Configure Sendmail SSL encryption for sending and receiving email

last updated in Categories , ,

Q. How do I configure Sendmail email server to use SSL encryption for sending/receiving email? I have already obtained or received the required valid SSL certificate. It is stored in /etc/mail/ssl directory as follows:


SSL Keys and Certification files
=> /etc/mail/ssl/sendmail.pem
=> /etc/mail/ssl/ca-bundle.crt

Now how do I configure sendmail for SSL under Fedora Core or RHEL or Cent OS?

A. Sendmail is a mail transfer agent (MTA) and you need a valid SSL certificate on the server. Sendmail remains the most popular MTA on the Internet, although this is probably fading. Its popularity is due in part to its position as the standard MTA under most variants of the Unix operating system.

Sendmail can be configured to encrypt email via the secure socket layer (SSL) when you want to send and receives emails.

Open sendmail configuration file /etc/mail/ using text editor such as vi:
# vi /etc/mail/

Now append/modify following directives:

And make sure port is set to smtps (secure smtp i.e. port 465):
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

Restart sendmail and secure pop3s/imaps

Type the following commands to restart sendmail and related services:
# /etc/init.d/sendmail restart
# chkconfig pop3s on
# chkconfig imaps on
# /etc/init.d/xinetd restart

pop3s and imaps will start from xinetd

How do I generate certificates locally for testing purpose only?

If you don’t have certificates you can generates certificates locally on Cent OS/RHEL/Fedora Core. Type the following commands:
# cd /usr/share/ssl/certs
# make sendmail.pem

Now open sendmail /etc/mail/ config file and append/modify directives as follows:
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

Restart sendmail as discussed above.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


4 comment

  1. Hi,
    my qmailserver is at out of location. All users sending & receiving the mails through this server.
    It is possible to setup the fetching sendmail server to local. All users are send & received the mail through this server & not directlay connected to outside server qmail server for send & received the mails.
    Hoiw I configurd this fetchning mail server.

  2. Interviewer asked me one question:
    User is unable to send/receive the mail.
    How u will troubleshoot it?
    Explain in clear manner with steps.
    I didnt answer to this question.
    Can u plz tell the answer to this question as soon as possible.

  3. Under “Now append/modify following directives:”, you may need to change:
    to read:

    Great tutorial!

Leave a Comment