Sendmail is the default MTA installed with FreeBSD. It accepts mail from MUAs and delivers it to the appropriate mail host, as defined by its configuration. Sendmail can also accept network connections and deliver mail to local mailboxes or to another program.
The configuration files for
Sendmail are located in
/etc/mail. This section describes these
files in more detail.
This access database file defines which hosts or IP addresses have access to the local mail server and what kind of access they have. Hosts listed as
OK, which is the default option, are allowed to send mail to this host as long as the mail's final destination is the local machine. Hosts listed as
REJECTare rejected for all mail connections. Hosts listed as
RELAYare allowed to send mail for any destination using this mail server. Hosts listed as
ERRORwill have their mail returned with the specified mail error. If a host is listed as
SKIP, Sendmail will abort the current search for this entry without accepting or rejecting the mail. Hosts listed as
QUARANTINEwill have their messages held and will receive the specified text as the reason for the hold.
Examples of using these options for both IPv4 and IPv6 addresses can be found in the FreeBSD sample configuration,
# $FreeBSD: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml 48529 2016-04-03 18:57:15Z wblock $ # # Mail relay access control list. Default is to reject mail unless the # destination is local, or listed in /etc/mail/local-host-names # ## Examples (commented out for safety) #From:cyberspammer.com ERROR:"550 We don't accept mail from spammers" #From:okay.cyberspammer.com OK #Connect:sendmail.org RELAY #To:sendmail.org RELAY #Connect:128.32 RELAY #Connect:128.32.2 SKIP #Connect:IPv6:1:2:3:4:5:6:7 RELAY #Connect:suspicious.example.com QUARANTINE:Mail from suspicious host #Connect:[127.0.0.3] OK #Connect:[IPv6:1:2:3:4:5:6:7:8] OK
To configure the access database, use the format shown in the sample to make entries in
/etc/mail/access, but do not put a comment symbol (
#) in front of the entries. Create an entry for each host or network whose access should be configured. Mail senders that match the left side of the table are affected by the action on the right side of the table.
Whenever this file is updated, update its database and restart Sendmail:
makemap hash /etc/mail/access < /etc/mail/access
service sendmail restart
This database file contains a list of virtual mailboxes that are expanded to users, files, programs, or other aliases. Here are a few entries to illustrate the file format:
root: localuser ftp-bugs: joe,eric,paul bit.bucket: /dev/null procmail: "|/usr/local/bin/procmail"
The mailbox name on the left side of the colon is expanded to the target(s) on the right. The first entry expands the
rootmailbox to the
localusermailbox, which is then looked up in the
/etc/mail/aliasesdatabase. If no match is found, the message is delivered to
localuser. The second entry shows a mail list. Mail to
ftp-bugsis expanded to the three local mailboxes
paul. A remote mailbox could be specified as
email@example.com. The third entry shows how to write mail to a file, in this case
/dev/null. The last entry demonstrates how to send mail to a program,
/usr/local/bin/procmail, through a UNIX pipe. Refer to aliases(5) for more information about the format of this file.
Whenever this file is updated, run
newaliasesto update and initialize the aliases database.
This is the master configuration file for Sendmail. It controls the overall behavior of Sendmail, including everything from rewriting email addresses to printing rejection messages to remote mail servers. Accordingly, this configuration file is quite complex. Fortunately, this file rarely needs to be changed for standard mail servers.
The master Sendmail configuration file can be built from m4(1) macros that define the features and behavior of Sendmail. Refer to
/usr/src/contrib/sendmail/cf/READMEfor some of the details.
Whenever changes to this file are made, Sendmail needs to be restarted for the changes to take effect.
This database file maps mail addresses for virtual domains and users to real mailboxes. These mailboxes can be local, remote, aliases defined in
/etc/mail/aliases, or files. This allows multiple virtual domains to be hosted on one machine.
FreeBSD provides a sample configuration file in
/etc/mail/virtusertable.sampleto further demonstrate its format. The following example demonstrates how to create custom entries using that format:
firstname.lastname@example.org root email@example.com firstname.lastname@example.org @example.com joe
This file is processed in a first match order. When an email address matches the address on the left, it is mapped to the local mailbox listed on the right. The format of the first entry in this example maps a specific email address to a local mailbox, whereas the format of the second entry maps a specific email address to a remote mailbox. Finally, any email address from
example.comwhich has not matched any of the previous entries will match the last mapping and be sent to the local mailbox
joe. When creating custom entries, use this format and add them to
/etc/mail/virtusertable. Whenever this file is edited, update its database and restart Sendmail:
makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable
service sendmail restart
In a default FreeBSD installation, Sendmail is configured to only send mail from the host it is running on. For example, if a POP server is available, users will be able to check mail from remote locations but they will not be able to send outgoing emails from outside locations. Typically, a few moments after the attempt, an email will be sent from
MAILER-DAEMONwith a 5.7 Relaying Denied message.
The most straightforward solution is to add the ISP's FQDN to
/etc/mail/relay-domains. If multiple addresses are needed, add them one per line:
your.isp.example.com other.isp.example.net users-isp.example.org www.example.org
After creating or editing this file, restart Sendmail with
service sendmail restart.
Now any mail sent through the system by any host in this list, provided the user has an account on the system, will succeed. This allows users to send mail from the system remotely without opening the system up to relaying SPAM from the Internet.