Configuring Sendmail SMTP Relay: Forcing Specific Server Usage via SMART_HOST and Mailertables


2 views

Many developers running home servers face email delivery issues when ISPs enforce restrictive SMTP policies. The classic symptom appears in mail logs showing successful local acceptance but timeout failures during external relay attempts.

# Typical failure pattern
Dec 22 10:24:18 server sm-mta[1517]: oBMH9mVv001357:
  to=recipient@domain.com, 
  relay=pmx0.isp.net [69.145.248.1],
  dsn=4.0.0, stat=Deferred: Connection timed out

Standard MX record lookups often point to external-facing servers that reject internal network connections. The solution requires forcing Sendmail to use specific relay servers regardless of DNS results.

Global Relay Override (SMART_HOST)

For all outgoing mail regardless of destination:

# In sendmail.mc
define(SMART_HOST', [mail.isp.net]')dnl
# OR using direct IP
define(SMART_HOST', [192.0.2.25]')dnl

The square brackets prevent MX lookups, forcing direct connection to the specified host.

Domain-Specific Routing (Mailertable)

For selective domain routing:

# Enable feature in sendmail.mc
FEATURE(mailertable')dnl

# /etc/mail/mailertable contents
gmail.com       smtp:[alt4.gmail-smtp-in.l.google.com]
workdomain.com  esmtp:[mail.corporate.net]
.local          local:
  1. Edit configuration files: 
    vi /etc/mail/sendmail.mc
vi /etc/mail/mailertable
  2. Rebuild configuration: 
    make -C /etc/mail
service sendmail restart
  3. Verify configuration: 
    sendmail -bt
> /map mailertable gmail.com
> /tryflags HS
> /try esmtp user@gmail.com
  • Check SMTP connectivity manually first: 
    telnet mail.isp.net 25
  • Verify DNS resolution isn't interfering: 
    dig MX gmail.com
dig A mail.isp.net
  • Test mail submission directly: 
    echo "Test" | mail -s "SMTP Test" recipient@domain.com

When using mailertables with many entries, consider:

# Use hash database for large tables
FEATURE(mailertable', hash -o /etc/mail/mailertable.db')dnl

When setting up Sendmail as an outbound mail relay, the default MX lookup behavior often causes connection timeouts with ISPs that have separate internal and external mail servers. The key symptom appears in mail logs showing successful local acceptance but failure when relaying to the provider's MX server (e.g., pmx0.bresnan.net timing out while mail.bresnan.net works).

To bypass MX lookups entirely, use square brackets in the SMART_HOST definition:

define(SMART_HOST', [69.145.248.18]')
dnl # IP should be your provider's internal SMTP server
FEATURE(access_db')
FEATURE(virtusertable')

This forces direct connection to the specified IP/port (default 25). After modifying sendmail.mc:

# Rebuild configuration
cd /etc/mail && make
# Restart sendmail
service sendmail restart

For granular control when relaying to multiple providers, implement a mailertable:

# /etc/mail/mailertable
gmail.com               smtp:[smtp.gmail.com]:587
work-address.com        smtp:[mail.bresnan.net]
.example.com            esmtp:[192.168.1.100]

1. Enable mailertable in sendmail.mc:

FEATURE(mailertable', hash -o /etc/mail/mailertable.db')

2. Generate the database:

makemap hash /etc/mail/mailertable.db < /etc/mail/mailertable

3. Test configuration before applying:

sendmail -bv user@example.com  # Verify route
sendmail -d60.5 -q  # Debug queue processing

Check connection attempts in real-time:

tail -f /var/log/maillog | grep -E 'relay=|defer'

For TLS/SSL issues, add to sendmail.mc:

define(confSERVER_SSL_OPTIONS', V')

Always restrict relay access:

# /etc/mail/access
Connect:localhost         RELAY
Connect:192.168.1         RELAY
Connect:127.0.0.1         RELAY

Generate access.db:

makemap hash /etc/mail/access.db < /etc/mail/access