# Sendmail general noob question...



## fred974 (Aug 30, 2013)

Hi guys,

Why do all the tutorials/howtos I came across on the web have 
	
	



```
sendmail_enable="NO"
```
 Is there a major security reason for it?

I just added the following in my /etc/crontab to keep my system secure 
	
	



```
# Daily check for security updates
@daily                                  root    freebsd-update cron
```

I then changed the /etc/aliases file with to get the email inside our own e-mail mailbox:

```
root: me@example.com
```
 then did a `make` inside /etc/mail.

When I do mail root, I get no email. Could anyone help please? Thank you*.*

Fred


----------



## SirDice (Aug 30, 2013)

Did you run newaliases(1) after you made changes to /etc/aliases?


----------



## ondra_knezour (Aug 30, 2013)

SirDice said:
			
		

> Did you run newaliases(1) after you made changes to /etc/aliases?



Should not be needed, if I got the /etc/mail/Makefile right. Running `make` should call `sendmail -bi` the same way like newaliases does.


----------



## fred974 (Aug 30, 2013)

SirDice said:
			
		

> Yes, setting this (it's the default by the way) enables sendmail but only allows local submissions. Setting it to YES will make sendmail listen to external connections.
> 
> 
> Did you run newaliases(1) after you made changes to /etc/aliases?



No I didn't ... I just ran `newaliases -rebuilds` but I am still unable to receive any email.

Have I missed anything else?

Here is my rc.conf file

```
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
```

Thank you*.*

fred


----------



## SirDice (Aug 30, 2013)

Remove all those sendmail entries from rc.conf. The default settings are fairly safe, it will only accept locally submitted mail.


----------



## fred974 (Aug 30, 2013)

SirDice said:
			
		

> Remove all those sendmail entries from rc.conf. The default settings are fairly safe, it will only accept locally submitted mail.



Sorry @SirDice, is this what you ask me to do:

```
#sendmail_enable="NO"
#sendmail_submit_enable="NO"
#sendmail_outbound_enable="NO"
#sendmail_msp_queue_enable="NO"
```


----------



## SirDice (Aug 30, 2013)

Yes, then restart sendmail: `service sendmail restart`. Check if it's running and listening: `sockstat -46 | grep sendmail`. You should see something like this:

```
root     sendmail   938   3  tcp4   127.0.0.1:25          *:*
```

The settings you had before disabled sendmail completely. So there was nothing to submit mail to (sendmail_submit_enable) and nothing to pass it to an external mail server (sendmail_outbound_enable).


----------



## fred974 (Aug 30, 2013)

Thank you @SirDice, 

If I comment all the setting as above, I cannot start sendmail as 

```
Cannot 'start' sendmail. Set sendmail_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'.
root@beasty:/usr/home/sysadmin # service sendmail onestart
```
So I did a `service sendmail onestart`a and i did get `root     sendmail   2892  3  tcp4   127.0.0.1:25          *:*`

But still no email.

```
mail root
Subject: test email
please work
EOT
```

Do I need to open a specific port on my home router?


----------



## kpa (Aug 30, 2013)

There's a little snag with the integration between service(8) and the /etc/rc.d/sendmail script. If you don't have sendmail_enable set to YES you have do this instead to restart the sendmail(8) service:

`cd /etc/mail`
`make restart`


----------



## fred974 (Aug 30, 2013)

kpa said:
			
		

> There's a little snag with the integration between service(8) and the /etc/rc.d/sendmail script. If you don't have sendmail_enable set to YES you have do this instead to restart the sendmail(8) service:
> 
> `cd /etc/mail`
> `make restart`



Thanks for the reply @kpa*.* When I typed `cd /etc/mail` and `make restart` I get the following:

```
root@beasty:/etc/mail # make restart
Restarting:/etc/rc.sendmail: restart-mta: /var/run/sendmail.pid not found
/etc/rc.sendmail: restart-mspq: /var/spool/clientmqueue/sm-client.pid not found
```


----------



## kpa (Aug 30, 2013)

That means that there was no sendmail(8) running, the "not found" messages are from `make stop` that the `make restart` command executes before doing `make start`.

Check with `sockstat -l4 -p25` that the daemon is running.


----------



## SirDice (Aug 30, 2013)

I don't think it was ever started. So a restart won't work. Try this: `/etc/rc.d/sendmail start`.


----------



## fred974 (Aug 30, 2013)

Ok... I'm not losing the plot! It looks like it is the third party mail host that does not accept my emails.

I have set a fixed IP address on the server but I take it it is only recognised a been fix at home Will and email to Zohoo mail resolve the issue or do I need to use something like no-ip?


```
Message 17:
From MAILER-DAEMON Fri Aug 30 14:17:08 2013
Date: Fri, 30 Aug 2013 14:17:08 GMT
From: Mail Delivery Subsystem <MAILER-DAEMON>
To: <sysadmin@beasty.example.co.uk>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
        boundary="r7UEH8CT001348.1377872228/beasty.example.co.uk"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)

This is a MIME-encapsulated message

--r7UEH8CT001348.1377872228/beasty.example.co.uk

The original message was received at Fri, 30 Aug 2013 14:17:07 GMT
from localhost [127.0.0.1]

   ----- The following addresses had permanent fatal errors -----
webmaster@example.co.uk
    (reason: 451 4.4.1 reply: read error from mx.zohomail.com.)
    (expanded from: <root@beasty.example.co.uk>)

   ----- Transcript of session follows -----
... while talking to mx.zohomail.com.:
>>> DATA
<<< 550 Mail rejected by <Zoho Mail> for policy reasons. We generally do not accept email from dynamic IP's as they are typically used to deliver unauthenticated SMTP e-mail to an Internet mail server. http://www.spamhaus.org maintains lists of dynamic and residential IP addresses. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please contact <support@zohomail.com> for email delivery information and support
451 4.4.1 reply: read error from mx.zohomail.com.
554 5.0.0 Service unavailable

--r7UEH8CT001348.1377872228/beasty.example.co.uk
Content-Type: message/delivery-status

Reporting-MTA: dns; beasty.example.co.uk
Received-From-MTA: DNS; localhost
Arrival-Date: Fri, 30 Aug 2013 14:17:07 GMT

Final-Recipient: RFC822; root@beasty.example.co.uk
X-Actual-Recipient: RFC822; webmaster@example.co.uk
Action: failed
Status: 4.4.2
Remote-MTA: DNS; mx.zohomail.com
Diagnostic-Code: SMTP; 451 4.4.1 reply: read error from mx.zohomail.com.
Last-Attempt-Date: Fri, 30 Aug 2013 14:17:08 GMT

--r7UEH8CT001348.1377872228/beasty.example.co.uk
Content-Type: message/rfc822

Return-Path: <sysadmin@beasty.example.co.uk>
Received: from beasty.example.co.uk (localhost [127.0.0.1])
        by beasty.example.co.uk (8.14.5/8.14.5) with ESMTP id r7UEH7CT001347
        for <root@beasty.example.co.uk>; Fri, 30 Aug 2013 14:17:07 GMT
        (envelope-from sysadmin@beasty.example.co.uk)
Received: (from root@localhost)
        by beasty.example.co.uk (8.14.5/8.14.5/Submit) id r7UEH7UW001346
        for root; Fri, 30 Aug 2013 14:17:07 GMT
        (envelope-from sysadmin)
Date: Fri, 30 Aug 2013 14:17:07 GMT
From: Ets IT Services <sysadmin@beasty.example.co.uk>
Message-Id: <201308301417.r7UEH7UW001346@beasty.example.co.uk>
To: root@beasty.example.co.uk
Subject: test

test

--r7UEH8CT001348.1377872228/beasty.example.co.uk--
```


----------

