Email Service Configuration

About Email Programs

A Mail User Agent is an email client application that allows you to create and read email messages, set up mailboxes to store and organize messages, and send outbound messages to a Mail Transfer Agent (MTA). Many MUAs can also retrieve email messages from remote servers using the Post Office Protocol (POP) or Internet Message Access Protocol (IMAP).

A Mail Transfer Agent (MTA) transports email messages between systems by using the Simple Mail Transport Protocol (SMTP). The mail delivery services from the client program to a destination server possibly traverses several MTAs in its route. Oracle Linux offers two MTAs, Postfix and Sendmail, and also includes the special purpose MTA, Fetchmail for use with SLIP and PPP.

A Mail Delivery Agent (MDA) performs the actual delivery of an email message. The MTA invokes an MDA, such as Procmail, to place incoming email in the recipient’s mailbox file. MDAs distribute and sort messages on the local system that email client application can access.

About Email Protocols

Several different network protocols are required to deliver email messages. These protocols work together to allow different systems, often running different operating systems and different email programs, to send, transfer, and receive email.

About SMTP

The Simple Mail Transfer Protocol (SMTP) is a transport protocol that provides mail delivery services between email client applications and servers, and between the originating server and the destination server. You must specify the SMTP server when you configure outgoing email for an email client application.

SMTP does not require authentication. Anyone can use SMTP to send email, including junk email and unsolicited bulk email. If you administer an SMTP server, you can configure relay restrictions that limit users from sending email through it. Open relay servers do not have any such restrictions. Both Postfix and Sendmail are SMTP server programs that use SMTP. Unless you own a domain in which you want to receive email, you do not need to set up an SMTP server.

About POP and IMAP

The Post Office Protocol (POP) is an email access protocol that email client applications use to retrieve email messages from the mailbox on a remote server, typically maintained by an Internet Service Provider (ISP). POP email clients usually delete the message on the server when it has been successfully retrieved or within a short time period thereafter.

The Internet Message Access Protocol (IMAP) is an email access protocol that email client applications use to retrieve email messages from a remote server, typically maintained by their organization. The entire message is downloaded only when you open it, and you can delete messages from the server without first downloading them. Email is retained on the server when using IMAP.

Both POP and IMAP allow you to manage mail folders and create multiple mail directories to organize and store email.

The dovecot package provides the dovecot service that implements both an IMAP server and a POP server.

By default, the dovecot service runs IMAP and POP together with their secure versions that use Secure Socket Layer (SSL) encryption for client authentication and data transfer sessions. The IMAP and POP servers provided by dovecot are configured to work as installed. It is usually unnecessary to modify the configuration file, /etc/dovecot.conf.

For more information, see the dovecot(1) manual page and /usr/share/doc/dovecot-version.

About the Postfix SMTP Server

Postfix is configured as the default MTA on Oracle Linux. Although Postfix does not have as many features as Sendmail, it is easier to administer than Sendmail and its features are sufficient to meet the requirements of most installations. You should only use Sendmail if you want to use address re-writing rules or mail filters (milters) that are specific to Sendmail. Most mail filters function correctly with Postfix. If you do use Sendmail, disable or uninstall Postfix to avoid contention over network port usage.

Postfix has a modular design that consists of a primary daemon and several smaller processes. Postfix stores its configuration files in the /etc/postfix directory, including:

access: Specifies which hosts are allowed to connect to Postfix.
main.cf: Contains global configuration options for Postfix.
master.cf: Specifies how the Postfix master daemon and other Postfix processes interact to deliver email.
transport: Specifies the mapping between destination email addresses and relay hosts.

By default, Postfix does not accept network connections from any system other than the local host. To enable mail delivery for other hosts, edit /etc/postfix/main.cf and configure their domain, host name, and network information.

Restart the Postfix service after making any configuration changes:

sudo systemctl restart postfix

For more information, see postfix(1) and other Postfix manual pages, Forwarding Email, /usr/share/doc/postfix-version, and http://www.postfix.org/documentation.html.

About the Sendmail SMTP Server

Sendmail is highly configurable and is the most commonly used MTA on the Internet. Sendmail is mainly used to transfer email between systems, but it is capable of controlling almost every aspect of how email is handled.

Sendmail is distributed in the following packages:

procmail: Contains Procmail, which acts as the default local MDA for Sendmail. This package is installed as a dependency of the sendmail package.
sendmail: Contains the Sendmail MTA.
sendmail-cf: Contains configuration files for Sendmail.

To install the Sendmail packages, enter:

sudo yum install sendmail sendmail-cf

For more information, see the sendmail(8) manual page .

About Sendmail Configuration Files

The main configuration file for Sendmail is /etc/mail/sendmail.cf, which is not intended to be manually edited. Instead, make any configuration changes in the /etc/mail/sendmail.mc file.

If you want Sendmail to relay email from other systems, change the following line in sendmail.mc:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

so that it reads:

dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

The leading dnl stands for delete to new line, and effectively comments out the line.

After you have edited sendmail.mc, restart the sendmail service to regenerate sendmail.cf:

sudo systemctl restart sendmail

Alternatively, you can use the make script in /etc/mail:

sudo /etc/mail/make all

However, Sendmail does not use the regenerated configuration file until you restart the server.

Other important Sendmail configuration files in /etc/mail include:

access

Configures a relay host that processes outbound mail from the local host to other systems. This is the default configuration:

Connect: localhost.localdomain      RELAY
Connect: localhost                  RELAY
Connect: 127.0.0.1                  RELAY

To configure Sendmail to relay mail from other systems on a local network, add an entry such as the following:

Connect: 192.168.2                    RELAY

mailertable

Configures forwarding of email from one domain to another. The following example forwards email sent to the yourorg.org domain to the SMTP server for the mydom.com domain:

yourorg.org        smtp:[mydom.com]

virtusertable

Configures serving of email to multiple domains. Each line starts with a destination address followed by the address to which Sendmail forwards the email. For example, the following entry forwards email addressed to any user at yourorg.org to the same user name at mydom.com:

@yourorg.org           %1@mydom.com

Each of these configuration files has a corresponding database (.db) file in /etc/mail that Sendmail reads. After making any changes to any of the configuration files, restart the sendmail service. To regenerate the database files, run the /etc/mail/make all command. As for sendmail.cf, Sendmail does not use the regenerated database files until you restart the server.

Forwarding Email

You can forward incoming email messages with the Postfix local delivery agent or with Sendmail by configuring the /etc/aliases file. Entries in this file can map inbound addresses to local users, files, commands, and remote addresses.

The following example redirects email for postmaster to root, and forwards email sent to admin on the local system to several other users, including usr04, who is on a different system:

postmaster:   root
admin:        usr01, usr02, usr03, usr04@another-system.com

To direct email to a file, specify an absolute path name instead of the destination address. To specify a command, precede it with a pipe character (|). The next example erases email sent to nemo by sending it to /dev/null, and runs a script named aggregator to process emails sent to fixme:

nemo:         /dev/null
fixme:        |/usr/local/bin/aggregator

After changing the file, run the command newaliases to rebuild the indexed database file.

For more information, see the aliases(5) manual page.

Configuring a Sendmail Client

A Sendmail client sends outbound mail to another SMTP server, which is typically administered by an ISP or the IT department of an organization, and this server then relays the email to its destination.

To configure a Sendmail client:

If the account on the SMTP server requires authentication:
1. Create an auth directory under /etc/mail that is accessible only to root:
```
sudo mkdir /etc/mail/auth
sudo chmod 700 /etc/mail/auth
```
2. In the auth directory, create a file smtp-auth that contains the authentication information for the SMTP server, for example:
```
sudo echo 'AuthInfo:smtp.isp.com: "U:username" "P:password"' > /etc/mail/auth/smtp-auth
```
  In the previous command, smtp.isp.com is the FQDN of the SMTP server, and username and password are the name and password of the account.
3. Create the database file from smtp-auth, and make both files read-writable only by root:
```
cd /etc/mail/auth
makemap hash smtp-auth < smtp-auth
chmod 600 smtp-auth smtp-auth.db
```
Edit /etc/mail/sendmail.mc, and change the following line:
```
dnl define('SMART_host', 'smtp.your.provider')dnl
```
to read:
```
define('SMART_host', 'smtp.isp.com')dnl
```
In the previous command, smtp.isp.com is the FQDN of the SMTP server.
If the account on the SMTP server requires authentication, add the following lines after the line that defines SMART_host:
```
define('RELAY_MAILER_ARGS', 'TCP $h port')dnl
define('confAUTH_MECHANISMS', 'EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE('authinfo','hash /etc/mail/auth/smtp-auth.db')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
```
In the previouis command, port is the port number that is used by the SMTP server (for example, 587 for SMARTTLS or 465 for SSL/TLS).
Edit /etc/sysconfig/sendmail and set the value of DAEMON to no:
```
DAEMON=no
```
This entry disables sendmail from listening on port 25 for incoming email.
Restart the sendmail service:
```
sudo systemctl restart sendmail
```
To test the configuration, send email to an account in another domain.

This configuration does not receive or relay incoming email. You can use a client application to receive email via POP or IMAP.