user_id@gmail.com email ID and password I made the following entry in /etc/mail/auth/client-info:
# cat /etc/mail/auth/client-info
AuthInfo:smtp.gmail.com "U:smmsp" "I:user_id" "P:password" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:smmsp" "I:user_id" "P:password" "M:PLAIN"
Yes, password is plain text. It is possible to encode the password but I don't have those instructions here.
Remember to replace user_id with your Gmail email ID (your email addresse without the @gmail.com) and password with your email password. Also make sure that the client-info file has tight permissions so nobody can read your password.
How to compile it into a db file:
# cd /etc/mail/auth
# makemap -r hash client-info.db < client-info
And finally make sure your running the latest cf files since your mc file changes:
# cd /etc/mail
# make
If you don't have a Makefile in your /etc/mail directory then you'll need to rebuild your files manually. Here's an example using sendmail.mc:
# m4 sendmail.mc > sendmail.cf
And lastly restart sendmail:
# service sendmail restart
Changing the sender on outgoing email
One of the things I wanted to do was to correct the sender's email address that was being used on outgoing email. I frequently have processes that send email and run as 'other' users on my server. What I'd like to see is instead of this:
- cookie!cookie!asterisk@comcast.net
I'd rather see this:
- ncherry@linuxha.com
That way if the mail ends up in the wrong place at least the person can reply and let me know that my mail was accidently received by them. The good news is that it's not hard to do with Sendmail. Just add these lines to your /etc/mail/sendmail.mc file:
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')dnl
Now edit the /etc/mail/genericsdomain file and add the entries you want changed, like this:
cookie!cookie!asterisk ncherry@linuxha.com
Now compile it into a db file:
# cd /etc/mail
# makemap -r hash genericstable.db < genericstable
And finally make sure your running the latest cf files since your mc file changes:
# cd /etc/mail
# make
And lastly restart sendmail:
# service restart sendmail