Install other mail server software on FreeBSD

Hello everyone,

After installing the new mail server software, must Sendmail be replaced? Can the two coexist? For example, Sendmail is only used as a system's "native" MTA, and the other provides an external mail service?

Thanks.
 
If I understand properly, you want to use the external one as for your personal emails? In that case yes, you can perfectly coexist with both and use them for different purposes
 
Thanks. Only Sendmail is used to receive system functions such as messages sent by periodic. The other is for the usual mail service.

Can't use the same port. This is probably a problem.
 
Thanks. Only Sendmail is used to receive system functions such as messages sent by periodic. The other is for the usual mail service.

Can't use the same port. This is probably a problem.

Yes, you can use other MTA for emails sent by cron/periodic/at/local. Disable sendmail with sendmail_enable="NONE" in /etc/rc.conf and enable your favorite MTA.

I'd suggest OpenSMTPD. We are a small office, ~100 emails sent every day, another 100+ received, and it works just great.
 
  • Thanks
Reactions: sdf
Disable sendmail with sendmail_enable="NONE" in /etc/rc.conf and enable your favorite MTA.
That information is a bit outdated: on 11.2 Sendmail is disabled by default (see /etc/defaults/rc.conf) so there's no need to add this into /etc/rc.conf.

The only time you do need to start editing is if you want to replace the /usr/sbin/sendmail functionality (so: local mail delivery) with something else. Then you'd need to edit /etc/mail/mailer.conf and make the appropriate changes in /etc/rc.conf.
 
That information is a bit outdated: on 11.2 Sendmail is disabled by default (see /etc/defaults/rc.conf) so there's no need to add this into /etc/rc.conf.
There's a difference between sendmail_enable="NO" (which is the default) and sendmail_enable="NONE". A "NO" actually does start sendmail but in local-submit only mode (both sendmail_submit_enable and sendmail_outbound_enable are set to "YES" by default). A "NONE" doesn't start sendmail at all.

If you want to replace sendmail you should use sendmail_enable="NONE" and configure the replacement MTA to also accept local mail. Which I would recommend otherwise you can have two different paths emails could travel, making it more opaque and error-prone. You don't want to find yourself in a situation where the local mail is allowed but other mail isn't or vice-versa. Terribly annoying to troubleshoot.

I've personally used mail/exim on my own mailserver, I started out with mail/postfix because it's supposed to be "easier" to configure. But quickly found it was anything but easy. Exim is a bit more complex but the way it's configured made more sense to me. It's been running for a couple of years now.
 
The change is understandable, it's a bit counter-intuitive because sendmail_enable="NO" still starts sendmail. So if you want to do it properly you should probably use
Code:
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

sendmail_enable="NONE" still works though. And I'm not sure when this would be removed. I'm sure there will be some sort of announcement as this option has been in use for as long as I can remember (back to the 3.x era)
 
There's a difference between sendmail_enable="NO" (which is the default) and sendmail_enable="NONE". A "NO" actually does start sendmail but in local-submit only mode (both sendmail_submit_enable and sendmail_outbound_enable are set to "YES" by default). A "NONE" doesn't start sendmail at all.

Sendmail_enable="NONE" is valid, but the manual says:
The ``NONE'' option is deprecated and should not be used. It will be removed in a future release
https://www.freebsd.org/cgi/man.cgi....2-RELEASE+and+Ports&arch=default&format=html

At first I was going to try Exim, but I read a lot of comments and I am going to try OpenSMTPd.


OK, at least it is still valid on 11.2. Thank you.
 
--- I started out with mail/postfix because it's supposed to be "easier" to configure. But quickly found it was anything but easy. ..
... maybe 'easy to configure' is the wrong word for nearly every mailserver but there's a postfix-sasl version for FreeBSD, I would call it ' good and clear to configure' if someone does know what he's doing ;-) .
 
Well, I knew what I was doing but couldn't get it to bend to my will. That is, I couldn't get it to work like I wanted it to. So I just tried something else, Exim in my case.

What I was trying to say is, just try something. See if it works for you. If it doesn't, don't be afraid to start over with a different application. Keep trying until you find an application that does work for you.
 
Postfix is imo almost a no-brainer to set up, the configurations files are plain english and the documentation is excellent.
 
I remember it bent to my will and became a no-brainer when I realized that dovecot uses its own sasl-implementation(which does not work with postfix) and when I installed the postfix-sasl version under freebsd.Since then absolutely rock solid 24/7 running and `easy to configure" :) ( e.g. Webmin makes it even 'easier' to control affected changes on the fly. '
 
I'm throwing in mail/ssmtp as a very lightweight replacement for sendmail.
If all you want is to get local mails out, e.g. through your regular mailserver or a mail relay in your local network, ssmtp makes it dead-simple. It also supports TLS/STARTTLS and user/password login on the remote MTA, so you can just hand out regular mail accounts on your mailserver for your servers and don't have to configure a "half open relay" by whitelisting IPs or something similar.

For a "regular" mailserver I always reverted to Postfix - it's extremely flexible, rock-solid and (if properly laid out) the config is very maintenance-friendly and readable. It's also extremely robust and battle-tested - with a sensible rule/milter order it can withstand huge spam attacks even on very small VPS without any problem. I usually only recognize there was something going on when receiving my weekly statistics and there were several (tens of) thousands rejected emails ;)

I've tested a bit with OpenSMTPd for my private mailserver, but IMHO it really lacks the flexibility of postfix and documentation on how to use milters is extremely scarce (or even non-existent). After hours of digging you might find out that they changed the API a while ago and did'nt yet fixed a new one, so milters won't work until the API is stable again...
So for a production server OpenSMTPd was a no-go for me - although the configuration syntax is very nice as it basically resembles PF config language which makes it very easy to read and enables you to build somewhat complex rule dependencies by making "fall through" rules and order them as needed. Although this may make the overall layout of the config file a bit messy. Especially after the recent change to 2-line syntax and when the milter-API is fixed I'll definately have another look at it as it might be a viable alternative to Postfix.


Thanks. Only Sendmail is used to receive system functions such as messages sent by periodic. The other is for the usual mail service.

Can't use the same port. This is probably a problem.
You usually don't run two MTAs on the same system. All (?) MTAs have some kind of sendmail-compatibility, so local delivery can still be done through a sendmail-imitating interface. Usually you just update the /etc/mail/mailer.conf to point to the binary of the MTA (or its sendmail-counterpart) and you're done.
At least ssmtpd gives you all the instructions after installation (from packages):
Code:
To replace sendmail with ssmtp type "make replace" or change
your /etc/mail/mailer.conf to:

sendmail        /usr/local/sbin/ssmtp
send-mail       /usr/local/sbin/ssmtp
mailq           /usr/local/sbin/ssmtp
newaliases      /usr/local/sbin/ssmtp
hoststat        /usr/bin/true
purgestat       /usr/bin/true
 
  • Thanks
Reactions: sdf
I remember it bent to my will and became a no-brainer when I realized that dovecot uses its own sasl-implementation(which does not work with postfix) and when I installed the postfix-sasl version under freebsd.Since then absolutely rock solid 24/7 running and `easy to configure" :) ( e.g. Webmin makes it even 'easier' to control affected changes on the fly. '

Um. Postfix *does* work with dovecot's SASL? There is an option in the port specifically for this. And I believe it's on as default. It requires a few lines in the config file to point to the authentication socket that dovecot creates. It's pretty easy and I've used it for years.

Code:
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth

There's obviously more to it than just that, but yeah. It's pretty easy.
 
I haven't bothered to read through this thread but there's nothing wrong with using sendmail. It's the only mta my company has ever used. Yes, it might be more complicated or confusing to set up--I'm not so sure about that--but it does everything you want it to, especially in a programming environment.
 
Um. Postfix *does* work with dovecot's SASL? There is an option in the port specifically for this. And I believe it's on as default. It requires a few lines in the config file to point to the authentication socket that dovecot creates. It's pretty easy and I've used it for years.

Code:
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth

There's obviously more to it than just that, but yeah. It's pretty easy.
Well, SirDice invented the cool Easy Mail Server paradigm :)
For me under freebsd Dovecot worked out of the box authenticating through Unix passwd file.
For Postfix I found it easier to install the freebsd postfix-sasl version and authenticate through Cyrus sasl by
Code:
saslpasswd2
sasldblistusers2
then setting up certs, relays ... I think every mailserver we know about how it works is easy( even sendmail). The get-to-know can be a bit uneasy... sometimes... ;-)
 
Back
Top