Install Sendmail with STARTTLS on Ubuntu

25 Aug 2018 2 55  0
Install Sendmail with STARTTLS on Ubuntu Server 16.04
Install Sendmail with STARTTLS on Ubuntu Server 16.04


Want to learn installing Sendmail with STARTTLS on Ubuntu, here we have detailed tutorial for you. For email notifications, Redmine supports different configuration options for outgoing email delivery. There is the SMTP (Simple Mail Transfer Protocol) plain option, which allows you to use an existing email account hosted on a private email server (the downside of this option is that the emails sent from Redmine to this server will be unsecured).

Check out Our Best VPS Hosting and Wodpress hosting  for scaling your cloud-based applications and processes.

There is also the SMTP using TLS (Transport Layer Security) option, which allows you to use an existing email account that supports secure SMTP, such as Gmail, or a private email server that is secured with TLS.

Finally, you can opt for the Sendmail option, which will use the Sendmail program for outgoing email delivery. This is going to be the main part of this tutorial.

  • What is Sendmail?

Sendmail is a lightweight MTA (Mail Transfer Agent), or server, that handles delivery of email messages from an email client to an email server.

  • What is SASL?

SASL stands for Simple Authentication and Security Layer. It is a framework for authentication and data security in internet protocols. Basically, it is a module that server programs such as Sendmail use to handle user authentication.

  • What is STARTTLS?

STARTTLS is a method for upgrading server security by taking an existing insecure server connection (or port) and upgrading it to a secure connection/port via SSL/TLS. We will be using this method to secure Sendmail.

  • Why opt to use Sendmail as the email delivery method for Redmine?

I have found Sendmail to be more lightweight and easier to configure in comparison to other MTAs like Postfix. It is also relatively simple to secure, and you don’t need to have an existing email account or an account on a private email server to get email notifications set up.

NB: In this tutorial, I will use as my example domain and as my example public IP address.

Install OpenSSL, Sendmail, and SASL:

sudo apt-get install openssl sendmail sasl2-bin

Start the SASL daemon:

sudo service saslauthd start

Give your server a hostname:

sudo vi /etc/hostname

I have given mine the name ‘web1’:


Save and exit the file.

Configure your host file:

sudo vi /etc/hosts

Add a second line after localhost with your public IP address, domain name, and hostname all in one line like so: localhost web1

Restart the server for the changes to take effect.

sudo reboot

Test the changes after reboot:

hostname -f

You should have the following printed to your console output:

Run the Sendmail configuration utility:

sudo sendmailconfig

Accept all the default options in the prompts. At this point, Sendmail is up and running, but not yet secure. We will secure it shortly.

Configure SASL by editing the SASL config file:

sudo vi /etc/default/saslauthd

Edit the first line to be:


Reload the SASL daemon:

sudo systemctl reload saslauthd

Configure Sendmail by changing the Sendmail main config file:

Change the Sendmail main config

sudo vi /etc/mail/

Add the line:


below the following:


Save and quit the file.

Change the Mail Submission config:

sudo vi /etc/mail/

Add the line:


below the following:


Save and quit the file.

Re-run the Sendmail config utility:

sudo sendmailconfig

Accept all the default options from the prompts. Now, Sendmail should have STARTTLS configured correctly.

View the Sendmail Configuration:

sudo sendmail -d0.1 -bv root

You should get:

Version 8.15.2




                                TCPWRAPPERS USERDB USE_LDAP_INIT XDEBUG

============ SYSTEM IDENTITY (after readcf) ============

      (short domain name) $w = example

  (canonical domain name) $j =

         (subdomain name) $m = com

              (node name) $k = web1


root... deliverable: mailer local, user root

NB: To prevent emails sent by Sendmail being flagged as spam email, you will need to take some extra measures. We will start by creating an SPF (Sender Policy Framework) record in our DNS management console.

SPF indicates to email providers such as Gmail or Outlook that the host which Sendmail is running from is authorized to send emails for our domain. SPF records are usually a single string of text.

On your DNS Management Console, add two TXT records with the following content:

"v=spf1 a ~all"

v=spf1 a mx ~all

On Your Redmine Host, create a new Redmine global config file:

sudo cp -v /usr/share/redmine/config/configuration.yml.example /usr/share/redmine/config/configuration.yml
sudo vi /usr/share/redmine/config/configuration.yml

Uncomment the delivery_method within the sendmail block, like so:

# ==== Sendmail command


  #  email_delivery:

      delivery_method: :sendmail


Save and quit the file.

Reload Apache for the changes to take effect:

sudo systemctl reload apache2

On Redmine, log in as an admin user.

Go to: Administration > Settings > Email Notifications

Change the Emission email address to:

[email protected]

Change the Email footer to:

You have received this notification because you have either subscribed to it or are involved in it.

To change your notification preferences, please click here:

You can select more options under ‘Select actions for which email notifications should be sent’.

Save the changes.

Send a test email with the new settings.

Now, your Redmine installation should have email notifications working correctly.

Also, here are a few hand-picked guides that must read next:

  1. How to Install, Configure, and Run AskBot with Let’s Encrypt SSL on Ubuntu 16.04
  2. Create Bash Aliases



Add a comment

Leave a Reply