My First sendmail.cf

Weldon Whipple <weldon@whipple.org>

Creating or modifying a sendmail.cf file is a daunting task for new sendmail administrators, as well as "returning" sendmail administrators (administrators who worked with sendmail--say--five years ago and have been reassigned to sendmail responsibilities). Hopefully this document will help give you a running start. (At the time of this writing, 8.12.10 is the current version of sendmail.)

Some Preliminaries

Do not edit the sendmail.cf file directly.
A few years ago, the only way of editing the sendmail.cf file was to open an existing sendmail.cf file in an editor and start typing. That is no longer the recommended procedure.
Generate a sendmail.cf from an "mc" (macro configuration) file.
A few lines in an mc file can generate a full-featured sendmail.cf file. Configuration files generated from mc files are far less likely to contain errors. Often a single line added to the mc file will correctly implement a new feature that consists of many lines in the resulting sendmail.cf
You probably won't need to modify the submit.cf.
Beginning with version 8.12, sendmail uses an alternate cf file named submit.cf when it sends mail that originates from the mail server itself. It is unlikely that you will ever need to modify the submit.cf (or its corresponding mc file).
This document tells how to modify/create the main sendmail.cf file, not the submit.cf file.

Which sendmail.cf file does my sendmail use?

Before you modify your sendmail.cf file, make sure you know which configuration file sendmail is using by issuing the following command (as root):


sendmail -d0.11

(After issuing the command, you will probably need to press Ctrl-c to return to a shell prompt.)

On my server, sendmail uses the sendmail.cf file located at /etc/mail/sendmail.cf.

Which mc file generated my sendmail.cf?

The mc file used to generate your sendmail.cf might be in one of the following places:

Creating an mc file from scratch

If you can't find the mc file that generated your sendmail.cf, open an editor and enter the following (for starters):


OSTYPE(linux)
MAILER(local)
MAILER(smtp)
It is entirely possible that the above will generate a functioning sendmail.cf for your server--especially if you are running a linux server. If your server isn't running linux, you will need to modify the OSTYPE line. To find allowable values, browse the directory cf/ostype (where the cf in cf/ostype is the same as the first cf in cf/cf--the sendmail distribution directory that contains sample mc files). In the cf/ostype directory try to identify a file that matches the name of your OS, then remove the trailing ".m4" and use the name as an argument to the OSTYPE macro.

After editing the file, save it in the cf/cf, /etc/mail, or other directory that contains other mc files.

Generating a sendmail.cf from the mc file

Because each OS's sendmail configuration conventions might differ slightly, instructions for generating the mc file will vary. Here are a few methods to try:

  1. If your saved your mc file in the cf/cf/ directory, try the following, making sure that cf/cf is your current working directory: 
    
make <cf-name>.cf
    where <cf-name>.cf is the same as the name of your mc file, substituting "cf" for the trailing "mc".
  2. Assuming the same conditions as above, invoke the following command: 
    
./Build <cf-name>.cf
  3. A third variant of the above two methods uses the following command: 
    
sh Build <cf-name>.cf
  4. This method works on FreeBSD and linux distributions that build cf files from mc files in the /etc/mail directory. With /etc/mail as your current directory (and logged in as root), issue the command: 
    
make <cf-name>.cf
    where <cf-name>.cf is the same as the name of your mc file, substituting "cf" for the trailing "mc".
  5. If none of the above work, you can probably get the following to work. First of all, find where the cf/cf directory is. Make sure that your server has the sibling directory named cf/m4. This example assumes that the cf/m4 directory is at /usr/share/sendmail/cf/m4, and that your current directory is wherever you saved the mc file. Issue the command: 
    
m4 /usr/share/sendmail/cf/m4 <mc-name> > <cf-name>.cf
    where <mc-name> is the name of your mc file and <cf-name>.cf is the cf file you want to generate. (The solitary > between the mc and cf files is a literal greater-than [redirection] sign.)

Note any messages about syntax or other errors, and correct them before proceeding. If none of the above work, your situation is outside the scope of this document.

Installing the new sendmail.cf file

Before installing the new cf file, make a backup copy of your current sendmail.cf file by issuing a command something like:


cp sendmail.cf sendmail.cf.bak

Then copy your new cf file to replace the current sendmail.cf:


cp -f <cf-name>.cf sendmail.cf

Most sendmail executables will complain if the sendmail.cf is writable. You can make it read-only with the following command:


chmod 444 sendmail.cf

Restarting sendmail

Chances are that your sendmail is running as a daemon. You will need to tell sendmail to re-read the sendmail.cf in order for your new sendmail.cf file to take effect.

Actually, if you are using sendmail 8.12 or later, there are likely two sendmail daemons--one listening for incoming e-mail, as well as the "new" submission daemon. For this exercise, we will restart only the daemon listening for incoming e-mail--the daemon that uses the sendmail.cf file.

Some distributions provide special commands for restarting sendmail. I will leave the discovery of those methods to the reader.

Find the process ID of the sendmail daemon that is listening for incoming e-mail by issuing the command:


ps -auxww | grep 'sendmail.*connections'
Some unixes don't recognize the ps command options shown above. On Solaris, for example, you need to replace "-auxww" with "-ef".

On my Slackware linux box the command output includes the line:


root      3893  0.0  1.6  4064  500 ?        S    Nov11   7:39 sendmail: accepting connections

In this case, the process ID is 3893.

Depending on how busy your server is, the "accepting" near the end of the line might instead say something like "delaying", "deferring", or "rejecting".

Send sendmail the "hangup" signal (SIGHUP) with by issuing the following command:


kill -HUP <pid>

where <pid> is the sendmail's process ID.

Using the process ID from my Slackware example above, the command would be "kill -HUP 3893".

Verifying that the sendmail.cf works

Send a few e-mails to the server to make sure that it works as well as it did with the previous sendmail.cf file. Check the sendmail log file (probably /var/log/maillog or /var/log/messages) to make sure that sendmail still receives mail. If it doesn't, rename your backup sendmail.cf and restart sendmail.

A few more lines for your first mc file

Although the earlier three-line mc file might possibly meet your needs, it probably doesn't. You might want to include one or more of the following lines as well:

FEATURE(`use_cw_file')
Does your server receive e-mail for more than one domain? If it receives for only one domain, is the domain that the server receives mail for different from the server's name (displayed when you type "hostname" at the command line)?

If the answer is "yes," add the use_cw_file feature and create a file named /etc/mail/local-host-names, which lists all the domains that you receive mail for.

Note that the two single quotes that surround the arguments are different: in each line, the first is a "back" quote; the second is an apostrophe.
If my server received local mail for whipple.org and technoids.org, my local-host-names file would look like the following: 

whipple.org
technoids.org
FEATURE(`virtusertable')
If you don't neet the use_cw_file feature, you won't need this feature either. You will need this feature, however, if your server receives e-mail for two (or more domains), and both domains have e-mail addresses with matching user parts (before the "@" sign).
If I want sendmail to receive mail for webmaster@whipple.org and for webmaster@technoids.org, I can create a file named /etc/mail/virtusertable, which contains the lines: 

webmaster@whipple.org     weldon
webmaster@technoids.org   morris

weldon and morris are local users on this mail server; alternately, they could be aliases in the /etc/mail/aliases file.

Showing all possible formats of lines in the virtusertable are beyond the scope of this document.

After editing the virtusertable, you need to create a database file. One of the following commands should work in most cases (with /etc/mail as the current directory):


makemap hash virtusertable < virtusertable
makemap btree virtusertable < virtusertable
Many operating systems or distributions will have easier ways to generate the virtusertable database. On FreeBSD, for example, you can issue this command (while /etc/mail is the current directory): 

make
FEATURE(`access_db')
Sendmail uses the access database to control access to its mail services. By adding entries to the access database, you can do such things as allow relaying, block mail to or from certain users, IP addresses or domains, specify SSL/TLS information, etc.
To block incoming e-mail from IP address 1.2.3.4, I could add the following line to /etc/mail/access: 

1.2.3.4      REJECT

After editing the access file, you need to create a database file. One of the following commands should work in most cases (with /etc/mail as the current directory):


makemap hash access < access
makemap btree access < access

If you add all of the additional lines described in this section, your mc file will look like this:


OSTYPE(linux)
FEATURE(`use_cw_file')
FEATURE(`virtusertable')
FEATURE(`access_db')
MAILER(local)
MAILER(smtp)

Moving beyond your first sendmail.cf

You can learn more about sendmail configuration in many places. Some of the most useful information sources are:

cf/README
If you managed to locate the cf/cf, the cf/ostype, and cf/m4 directories mentioned earlier, you should have no problem finding the cf/README file. It is probably the most current source of information on FEATUREs, definitions and macros that you can use in your sendmail mc file. (The cf/README is your friend!)
The "Bat" Book
Nicknamed because of the picture of a bat on the cover, this is probably the most complete coverage of sendmail in any book. Chapter 4 of the 3rd edition covers creating a sendmail.cf file using m4. (Much of the rest of the book discusses FEATURES, definitions and macros that you can use in your mc file.) Here is its bibliographic information: Bryan Costales with Eric Allman, sendmail. 3rd ed. (O'Reilly, c2003). ISBN: 1-56592-839-3)
Sendmail Installation and Operation Guide
Shipped as part of the sendmail distribution, this is probably the most daunting resource for newbies to grasp. The first obstacle is creating a readable copy of the document. The following might work:
  1. Change to the doc/op directory in the sendmail destribution.
    If you were able to locate the cf/README, you can probably locate doc/op. While in the cf directory (containing the README file), change to the parent directory. Assuming that you see a doc directory, issue the command "cd doc/op".
  2. Decide on the format that you want to view the Guide. In the distribution, it is shipped as a PostScript file (op.ps). If you want to view it in PDF (Portable Document Format) with Adobe Acrobat, issue the command: 
    
make op.pdf
    If that doesn't work, you can generate an ASCII text file with: 
    
make op.txt

Once you have a viewable copy of the Guide, you will notice that much of the information is given in terms of what appears in the sendmail.cf file (as opposed to the mc file). If you find an answer to a question in the Guide and want to incorporate it in your sendmail.cf file, you will need to consult the cf/README and the Bat book to find what changes to add to your mc file to cause the desired changes to appear in the sendmail.cf file.