From ArchWiki

Sendmail is the classic mail transfer agent from the Unix world. This article builds upon Mail server.

The goal of this article is to setup Sendmail for local user accounts, without using MySQL or other databases, and also allowing the creation of mail-only accounts.


The factual accuracy of this article or section is disputed.

Reason: sendmail can be used with other MDAs than procmail. (Discuss in Talk:Sendmail#MDA_compatibility)

Install the sendmailAUR, procmailAUR and m4 packages.

Adding users

Create a Linux user for each user that wants to receive email at To add mail-only accounts, that is, users who can get email, but cannot have shell access or login on X, you can add them like this:

# useradd -m -s /usr/bin/nologin username


Obtain TLS certificate

Warning: If you deploy TLS, be sure to follow's guide and disable SSLv3 to prevent vulnerabilities. For more information see Server-side TLS.

To obtain a certificate, see OpenSSL#Usage.

The factual accuracy of this article or section is disputed.

Reason: Are those quotes correct and those end-of-line dnl statements necessary? (Discuss in Talk:Sendmail)

Create the file /etc/mail/ You can read all the options for configuring sendmail on the file /usr/share/sendmail-cf/README.

Warning: If you create your own file, remember that plaintext auth over non-TLS is very risky. Using the following example forces TLS and is therefore more safe unless you know what are you doing

Here is an example using auth over TLS. The example has comments explaing how it works. The comments start with dnl .

define(`confDOMAIN_NAME', `')dnl
dnl  The following allows relaying if the user authenticates,
dnl  and disallows plaintext authentication (PLAIN/LOGIN) on
dnl  non-TLS links:
define(`confAUTH_OPTIONS', `A p y')dnl
dnl  Accept PLAIN and LOGIN authentications:
dnl Make sure this paths correctly point to your SSL cert files:
FEATURE(`virtusertable', `hash /etc/mail/virtusertable.db')dnl

Then process it with

# m4 /etc/mail/ > /etc/mail/


Put your domains on the local-host-names file:


Make sure the domains are also resolved by your /etc/hosts file.


Create the file /etc/mail/access and put there the base addresses where you want to be able to relay mail. Lets suppose you have a vpn on, and you want to relay mails from any ip in that range:

10.5.0 RELAY
127.0.0 RELAY

Then process it with

# makemap hash /etc/mail/access.db < /etc/mail/access


Edit the file /etc/mail/aliases and uncomment the line #root: human being here and change it to be like this:

root:         your-username

You can add aliases for your usernames there, like:

coolguy:      your-username
somedude:     your-username

Then process it with

# newaliases


Create your virtusertable file and put there aliases that includes domains (useful if your server is hosting several domains)

/etc/mail/virtusertable         your-username
joe@my-other.tld                      joenobody

Then process it with

# makemap hash /etc/mail/virtusertable.db < /etc/mail/virtusertable

Start on boot

Enable/start the following units.

  • saslauthd.service
  • sendmail.service
  • sm-client.service

SASL authentication

Add a user to the SASL database for SMTP authentication.

# saslpasswd2 -c your-username

Tips and tricks

Forward all the mail of one domain to certain user

To forward all mail addressed to any user in the my-other.tld domain to


Do not forget to process it again with

# makemap hash /etc/mail/virtusertable.db < /etc/mail/virtusertable