Configuring Sendmail to send mail without getting into Spam

Faced a problem: on a properly configured Apache server with installed modules and configured domain records from the provider - letters sent via the mail function from php scripts ended up in spam or were not delivered at all.



I began to understand and could not find more than one full-fledged publication on the Russian Internet that would reveal the problem and help solve all the issues.



I present to your attention, collected from various sources, tested and used method of configuring the server for the correct sending of sendmail emails.



System: Ubuntu 20.06

Mail service: Yandex



1. Installing Sendmail



If for some reason it was not installed. Perform basic installation and configuration

sudo apt-get install php-mail
sudo apt-get install sendmail
sudo sendmailconfig

      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

Rule php.ini



Instead of noreply@site.ru, write mail to which reports will be sent (header Return-Path :).

sendmail_path = "/usr/sbin/sendmail -t -f noreply@site.ru -i"

      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

The Return-Path: header is an important header in the eyes of email services.

If you don't set it, the header will be something like "Return-Path: <noreply@localhost.localdomain>".



It is highly desirable that the header value always coincides with the domain name from which the message is sent, regardless of the value of the From: header, otherwise it may be sent to Spam or rejected altogether.



2. Configuring DNS records



We need to configure SPF, DMARC, DKIM records.



What is responsible for what I will not paint. Runet has a huge number of instructions.

If you also use any mail service, they have their own detailed instructions for setting up.



What you should pay attention to is that the IP-address of the server is registered in the SPF.

v=spf1 ip4:ip_server include:_spf.yandex.net ~all
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

Next, you need to request a reverse rDNS record (PTR record) from your DNS hosting provider .

Bind your domain to the server ip-address.



As a rule, the provider independently installs it upon request.



4. Change hostname



Set hostname equal to our domain name:

sudo hostnamectl set-hostname site.ru
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

5. Edit the sendmail.mc file



Go to the /etc/mail/sendmail.mc file.



We need to configure the "Received: from" and "Received: by" headers. They are important in determining the level of trust in the server sending the email.



Add the following lines at the end of the file before MAILER_DEFINITIONS

FEATURE(allmasquerade)
FEATURE(masquerade_envelope)
FEATURE(local_no_masquerade)
MASQUERADE_AS(`site.ru')

      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

And at the end of the file:

define(`MAIL_HUB', `site.ru.')dnl
define(`LOCAL_RELAY', `site.ru.')dnl

      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

6. Checking the apache and firewall settings

sudo ufw allow 25
sudo nano /etc/apache2/envvars

      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

We are looking for lines and replace www-data with the current user under which apache is running



export APACHE_RUN_USER = www-data

export APACHE_RUN_GROUP = www-data



7. Update the configuration and restart sendmail

sudo sendmailconfig
sudo service sendmail restart
sudo systemctl restart apache2