How to configure Sendmail to relay mails via gmail-smtp on Centos or Amazon Linux AMI instance

 

If you are looking for a practical guide on how to install sendmail on the ‘Centos Amazon Linux AMI’ instance and relay mails via Gmail’s SMTP server, please read on.

 

Ideally, the sendmail server should relay the outgoing emails via Gmail’s SMTP server after authenticating to Gmail SMTP using a valid Gmail username/password. For this, you will first need to install sendmail and configure it to relay outbound emails via the smtp.gmail.com server after authentication. For authentication, you cannot directly use your email username/password, but you will have to create an App Password from your Google Account. By doing so, you are going to allow a third-party app to use your email address ( obviously after authentication using the App password ) to send emails to other recipients.

 

As the first step, install sendmail on your server. In my case, it’s Centos and I used Yum package manager to install it.

 

yum install sendmail-cf

 

Install other related packages as well, which is also important.

 

yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain

 

Once sendmail is installed, you will need to configure sendmail to relay via Gmail SMTP

 

cd /etc/pki/tls/certs

make sendmail.pm

 

During this process, you will be asked for Country Name and Common Name.

 

Edit /etc/mail/sendmail.mc and make the following entries.

 

define(SMART_HOST’, smtp.gmail.com‘)dnl

define(ESMTP_MAILER_ARGS’, TCP $h 587′)dnl

FEATURE(authinfo’, hash -o /etc/mail/smtp-auth-creds.db’)dnl

 

define(`confAUTH_OPTIONS’, `A p’)dnl

 

TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl

define(`confAUTH_MECHANISMS’, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl

 

define(`confCACERT_PATH’, `/etc/pki/tls/certs’)dnl

define(`confCACERT’, `/etc/pki/tls/certs/ca-bundle.crt’)dnl

define(`confSERVER_CERT’, `/etc/pki/tls/certs/sendmail.pem’)dnl

define(`confSERVER_KEY’, `/etc/pki/tls/certs/sendmail.pem’)dnl

 

Save this after the edit and run the following command.

 

make -C /etc/mail

 

Create /etc/mail/smtp-auth-creds using your favorite editor ( vi or nano )

 

AuthInfo:smtp.gmail.comU:[email protected]” “P:oprealsxtfkkfqem” “M:LOGIN PLAIN”

 

The 16-letter string is something you create from Gmail Account’s “App Passwords” section. Go to this link https://myaccount.google.com/signinoptions/two-step-verification

and scroll down to the App Passwords section. There you can give the name of your app and get the 16-letter password, which can be used in your app to relay via gmail smtp server.

 

makemap hash /etc/mail/smtp-auth-creds < /etc/mail/smtp-auth-creds

 

restart sendmail – service sendmail restart

 

Edit /etc/hosts and give fully qualified name or sendmail will take time to start ( short name and long name )

 

For debugging, you may install rsyslog or syslog-ng

 

yum install rsyslog

 

service rsyslog restart

 

It enables /var/log/maillog. Now you are ready to test your Sendmail Relay setup by sending mail to your email address as below.

echo “Subject: sendmail test” | sendmail -v [email protected]

Leave a Comment

Your email address will not be published. Required fields are marked *