Contributed by &a.wlloyd;. Electronic Mail configuration is the subject of many System Administration books. If you plan on doing anything beyond setting up one mailhost for your network, you need industrial strength help. Some parts of E-Mail configuration are controlled in the Domain Name System (DNS). If you are going to run your own own DNS server check out /etc/namedb and man -k named for more information. These are the major programs involved in an E-Mail exchange. A “mailhost” is a server that is responsible for delivering and receiving all email for your host, and possibly your network. This is a program like elm, pine, mail, or something more sophisticated like a WWW browser. This program will simply pass off all e-mail transactions to the local “mailhost” , either by calling sendmail or delivering it over TCP. Usually this program is sendmail or smail running in the background. Turn it off or change the command line options in /etc/rc.conf (or, prior to FreeBSD 2.2.2, /etc/sysconfig). It is best to leave it on, unless you have a specific reason to want it off. Example: You are building a Firewall. You should be aware that sendmail is a potential weak link in a secure site. Some versions of sendmail have known security problems. sendmail does two jobs. It looks after delivering and receiving mail. If sendmail needs to deliver mail off your site it will look up in the DNS to determine the actual host that will receive mail for the destination. If it is acting as a delivery agent sendmail will take the message from the local queue and deliver it across the Internet to another sendmail on the receivers computer. The Domain Name System and its daemon named, contain the database mapping hostname to IP address, and hostname to mailhost. The IP address is specified in an A record. The MX record specifies the mailhost that will receive mail for you. If you do not have a MX record mail for your hostname, the mail will be delivered to your host directly. Unless you are running your own DNS server, you will not be able to change any information in the DNS yourself. If you are using an Internet Provider, speak to them. This program gets the mail from your mailbox and gives it to your browser. If you want to run a POP server on your computer, you will need to do 2 things. Get pop software from the Ports collection that can be found in /usr/ports or packages collection. This handbook section has a complete reference on the Ports system. Modify /etc/inetd.conf to load the POP server. The pop program will have instructions with it. Read them. As your FreeBSD system comes “out of the box”[TM], you should be able to send E-mail to external hosts as long as you have /etc/resolv.conf setup or are running a name server. If you want to have mail for your host delivered to your specific host,there are two methods: Run a name server (man -k named) and have your own domain smallminingco.com Get mail delivered to the current DNS name for your host. Ie: dorm6.ahouse.school.edu No matter what option you choose, to have mail delivered directly to your host, you must be a full Internet host. You must have a permanent IP address. IE: NO dynamic PPP. If you are behind a firewall, the firewall must be passing on smtp traffic to you. From /etc/services: smtp 25/tcp mail #Simple Mail Transfer If you want to receive mail at your host itself, you must make sure that the DNS MX entry points to your host address, or there is no MX entry for your DNS name. Try this: &prompt.root; hostname newbsdbox.freebsd.org &prompt.root; host newbsdbox.freebsd.org newbsdbox.freebsd.org has address 204.216.27.xx If that is all that comes out for your machine, mail directory to root@newbsdbox.freebsd.org will work no problems. If instead, you have this: &prompt.root; host newbsdbox.freebsd.org newbsdbox.FreeBSD.org has address 204.216.27.xx newbsdbox.FreeBSD.org mail is handled (pri=10) by freefall.FreeBSD.org All mail sent to your host directly will end up on freefall, under the same username. This information is setup in your domain name server. This should be the same host that is listed as your primary nameserver in /etc/resolv.conf The DNS record that carries mail routing information is the Mail eXchange entry. If no MX entry exists, mail will be delivered directly to the host by way of the Address record. The MX entry for freefall.freebsd.org at one time. freefall MX 30 mail.crl.net freefall MX 40 agora.rdrop.com freefall HINFO Pentium FreeBSD freefall MX 10 freefall.FreeBSD.org freefall MX 20 who.cdrom.com freefall A 204.216.27.xx freefall CNAME www.FreeBSD.org freefall has many MX entries. The lowest MX number gets the mail in the end. The others will queue mail temporarily, if freefall is busy or down. Alternate MX sites should have separate connections to the Internet, to be most useful. An Internet Provider or other friendly site can provide this service. dig, nslookup, and host are your friends. To setup up a network mailhost, you need to direct the mail from arriving at all the workstations. In other words, you want to hijack all mail for *.smallminingco.com and divert it to one machine, your “mailhost”. The network users on their workstations will most likely pick up their mail over POP or telnet. A user account with the same username should exist on both machines. Please use adduser to do this as required. If you set the shell to /nonexistent the user will not be allowed to login. The mailhost that you will be using must be designated the Mail eXchange for each workstation. This must be arranged in DNS (ie BIND, named). Please refer to a Networking book for in-depth information. You basically need to add these lines in your DNS server. pc24.smallminingco.com A xxx.xxx.xxx.xxx ; Workstation ip MX 10 smtp.smallminingco.com ; Your mailhost You cannot do this yourself unless you are running a DNS server. If you do not want to run a DNS server, get somebody else like your Internet Provider to do it. This will redirect mail for the workstation to the Mail eXchange host. It does not matter what machine the A record points to, the mail will be sent to the MX host. This feature is used to implement Virtual E-Mail Hosting. Example I have a customer with domain foo.bar and I want all mail for foo.bar to be sent to my machine smtp.smalliap.com. You must make an entry in your DNS server like: foo.bar MX 10 smtp.smalliap.com ; your mailhost The A record is not needed if you only want E-Mail for the domain. IE: Don't expect ping foo.bar to work unless an Address record for foo.bar exists as well. On the mailhost that actually accepts mail for final delivery to a mailbox, sendmail must be told what hosts it will be accepting mail for. Add pc24.smallminingco.com to /etc/sendmail.cw (if you are using FEATURE(use_cw_file)), or add a Cw myhost.smalliap.com line to /etc/sendmail.cf If you plan on doing anything serious with sendmail you should install the sendmail source. The source has plenty of documentation with it. You will find information on getting sendmail source from the UUCP information. Stolen from the FAQ. The sendmail configuration that ships with FreeBSD is suited for sites that connect directly to the Internet. Sites that wish to exchange their mail via UUCP must install another sendmail configuration file. Tweaking /etc/sendmail.cf manually is considered something for purists. Sendmail version 8 comes with a new approach of generating config files via some m4 preprocessing, where the actual hand-crafted configuration is on a higher abstraction level. You should use the configuration files under /usr/src/usr.sbin/sendmail/cf. If you did not install your system with full sources, the sendmail config stuff has been broken out into a separate source distribution tarball just for you. Assuming you have your CD-ROM mounted, do: &prompt.root; cd /usr/src &prompt.root; tar -xvzf /cdrom/dists/src/ssmailcf.aa Do not panic, this is only a few hundred kilobytes in size. The file README in the cf directory can serve as a basic introduction to m4 configuration. For UUCP delivery, you are best advised to use the mailertable feature. This constitutes a database that sendmail can use to base its routing decision upon. First, you have to create your .mc file. The directory /usr/src/usr.sbin/sendmail/cf/cf is the home of these files. Look around, there are already a few examples. Assuming you have named your file foo.mc, all you need to do in order to convert it into a valid sendmail.cf is: &prompt.root; cd /usr/src/usr.sbin/sendmail/cf/cf &prompt.root; make foo.cf If you don't have a /usr/obj hiearchy, then: &prompt.root; cp foo.cf /etc/sendmail.cf Otherwise: &prompt.root; cp /usr/obj/`pwd`/foo.cf /etc/sendmail.cf A typical .mc file might look like: include(`../m4/cf.m4') VERSIONID(`Your version number') OSTYPE(bsd4.4) FEATURE(nodns) FEATURE(nocanonify) FEATURE(mailertable) define(`UUCP_RELAY', your.uucp.relay) define(`UUCP_MAX_SIZE', 200000) MAILER(local) MAILER(smtp) MAILER(uucp) Cw your.alias.host.name Cw youruucpnodename.UUCP The nodns and nocanonify features will prevent any usage of the DNS during mail delivery. The UUCP_RELAY clause is needed for bizarre reasons, do not ask. Simply put an Internet hostname there that is able to handle .UUCP pseudo-domain addresses; most likely, you will enter the mail relay of your ISP there. Once you have this, you need this file called /etc/mailertable. A typical example of this gender again: # # makemap hash /etc/mailertable.db < /etc/mailertable # horus.interface-business.de uucp-dom:horus .interface-business.de uucp-dom:if-bus interface-business.de uucp-dom:if-bus .heep.sax.de smtp8:%1 horus.UUCP uucp-dom:horus if-bus.UUCP uucp-dom:if-bus . uucp-dom:sax As you can see, this is part of a real-life file. The first three lines handle special cases where domain-addressed mail should not be sent out to the default route, but instead to some UUCP neighbor in order to “shortcut” the delivery path. The next line handles mail to the local Ethernet domain that can be delivered using SMTP. Finally, the UUCP neighbors are mentioned in the .UUCP pseudo-domain notation, to allow for a uucp-neighbor!recipient override of the default rules. The last line is always a single dot, matching everything else, with UUCP delivery to a UUCP neighbor that serves as your universal mail gateway to the world. All of the node names behind the uucp-dom: keyword must be valid UUCP neighbors, as you can verify using the command uuname. As a reminder that this file needs to be converted into a DBM database file before being usable, the command line to accomplish this is best placed as a comment at the top of the mailertable. You always have to execute this command each time you change your mailertable. Final hint: if you are uncertain whether some particular mail routing would work, remember the -bt option to sendmail. It starts sendmail in “address test mode”; simply enter 0, followed by the address you wish to test for the mail routing. The last line tells you the used internal mail agent, the destination host this agent will be called with, and the (possibly translated) address. Leave this mode by typing Control-D. &prompt.user; sendmail -bt ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> > 0 foo@interface-business.de rewrite: ruleset 0 input: foo @ interface-business . de … rewrite: ruleset 0 returns: $# uucp-dom $@ if-bus $: foo < @ interface-business . de Migration from FAQ. You will probably find that the host is actually in a different domain; for example, if you are in foo.bar.edu and you wish to reach a host called mumble in the bar.edu domain, you will have to refer to it by the fully-qualified domain name, mumble.bar.edu, instead of just mumble. Traditionally, this was allowed by BSD BIND resolvers. However the current version of BIND that ships with FreeBSD no longer provides default abbreviations for non-fully qualified domain names other than the domain you are in. So an unqualified host mumble must either be found as mumble.foo.bar.edu, or it will be searched for in the root domain. This is different from the previous behavior, where the search continued across mumble.bar.edu, and mumble.edu. Have a look at RFC 1535 for why this was considered bad practice, or even a security hole. As a good workaround, you can place the line search foo.bar.edu bar.edu instead of the previous domain foo.bar.edu into your /etc/resolv.conf. However, make sure that the search order does not go beyond the “boundary between local and public administration”, as RFC 1535 calls it. This is answered in the sendmail FAQ as follows: * I am getting "Local configuration error" messages, such as: 553 relay.domain.net config error: mail loops back to myself 554 <user@domain.net>... Local configuration error How can I solve this problem? You have asked mail to the domain (e.g., domain.net) to be forwarded to a specific host (in this case, relay.domain.net) by using an MX record, but the relay machine does not recognize itself as domain.net. Add domain.net to /etc/sendmail.cw (if you are using FEATURE(use_cw_file)) or add "Cw domain.net" to /etc/sendmail.cf. The sendmail FAQ is in /usr/src/usr.sbin/sendmail and is recommended reading if you want to do any “tweaking” of your mail setup. You want to connect a FreeBSD box on a lan, to the Internet. The FreeBSD box will be a mail gateway for the lan. The PPP connection is non-dedicated. There are at least two way to do this. The other is to use UUCP. The key is to get a Internet site to provide secondary MX services for your domain. For example: bigco.com. MX 10 bigco.com. MX 20 smalliap.com. Only one host should be specified as the final recipient ( add Cw bigco.com in /etc/sendmail.cf on bigco.com). When the senders sendmail is trying to deliver the mail it will try to connect to you over the modem link. It will most likely time out because you are not online. sendmail will automatically deliver it to the secondary MX site, ie your Internet provider. The secondary MX site will try every (sendmail_flags = "-bd -q15m" in /etc/rc.conf ) 15 minutes to connect to your host to deliver the mail to the primary MX site. You might wat to use something like this as a login script. #!/bin/sh # Put me in /usr/local/bin/pppbigco ( sleep 60 ; /usr/sbin/sendmail -q ) & /usr/sbin/ppp -direct pppbigco If you are going to create a separate login script for a user you could use sendmail -qRbigco.com instead in the script above. This will force all mail in your queue for bigco.com to be processed immediately. A further refinement of the situation is as follows. Message stolen from the freebsd-isp mailing list. > we provide the secondary mx for a customer. The customer connects to > our services several times a day automatically to get the mails to > his primary mx (We do not call his site when a mail for his domains > arrived). Our sendmail sends the mailqueue every 30 minutes. At the > moment he has to stay 30 minutes online to be sure that all mail is > gone to the primary mx. > > Is there a command that would initiate sendmail to send all the mails > now? The user has not root-privileges on our machine of course. In the 'privacy flags' section of sendmail.cf, there is a definition Opgoaway,restrictqrun Remove restrictqrun to allow non-root users to start the queue processing. You might also like to rearrange the MXs. We are the 1st MX for our customers like this, and we have defined: # If we are the best MX for a host, try directly instead of generating # local config error. OwTrue That way a remote site will deliver straight to you, without trying the customer connection. You then send to your customer. Only works for "hosts", so you need to get your customer to name their mail machine "customer.com" as well as "hostname.customer.com" in the DNS. Just put an A record in the DNS for "customer.com".