Archive for the tag 'sendmail'

Setting up sendmail over SSL on Ensim Pro Control Panel for Linux

Login as root on your Ensim Pro Control Panel for Linux box

Backup your current sendmail conf file

cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.bak

Prepare sendmail’s certificate

cd /usr/share/ssl/certs
make sendmail.pem

You will be prompted with several questions typical for SSL certificate generation)

Backup /usr/lib/opcenter/sendmail/install/sendmail.mc file

cp /usr/lib/opcenter/sendmail/install/sendmail.mc /usr/lib/opcenter/sendmail/install/sendmail.mc.bak

Edit /usr/lib/opcenter/sendmail/install/sendmail.mc file

vi /usr/lib/opcenter/sendmail/install/sendmail.mc

Uncomment the following lines to point to your generated certificate

define(`confCACERT_PATH’,`/usr/share/ssl/certs’)
define(`confCACERT’,`/usr/share/ssl/certs/ca-bundle.crt’)
define(`confSERVER_CERT’,`/usr/share/ssl/certs/sendmail.pem’)
define(`confSERVER_KEY’,`/usr/share/ssl/certs/sendmail.pem’)

Add DAEMON_OPTIONS to make sendmail listen on port 465
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA’)dnl
DAEMON_OPTIONS(`Port=smtps, Name=SSLMTA, M=s’)dnl

Rebuild sendmail conf file

m4 /usr/lib/opcenter/sendmail/install/sendmail.mc > /etc/mail/sendmail.cf

Restart sendmail

/sbin/service sendmail restart

You can check if sendmail is listening on 465 port by issuing command

netstat –nlp | grep 465

Reference: http://parallels.com

SBDavid

Securing Sendmail

Securing Sendmail

Note that it is recommended to use Postfix over Sendmail for various security reasons.

On newer Linux systems Sendmail is configured to run in the background for local mail delivery and not to accept incoming network connections. If your server is not a mail or relay server, then it is important that Sendmail is not accepting incoming network connections from any host other than the local server.

The default sendmail.cf configuration file on RedHat does not allow Sendmail to accept incoming network connections. The following setting in /etc/mail/sendmail.cf tells Sendmail not to accept incoming network connections from servers other than the local node:

DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA

If that’s not the case on your system, you can change it by setting or uncommenting the DAEMON_OPTIONS parameter in the /etc/mail/sendmail.mc file.

Uncomment the DAEMON_OPTIONS line in /etc/mail/sendmail.mc to read:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA’)dnl

Then run:

# mv /etc/mail/sendmail.cf /etc/mail/sendmail.cf.old
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# /etc/init.d/sendmail restart

To verify whether Sendmail is still listening for incoming network request, you can run one of the following commands from another node (make sure that you have permissions to probe a machine):

# nmap -sT -p 25 [ip address]
# telnet [ip address] 25

Unable to enable sendmail in Virtuzzo Power Panel (VZPP)

The exact issue :

Unable to enable sendmail using “Virtuzzo -> system services -> xinetd (tab) -> sendmail” section.

This is mainly occurring due to one entry /etc/xinetd.d/sendmail file. In order to fix this issue, do the following:

Modify :
service smtp
{
disable=yes
socket_type = stream
protocol = tcp
wait = no
user = root
group = root
server = /usr/sbin/sendmail
server_args = -bs -Am
nice = 5
instances = 10
}

Modify it to :

service smtp
{
disable=no
socket_type = stream
protocol = tcp
wait = no
user = root
group = root
server = /usr/sbin/sendmail
server_args = -bs -Am
nice = 5
instances = 10
}

restart the xinetd using:

/etc/init.d/xinetd restart

Verify the sendmail status using “Virtuzzo -> system services -> xinetd (tab) -> sendmail”. You can see that the status of sendmail now changed to “enabled”.

SBDavid

Enable Sendmail in FreeBSD

Enable Sendmail in FreeBSD

This can be enabled in the rc.conf file at ‘/etc/rc.conf’.

Check for the following variable “sendmail_enable”.

If set to “NO”, specifies sendmail to only listen on localhost.

sendmail_enable=”NO”

Checking netstat result.

$ netstat -na |grep LIST | grep 25
tcp4 0 0 127.0.0.1.25 *.* LISTEN

If set to “YES”, allows remote connections.

sendmail_enable=”YES”

If set to “NONE”, disables the sendmail daemon.

sendmail_enable=”NONE”
SBDavid

Flush mail queue in sendmail

Flush mail queue in sendmail

To flush the mail queue manually in sendmail servers, use

$ /usr/sbin/sendmail -q -v

Better way

Make a backup of the existing queue directory.

$ mv mqueue mqueue.bak

Create the ‘mqueue’ directory with the same permissions and ownership. Then, type in

$ /usr/sbin/sendmail -q -v -OQueueDirectory=/var/spool/mqueue.bak

You can use the same command to flush any sendmail queue as some servers have multiple queue setup like mqueue, mqueue.site, clientmqueue, q1, q2 etc.

Next »