Admin Internet Mail

Obscure Tips for Sendmail Admins

Sendmail is an amazing program. The O’Reilly Sendmail book is its equal, coming in well over 1000 pages. I constantly marvel at how it was possible to pack so much knowledge into one book written by one person. Having run sendmail for over 10 years, I’ve built up a few inside tips that can be extremely hard to find out by yourself, even with the book’s help. I just learned one today, in fact, so I thought I’d put it plus some others in one place where their chances of being useful is slightly greater.

Tip 1: Multiple IPs in a Mailertable Entry, No MX Record Required
Today I learned that you can specify multiple domains in a mailertable entry even when you’re using IP addresses, as in this example:       smtp:[]:[]

I tested it by putting behind a firewall where it was unreachable. Sure enough, the smtp mail delivery agent of sendmail tried next. You can continue to extend this with additional IPs

Why is this important? If someone has provided you a private IP to forward mail to, say because of a company-to-company VPN, you cannot rely on the usual DNS lookups to do the routing. And a big outfit may have two MTAs reachable in this way. Now you’ve got redundancy built-in to your delivery methods. Just as you have for organizations with multiple MX records. I paged through the book this morning and did not find it. Maybe it’s there. But it’s in an obscure spot if it is.

Tip 2: Error message Containing Punctuation
I also don’t think it’s obvious how to include multiple punctuation marks in a custom error message, even after reading the book. Here’s an example for your access table:   ERROR:"550 You sent an email to  You probably meant"

So it’s the quotes that allow you to include the several punctuation marks. The 550 at the beginning will be seen as the error number.

Tip 3: Smarttable for Sender-Based Routing Decisions
Have you ever wanted to make routing decisions based on sender address rather than recipient address? Well, you can! The key is to use smarttable. In my MC file I have:

dnl Define an enhancement, smarttable, from Andrzej Filip
dnl now at
FEATURE(`smarttable',`hash -o /etc/mail/smarttable')dnl

It’s sufficiently well documented at that page. You need his smarttable.m4 file. So this is not for beginners, but it’s not that hard, either. Although it looks like smarttable hasn’t been updated since 2002, I want to mention that it still works with the latest versions of sendmail. You can route based on the sender domain, or an individual sender address. I use it to send some messages to an encryption gateway. My smarttable entries tend to look like this:

[email protected]          relay:[]

What’s First: Routing Based on Sender or Recipient??
What if your recipient’s domain is in the mailertable and your sender’s address is in the smarttable? What takes precedence in that case? The mailertable entry does. I do not know a way to change that. I actually did experience that conflict and found one way around it.

In my case I had some mailertable entries like this one:  

with my smarttable entry as above. So I get into this conflict when [email protected] wants to send email to [email protected]. What I did is run a private BIND DNS server and remove the mailertable entry. My private DNS server is mostly a cache-only server with the usual Internet root servers. But since the public Internet value for the MX record for is not what I wanted for mail delivery purposes, I created a zone for on my private DNS server and created the MX record            IN   MX   0

thus overwriting the public MX value for Then, of course, I have my server where I am running sendmail set to use my private DNS server as nameserver in /etc/resolv.conf, i.e.,


since I ran my private DNS server on the same box. Without the mailertable entry sendmail uses DNS to determine how to deliver email unless of course the sender matches a smarttable entry! If my server relies on resolving other resource records within for other purposes then I have to redefine them, too.

This trick works for individual domains. What if you feel the need for an “everythnig else” entry in your mailertable, i.e.,


Well, you’re stuck! I don’t have a solution for you. My DNS trick above could be extended to work for mail with some wildcard entries, but it will break so many other things that you don’t want to go there.

Tip 4: How to send the same email to two (or more) different servers
Someone claimed to need this unusual feature. See the discussion in the comment section about how I believe this is possible to do and an outline of how I would do it.
The blog posting I reference about running sendmail in queue-only mode is here.

Hopefully these sendmail tips will make your life as a sendmail admin toiling away in obscurity (not that I know anyone like that : ) ), just a little easier.

The sendmail book is the one by Bryan Costales. At Amazon:

My most recent post on how to tame the confounding sendmail log is here.

Using smarttable with a catch-all mailertable entry, plus virtusertable and more, is described in my latest sendmail post.

5 replies on “Obscure Tips for Sendmail Admins”

Hi Dr John,

I desesperately search for an option that could allow me to sent a mail from my mail-gateway to TWO DIFFERENT internal E-Mail servers, not smtp1 OR smtp2 but smtp1 AND smtp2, tips I found to have 2 ip-addresses in the mailertable for one domain don’t allow me that, it’s a HA solution allowing the mail to be delivered to one SMTP OR the other if the 1st one is not available, but the mail is ONLY sent to ONE SMTP server…
this has to be done during the migration phase of my internal E-Mail server (Sendmail, with IMAP that will go to Zarafa Server and in the 1st time I would like to have BOTH of them available with the mails received in both of them…
Thanks for your help !

There’s no built-in way to do that.

What _I_ would do is the following:
– have a sendmail instance run in queue-only mode (see one of my other posts about how to do that). Let’s say this uses the queue directory /mqueue/qqueue
– write a little script which does the following:
– copy the qf an df files to a queue directory /mqueue/qsmtp1
– copy the qf and df files to a queue directory /mqueue/qsmtp2
– delete the qf and df files from /mqueue/qqueue
– run two separate sendmail instances in “deliver-only” mode (to do this, for instance, just have it not listen for incoming mail, or listen on a random port)
– one deliver-only sendmail agent reads from /mqueue/qsmtp1
– the other reads from /mqueue/qsmtp2
Each deliver-only sendmail MTA can have its own mailertable which takes different actions for the same recipient domain.

I _believe_ this or some variant of this will work though I’ve certainly never done it before.

Yet another approach might be to run procmail within sendmail. It’s been years since I’ve run procmail, but deep in the back of my mind I think it gives you enough flexibility to do this. But I don’t recall enough of the specifics to create a recipe for doing it.

Leave a Reply

Your email address will not be published. Required fields are marked *