Email with sendmail and IMAP

by Marion Bates <mbates at>
with much help from William Stearns <wstearns at>

" . $googleAdBlack; ?>

NOTE: If you want to know about setting up authenticated Sendmail with SSL, please refer to this howto.

As root, on your server (soon to be mailserver), edit /etc/mail/local-host-names -- add the domains for which you want to handle email. A template:

# local-host-names - include all aliases for your machine here. 		# (your server's IP)		# probably don't need this, only the next line
Then, edit /etc/mail/access and add your domain(s):
# by default we allow relaying from localhost...
localhost.localdomain	RELAY
localhost				RELAY				RELAY				RELAY				RELAY
Now, edit /etc/ (good idea to make a backup copy first) and find the line that says "# SMTP daemon options". Below that there should be a line that looks like the following:
O DaemonPortOptions=Port=smtp, Name=MTA, Addr=,
Move the Addr= part to its own line and comment it out, leaving:
O DaemonPortOptions=Port=smtp, Name=MTA
This allows sendmail to receive connections from hosts besides localhost. Save changes and restart sendmail.

In a separate terminal, type tail -f /var/log/maillog so you can see what sendmail's doing as you begin testing. From another terminal, type

telnet your-server-ip 25
You should get back something like this:
	Trying Connected to Escape character is '^]'. 220 ESMTP Sendmail 8.11.6/8.11.6; Wed, 9 Oct 2002 11:34:02 -0400
From here on, your entries are left-justified, the server responses are indented:
	250 Hello [], pleased to meet you, wanna get high?


	250 2.1.0 Sender ok


	250 2.1.5 Recipient ok

DATA (return)

	354 Enter mail, end with "." on a line by itself
Type some message, then:
.  (return)

	250 2.0.0 g99FgAK00839 Message accepted for delivery
Exit session and quit telnet.

Make sure that you're not an open spam relay. Do same as above, except use different email addresses, neither of which are listed in local-domains -- for example:

	(Sender ok) 
	(550 5.7.1 Relaying denied. 
	IP name lookup failed [] )
Current versions of sendmail should be configured to deny relaying by default, but make sure.

If, when you send normal email to your new mail accounts, you get majordomo errors regarding name service, check your DNS db records and make sure you defined the MX record properly. Check with dig:

bash-2.05a# dig MX

	; <<>> DiG 9.2.1 <<>> MX
	;; global options: printcmd
	;; Got answer:
	;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11482
	;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

	; IN MX

(Note on dig: You can literally type
dig@some-specific-nameserver-ip MX (enter)
and have it tell you which nameserver "some-specific-nameserver-ip" believes is the mail exchanger (MX) for the comain.)

If all you want to do is be able to receive mail for, then you're basically done. Create a .forward file in your home directory and put your "real" email address in there; now, email sent to will be forwarded to your real address.

If you want to be able to have other various email addresses routed to certain accounts (for example, ""), you can either create accounts for those users (unnecessary) or edit /etc/mail/virtusertable (this file also allows you to have "" and "" go to different accounts, if you are doing multiple virtual hostnames): 	localuser 		anotherlocaluser
Note line 2. If you want to direct "" to a user account on THIS system, do not add -- in other words, if your domain is, and your email account is, just put joeblow in the second column.

Furthermore, there is rule-ordering possible in the virtusertable file. See the following:    user1    user2	user3 	user4 	user5    		user1       	user4
This allows your real users to get their email, and anything else will go to user1. So, if your customers take a guess that you've got a webmaster account (which you may not have explicitly defined) and they try sending email to, user1 (you, probably) will receive it. And this works for your other domains as well. Be careful not to enter this into virtusertable:
Or you get this:
----- The following addresses had permanent fatal errors -----

----- Transcript of session follows ----- ... while talking to >>> RCPT To: <<< 554 5.0.0 rewrite: excessive recursion (max
50), ruleset canonify 554 ... Service unavailable

In other words, sendmail went into a bad loop trying to re-direct email to itself.

Now, if you want to do more than just .forward your domain's mail, i.e., you want to be able to login and send/receive mail from this account directly, you can set up IMAP to do this. Check to see if IMAP is installed (rpm -q imap for RedHat users). If it is, edit /etc/xinetd.d/imap (and imaps if you want to do SSL-enabled IMAP, but you have to generate an SSL certificate first, which I don't know how to do). Find the line that says disable=yes and change it to disable=no. Reload/restart xinetd. Check with netstat to see if IMAP is running:

bash-2.05a# netstat -anp | egrep '(:110|:143|:993)'
tcp        0      0   *               LISTEN      1339/xinetd         
tcp        0      0   *               LISTEN      1339/xinetd    
Port 143 is IMAP, port 993 is IMAPS.

You can test it by hand, as with sendmail, but it's slightly different. Type:

telnet localhost 143

	Connected to localhost.
	Escape character is '^]'.
	* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS AUTH=LOGIN] localhost IMAP4rev1 2001.315rh at Wed, 9 Oct 2002 17:21:51 -0400 (EDT)


	* BYE IMAP4rev1 server terminating connection
	A0001 OK LOGOUT completed
	Connection closed by foreign host.
If you get that, then it's working.

Now configure your mail client (and move/rename your .forward file, if you had one). The fields in your mail client should be self-explanatory -- your mailserver for both IMAP and SMTP is (unless you named it something else in the db file) and your username and password are what you use to log in to your server. In my case, the tricky part was specifying the path to the actual mail -- my client at first thought that my entire home directory was email, and dutifully fetched all my web files etc. and made them into email messages. :) In my client settings, there was a slot for Account Path Prefix (it may have another name in a different client) and I filled in

Such that my email went into /home/mbates/mail. Then it worked just fine. Your Mileage May Vary.

If you want to see what your client sees for folders, take a look at ~/.mailboxlist. You can mess with this manually to make your mail reader re-think its folder list, but that is not for the faint-of-heart. ;)