Minimal Sendmail Configuration for Outbound-Only Email Alerts on Linux Servers


2 views

When you install sendmail on Ubuntu by default, it's configured as a local mail transfer agent (MTA) that queues messages in /var/spool/mail. While this works for system notifications between local users, it fails when you need to send alerts to external email addresses - exactly what most server administrators need for monitoring purposes.

Complete mail server configurations (like those for Postfix or Sendmail) involve:

  • DNS MX records
  • SPF/DKIM/DMARC authentication
  • SMTP AUTH configuration
  • Port 25 opening
  • Anti-spam measures

For simple alerting, this is massive overkill. We just need to relay messages through an existing SMTP server.

Edit your sendmail configuration file:

# Terminal commands:
sudo nano /etc/mail/sendmail.mc

Add these lines before the final MAILER_DEFINITIONS:

define(SMART_HOST', smtp.yourprovider.com')dnl
define(RELAY_MAILER_ARGS', TCP $h 587')dnl
define(ESMTP_MAILER_ARGS', TCP $h 587')dnl
define(confAUTH_OPTIONS', A p')dnl
TRUST_AUTH_MECH(EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(confAUTH_MECHANISMS', EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

Create/edit the sendmail authentication file:

sudo nano /etc/mail/authinfo

Add your credentials in this format:

AuthInfo:smtp.yourprovider.com "U:your-username" "P:your-password" "M:PLAIN"

Then process the authentication file:

sudo makemap hash /etc/mail/authinfo < /etc/mail/authinfo

After rebuilding your sendmail config (sudo make -C /etc/mail and restarting sendmail), test with:

echo "Test message" | mail -s "Sendmail Test" you@external.com

Check your mail logs for errors:

tail -f /var/log/mail.log

If you prefer a lighter solution:

sudo apt install ssmtp
sudo nano /etc/ssmtp/ssmtp.conf

Basic configuration:

root=your-email@gmail.com
mailhub=smtp.gmail.com:587
AuthUser=your-email@gmail.com
AuthPass=your-password
UseTLS=YES
UseSTARTTLS=YES
hostname=your-server-name

For regular error alerts via cron:

0 * * * * /usr/bin/logger "Hourly test" | mail -s "Cron Test" admin@yourdomain.com

Or for application monitoring:

*/5 * * * * /usr/local/bin/monitor_script.sh 2>&1 | mail -s "App Alert" admin@yourdomain.com

Common issues and fixes:

  • Authentication failed - Verify credentials and that "Less Secure Apps" is enabled if using Gmail
  • Connection timeout - Check firewall rules for outbound port 587
  • Messages stuck in queue - Run sendmail -q to force processing
  • DNS resolution - Ensure your server can resolve the SMTP hostname

When administering remote Linux servers, we often need basic email notification capabilities without running a full mail server. The default Sendmail configuration in Ubuntu queues messages locally in /var/spool/mail, failing to deliver them externally.

For server monitoring, cron jobs, or application alerts, we need reliable outbound-only email functionality with minimal configuration overhead. Full mail server setups (like Postfix) introduce unnecessary complexity for this simple use case.

  • Ubuntu/Debian server (tested on 20.04/22.04 LTS)
  • sudo privileges
  • Working DNS resolution
  • SMTP relay credentials (if required)
sudo apt update
sudo apt install sendmail mailutils

Create or modify /etc/mail/sendmail.mc:

dnl Basic configuration
define(SMART_HOST', smtp.yourprovider.com')dnl
define(RELAY_MAILER_ARGS', TCP $h 587')dnl
define(ESMTP_MAILER_ARGS', TCP $h 587')dnl
FEATURE(authinfo', hash -o /etc/mail/authinfo.db')dnl

Create /etc/mail/authinfo:

AuthInfo:smtp.yourprovider.com "U:your_username" "P:your_password" "M:PLAIN"

Then generate the hash database:

sudo makemap hash /etc/mail/authinfo.db < /etc/mail/authinfo
sudo chmod 600 /etc/mail/authinfo.db
sudo sendmailconfig

Send a test email:

echo "Test message" | mail -s "Sendmail Test" your@email.com

For even simpler setups, consider ssmtp:

sudo apt install ssmtp
# Configure /etc/ssmtp/ssmtp.conf:
root=your@email.com
mailhub=smtp.yourprovider.com:587
AuthUser=your_username
AuthPass=your_password
UseSTARTTLS=YES
  • Check /var/log/mail.log for errors
  • Test DNS resolution with dig smtp.yourprovider.com
  • Verify port access with telnet smtp.yourprovider.com 587
  • For Gmail: Enable "Less secure apps" or use App Passwords

Always:

  • Restrict file permissions (600 for auth files)
  • Use app-specific passwords when available
  • Consider IP whitelisting if supported by your provider
  • Monitor sent emails for unexpected activity