How to Set up Sendmail to Allow Email Relay from a Specific IP? Read the article to learn more.

Email Relay involves forwarding email messages from one server to another. When configured, Sendmail can accept and forward emails from a trusted IP address without further authentication.

Prerequisites

• Root or Sudo Access: Administrative privileges are required for configuration.

• Backup Configuration Files: Always back up the Sendmail configuration files to prevent data loss:

sudo cp -r /etc/mail /etc/mail.bak

Steps Needed

Step 1: Edit the Access Database

The access database controls which systems can relay emails via Sendmail.

Open the Access File:

Edit the /etc/mail/access file using a text editor:

sudo vim /etc/mail/access

Add IP Address Entry:

Allow relaying for a specific IP address by adding:

Connect:XXX.XXX.X.XXX RELAY

Replace XXX.XXX.X.XXX with the desired IP address.

Allow Multiple IPs:

To allow relaying for multiple IPs, add a line for each IP in the same format:

Connect:192.168.1.100 RELAY
Connect:192.168.1.101 RELAY

Save and Exit:

Save the file and exit the editor.

Step 2: Rebuild the Access Database

Rebuild the access database to make the changes effective.

Run the following command to create a new access.db file:

sudo makemap hash /etc/mail/access < /etc/mail/access

Step 3: Edit the Main Configuration File

Open sendmail.mc:

Edit the /etc/mail/sendmail.mc file:

sudo vim /etc/mail/sendmail.mc

Uncomment Authentication Options:

Ensure the authentication line is not commented out. Modify:

dnl define(`confAUTH_OPTIONS’, `A p’)dnl

To:

define(`confAUTH_OPTIONS’, `A p’)dnl

Check for SMTP Authentication (optional):

If SMTP authentication is used, verify this line exists:

FEATURE(`authinfo’, `hash -o /etc/mail/authinfo/authinfo.db’)dnl

Save and Exit:

Save changes and close the file.

Step 4: Regenerate Configuration Files

Compile the changes into the sendmail.cf file.

Run the following command:

sudo make -C /etc/mail

Step 5: Restart the Sendmail Service

Restart the Sendmail service to apply the new configuration.

Restart Command:

sudo service sendmail restart

Verify Service Status (optional):

Check if the service is running correctly:

sudo service sendmail status

Step 6: Test Email Relay

To confirm the setup, send a test email from the configured IP address.

Send Test Email:

Run the following command:

echo “Test email from $(hostname -f)” | mail -s “Test Email” recipient@example.com

Check Logs:

Review mail logs for success or error messages:

sudo tail /var/log/maillog

Important Considerations

1. Open relaying can expose the server to spam abuse. Restrict relaying strictly to trusted IP addresses.

2. Regularly review /var/log/maillog for suspicious activity or unauthorized relay attempts.

3. Combining IP-based relay with SMTP authentication adds an extra layer of security.