Thursday, July 7, 2011

Sendmail Relay and SES

Simple Email Service (SES)
Documentation is here: http://docs.amazonwebservices.com/ses/latest/DeveloperGuide/

The API code for SES needs to be installed on the sendmail server
Amazon Linux has the code installed at /opt/aws/bin

There are instructions in the SES documentation for integrating with Sendmail
The documentation instructs edits to the sendmail.cf file
Best practices are to edit the sendmail.mc file and then run the make command

Add the following line to the end of sendmail.mc

Maws-email, P=/opt/aws/ses/ses-send-email.pl, F=mDFMuXn, U=mailuser, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, A=ses-send-email.pl -r -k /opt/aws/aws-credentials -e https://email.us-east-1.amazonaws.com   -f $f $u

P = location of SES scripts - edit as needed
F,S,R,A,f,u = Sendmail options - do not change these
U = mailuser is a local user, create on the instance with no remote access rights
k = location of credential file - edit as needed
-e = SES servers, can be changed but not necessary

After adding the line, run make -C /etc/mail
Restart Sendmail - /etc/init.d/sendmail restart

Follow the remainder of the AWS SES instructions for sendmail setup

Sendmail Changes
Edit /etc/mail/access
Add the following to enable devices within the internal network with 10.* IP addresses to send mail to the relay server
Connect:10 RELAY
Compile the access.db file
makemap hash /etc/mail/access.db < /etc/mail/access
Restart Sendmail - /etc/init.d/sendmail restart

Edit sendmail.mc
Make sure the following line is commented out - the dnl does the commenting
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

Make sure the following lines are active and changed to FH
MASQUERADE_AS(`yourdomain.com')dnl
FEATURE(masquerade_envelope)dnl

After any and all of these changes, run make -C /etc/mail
Restart Sendmail - /etc/init.d/sendmail restart

Testing
PMP has a built in SMTP test utility
Troubleshooting - Review /var/log/maillog

Notes
Documentation for sendmail is scarce or very hard to follow. Sendmail has been around for years and is mature software. But it is opensource and by my definition still a bit confusing. To get sendmail working like I wanted, I used the Googler but never found anything I would consider Bookmark worthy.

After getting the setup working, there are very few steps and it seems easy. But there was not much to start with and there was quite a bit of trial and error.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)