Sendmail for virtual users with procmail, spamassassin and dovecot

Today I’d like to describe setup of sendmail that allows to establish receiving of e-mails for certain domain and sort incoming messages between virtual users. Those users must be able to fetch received e-mails via POP3 or IMAP protocols with or without TLS encryption. The key aspect of this kind of setup is that we will make sendmail working with virtual users which aren’t present in /etc/passwd so once it’s necessary to create new mailbox it’s not required to add new Unix/Linux account into system. Also, unlike similar configurations based on postfix we will not run mysql or postgres databases to store list of users, their settings, mail routing etc. — everything is stored in text files.

Whole setup relies on the following components: sendmail – receives mails from MTAs around the Web and sorts incoming mails between users of mail system, procmail makes it possible to apply various custom configurations for selected users e.g. set up autoresponder, filter e-mails etc., spamassassin is well known spam filter, dovecot — POP3 and IMAP service daemon.

1. Sendmail installation procedure depends on your Linux distribution but in most cases it is enough to install corresponding binary package e.g. sudo yum install sendmail or sudo apt-get install sendmail. But it is also natural idea to compile sendmail from sources to get the most fresh version — this is perfectly covered at

2. If you run one of major Linux distributions you should just execute something like below in command line to get all other required components installed:

sudo apt-get install procmail spamassassin dovecot
sudo yum install procmail spamassassin dovecot

The possibility to install all the components from sources is still open [for geeks only].

3. Sendmail’s configuration is stored in /etc/mail directory and by default it is configured not to receive mails for any domain. We should change by adding ‘’ domain to /etc/mail/local-host-names file. Please notice that MX DNS entry for your domain e.g. “” should point to server where you’re trying to set up sendmail.

4. There is another key configuration file /etc/mail/virtusertable that holds all mail routing information, e.g. below line tells sendmail that all incoming mails to [email protected] should go to user ‘user1.virtual’:

[email protected] user1.virtual

The following line routes rest incoming mails to user2.virtual: user2.virtual

5. As it comes from their names user1.virtual and use2.virtual are virtual so they shouldn’t be present in /etc/passwd. In order to make sendmail to deliver mails to virtual users it is required to specify them in /etc/alias file. E.g. if we plan to route mails destined to [email protected] to user1.virtual we should add the following line to /etc/alias:

user1.virtual: |/etc/smrsh/user1.virtual

This line tells sendmail that it should execute script /etc/smrsh/user1.virtual to deliver mail to user1.virtual. Please notice that if you place the script to ther directory than /etc/smrsh setup wont’ work. Now let’s see the contents of /etc/smrsh/user1.virtual, it contains one line including the path to procmail binary and procmailrc script for user1.virtual user:

[[email protected] ~]# cat /etc/smrsh/user1.virtual
/usr/bin/procmail /etc/procmail.d/user1.virtual

/etc/procmail.d/user1.virtual file includes all custom settings for user1.virtual virtual user, e.g. below is an example that will receive mails to [email protected], check them for spam and store into user1.virtual’s inbox:

[[email protected] ~]# cat /etc/procmail.d/user1.virtual
MONTHYEAR=^Date +%y%m

# Spam filter
| /usr/bin/spamc

* ^X-Spam-Status: Yes


As you can see spam mails will be stored in inbox while spam e-mails will be forwarded to file named ‘spam’. Later on you will be able to access inbox using POP3 and spam using IMAP service. In order to prepare user1.virtual’s inbox you should do the following:

mkdir -p /var/spool/virtual/
mkdir -p /var/spool/virtual/
chown mail.mail /var/spool/virtual/ -R
chown mail.mail /var/spool/virtual/ -R

As for spamassassin, it is comes configured by default so in order to start it you should start spamd daemon e.g. by command service spamd start or /etc/init.d/spamd start. You can get more information about how to configure it at SA’s website.

From this point you may try sending mails to [email protected] and see log entries in /var/spool/virtual/ and incoming mails in /var/spool/virtual/ If something goes wrong it makes sense to look into /var/log/maillog sendmail’s main log file.

5. Default configuration of dovecot is rather useful and makes it possible to establish POP3 and IMAP services for virtual users in seconds. Let’s imagine you’re running dovecot 2.x version, here are some configuration keys you should add into dovecot’s config, e.g. /etc/dovecot/dovecot.conf:

protocols = pop3 imap

service pop3-login {
inet_listener pop3 {
port = 110

service imap-login {
inet_listener imap {
port = 143

ssl = yes
ssl_cert = </etc/dovecot/keys/server.crt #server's self signed certificate generated by openssl
ssl_key = </etc/dovecot/keys/server.key # server's private key generated by openssl

default_login_user = mail
default_internal_user = mail

first_valid_uid=8 #this is UID of mail user that you can see in /etc/passwd
auth_mechanisms = plain login cram-md5 digest-md5

mail_location = mbox:/var/spool/virtual/

userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/passwd
passdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/passwd

log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
debug_log_path = /var/log/dovecot-debug.log

Once you make sure your dovecot’s configuration includes mentioned lines you’re welcome to try starting dovecot either by service dovecot start or by just ‘dovecot’. In case of success you will see 110 and 143 ports in output netstat -lnp or errors in dovecot’s log file /var/log/dovecot.log. Let’s imagine it started without problems 😉

Now it’s time to set up the password for user1.virtual user, according to dovecot’s configuration suggested above the passwords are stored in /etc/dovecot/passwd. This is a text file, here is example line from it:


In this example user1.virtual has password pass123 stored in plain text, 8 is UID of mail user in your /etc/passwd, 12 is GID of mail group (you can also check this in /etc/passwd).



Stefan Durand

My name is Stefan, I'm the admin of LinuxScrew. I am a full-time Linux/Unix sysadmin, a hobby Python programmer, and a part-time blogger. I post useful guides, tips, and tutorials on common Linux and Programming issues. Feel free to reach out in the comment section.

4 thoughts on “Sendmail for virtual users with procmail, spamassassin and dovecot”

  1. Hi Admin

    I’ve managed to setup IMPAS on my server and see it works and thank you for this ! Do you have any hints on how to make PAM see the virtual user pass ? I did configured SMTP to use STARTLS by specifying the certs in sendmail and now I am able to try to reply to emails I receive and I am able to see using imaps. Problem is when I reply I see connecting to mai server, connected but I get in the logs:
    Sep 5 09:17:52 domain saslauthd[1283]: do_auth : auth failure: [user=info] [service=smtp] [] [mech=pam] [reason=PAM auth error]

    Maybe I should see in the log line above instead of domain ? Any hints ?

  2. Thanks for providing this tutorial – very easy to follow and very easy to configure everything required. and yes it all worked as expected.

Leave a Reply

Your email address will not be published. Required fields are marked *