[philiptellis] /bb|[^b]{2}/
Never stop Grokking


Tuesday, April 01, 2008

Gmail SMTP with sendmail

I was speaking with my dad on Skype yesterday when he told me that his mails weren't getting sent out, they were all stuck in his mail queue. Now before we go on, it's important to understand the outgoing mail set up.

My dad's machine has fetchmail fetching mail from various POP3 servers and sorting them into each user's mail spool, and it has sendmail to send mail using gmail's SMTP servers. This is perfectly okay, since my dad uses gmail.

Now if you go through gmail's configuration documentation, they say that you need SMTP over SSL on port 587 with TLS. They also say to use smtp.googlemail.com, but we'll ignore that, because we're not in the UK.

Setting this up requires a few simple steps.
  1. First, create your sendmail certificate:
          cd /usr/share/ssl/certs
    make sendmail.pem
    Note that you can run make usage in this directory for help. Also this directory is created by the openssl package, so make sure you have that.
  2. Next, define the SMART_HOST as esmtp:smtp.gmail.com and add certificate paths:
          define(`SMART_HOST', `esmtp:smtp.gmail.com')dnl
    define(`CERT_DIR', `/usr/share/ssl/certs')
    define(`confCACERT_PATH', `CERT_DIR')
    define(`confCACERT', `CERT_DIR/ca-bundle.crt')
    define(`confCRL', `CERT_DIR/sendmail.pem')
    define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')
    define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')
    define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')
    define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')
  3. Now add PLAIN and LOGIN to confAUTH_MECHANISMS so that it looks like this:
          define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')dnl
    This requires the Cyrus SASL library, which you probably already have
  4. You also need to create an auth-info file that looks something like this:
          youraddress@gmail.com
    youraddress@gmail.com
    yourgmailpassword
    smtp.gmail.com
    Make sure this file is only readable by root.
  5. Now regenerate everything and start sendmail. On RedHat based systems, this is as easy as running /etc/init.d/sendmail restart. On other systems you may have to run make first (or you may not have to use sendmail at all :)
If all went well, you should now be able to send mail using gmail's SMTP server.

Unfortunately, all doesn't go well. Mails don't go out, and in /var/log/maillog, you get errors saying "smtp.gmail.com: No route to host". You can try a traceroute and a ping, and they'll both succeed.

The problem is with that port 587 thing. For whatever reason, sendmail keeps trying port 25 even though 587 is the specified mail submit port, and sometime in the last few days or weeks, gmail stopped accepting mail submits on port 25 (at least that's what it looks like).

So, get back to your config file. This time I didn't know what options to use, but I know more or less what the sendmail.cf syntax means, and how to edit that file, so I edited it directly.

I went down to the line that starts with Mesmtp, and looked for the line below that which said TCP $h, which basically means connect using TCP to the host specified in $h. We need to add the port to this line. Change the line to TCP $h 587 and we're done.

Restart sendmail, and all works.

But this isn't a good solution, because the next time you regenerate sendmail.cf from sendmail.mc, your change will be overwritten.

So, what I did next, was go into /usr/share/sendmail-cf and run grep -r '^Mesmtp' *. The result which stood out was the mailer file. Inside that file, I saw that the TCP $h line was being added by the macro ESMTP_MAILER_ARGS, so, I just needed to add this one line after the SMART_HOST:
      define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
and we're done. Restart sendmail, and the config changes are permanent. All works, and mails go out.

9 comments :

Anonymous
June 02, 2008 2:41 PM

Neat!

Unknown
October 22, 2009 7:39 PM

Hi,
Would you be able to assist with a problem I have with my SMTP/GMail setup? First, I have my mails hosted with GMail and my server is thekingscastlechurch.org.uk.

Second, I have been able to get the Sendmail/GMail setup to work and my server will send mails to other domains successfully. However, when e-mail are directed to accounts on my domain (e.g., info@thekingscastlechurch.org.uk) it doesn't get delivered to Google's SMTP!

Could this be resolved?

Thanks a lot!

Philip
October 22, 2009 8:05 PM

I think you'll have to check with gmail support for that. I'm not affiliated with google.

Unknown
October 22, 2009 8:42 PM

Sorry, I wasn't quite explicit with the description of the problem. I do receive e-mails from other domains, so there isn't a problem with the GMail side of things.

The problem is when my own server - thekingscastlechurch.org.uk - tries to send e-mail to local accounts (for example info@ thekingscastlechurch.org.uk because a user clicked on the contact us form), then my sendmail tries to deliver to the local account rather than pass it on to GMail SMTP servers.

So, I reckon its a sendmail configuration issue.

Thanks again :)

Philip
October 22, 2009 8:52 PM

ah okay.

It's been a while since I've messed around with sendmail, but two things come to mind.

1. your mailertable
2. the local mailer

My guess is that if you just turn off the local mailer, then all mails will be routed through the SMTP server, but you'll have to be careful of mail loops in that case.

Alternately, the mailertable could be set up to route all mail for local users through esmtp

I can't be of any more help without a lot of experimentation.

Unknown
October 22, 2009 8:58 PM

No sweat.
Thanks a lot for the heads-up and narrowing down my search :)

Anonymous
January 12, 2010 10:06 PM

A much easier solution is to use SSMTP if you don't need a full sendmail installation, e.g., if you are just wanting to get administrator emails from your system.

See: Gmail and SSMTP.

Mary
September 18, 2011 6:36 PM

help please :(

echo 'this is a test'| mail -s magdaelenamary@gmail.com magdaelenamary@gmail.com
The program 'mail' can be found in the following packages:
* heirloom-mailx
* mailutils
Try: sudo apt-get install

Philip
September 18, 2011 7:46 PM

Have you tried following the instructions that you pasted above?

Post a Comment

...===...