IRCNow

This is an old revision of the document!


This document describes the process of configuring the OpenSMTPD service as part of the server mail system. The mail system includes the following services: OpenSMTPD, DKIMproxy and Dovecot. But only OpenSMTPD will be considered here.

Creation of additional service files

First, let's create additional service files for the server, which will contain users, a list of hosts, and so on. And also we will restrict access to them for other users of the system.

doas touch /etc/mail/domains
doas touch /etc/mail/vusers
doas touch /etc/mail/hosts
doas touch /etc/mail/passwd
doas chmod 640 /etc/mail/domains
doas chmod 640 /etc/mail/vusers
doas chmod 640 /etc/mail/hosts
doas chmod 640 /etc/mail/passwd
doas chmod 640 /etc/mail/smtpd.conf

Creating a configuration file

The next step is to replace the contents of the standard configuration file as here:

pki example.com cert "/etc/ssl/example/example.pem"
pki example.com key "/etc/ssl/example/private/example.key"

table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table hosts file:/etc/mail/hosts
#table vusers file:/etc/mail/vusers
#table passwd file:/etc/mail/passwd

listen on lo0 mask-src
listen on lo0 port 10028 tag DKIM mask-src
listen on egress port 25 tls pki example.com mask-src
#listen on egress port 587 tls-require pki example.com auth <passwd> mask-src

action "local_mail" mbox alias <aliases>
action "relay_dkim" relay host smtp://127.0.0.1:10027
action "relay" relay
#action "lmtp" lmtp "/var/dovecot/lmtp" rcpt-to virtual <vusers>

match from local for local action "local_mail"
#match from local for domain <domains> action "lmtp"
match tag DKIM for any action "relay"
match from local for any action "relay_dkim"
match from src <hosts> for any action "relay_dkim"
#match from any for domain <domains> action "lmtp"

Additional files

In the first step, we created additional files, now we need to fill them with data.

The domains file is used to receive mail. Therefore, it must contain a list of domains from which the server is an endpoint. In our case, this is so:

example.com

The hosts file is used for relay operation. It contains a list of remote hosts for which you are allowed to relay mail without authorization. In our case, this is so:

10.10.10.10

The vusers file is used to receive mail. It contains a list of mailboxes. This is an example: admin@example.com mailman hostmaster@example.com mailman ircnowguy@example.com mailman

The passwd file contains a list of accounts for authorization. This is a possible option:

ircnowguy@example.com:$2b$09$hD17XLkUb4doE3bjvn4v1uYVF3/tldQBKvDTcCbDta1a6NZNA1zue

Service start

doas rcctl stop smtpd
doas rm -r /var/spool/smtpd
doas rcctl -d start smtpd
doas rcctl -d start smtpd
doing _rc_parse_conf
doing _rc_quirks
smtpd_flags empty, using default ><
doing rc_check
smtpd
doing rc_start
doing _rc_wait start
doing rc_check
doing _rc_write_runfile
(ok)