💾 Archived View for perso.pw › blog › articles › openbsd-opensmtpd-relay.gmi captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
In this article I will show how to configure OpenSMTPD, the default mail server
on OpenBSD, to relay mail sent locally to your smtp server. In pratice, this
allows to send mail through "localhost" by the right relay, so it makes also
possible to send mail even if your computer isn't connected to the internet.
Once connected, opensmtpd will send the mails.
All you need to understand the configuration and write your own one is in the
man page [smtpd.conf(5)](http://man.openbsd.org/smtpd.conf). This is only a
highlight on was it possible and how to achieve it.
In OpenBSD 6.4 release, the configuration of opensmtpd changed drasticaly, now
you have to defines rules and action to do when a mail match the rules, and you
have to define those actions.
In the following example, we will see two kinds of relay, the first is through
smtp over the Internet, it's the most likely you will want to setup. And the
other one is how to relay to a remote server not allowing relaying from
outside.
table aliases file:/etc/mail/aliases
table secrets file:/etc/mail/secrets
listen on lo0
action "local" mbox alias <aliases>
action "relay" relay
action "myserver" relay host smtps://myrelay@perso.pw auth <secrets>
action "openbsd" relay host localhost:2525
match mail-from "@perso.pw" for any action "myserver"
match mail-from "@openbsd.org" for any action "openbsd"
match for local action "local"
match for any action "relay"
I defined 2 actions, one from "myserver", it has a label "myrelay" and we use
`auth <secrets>` to tell opensmtpd it needs authentication.
The other action is "openbsd", it will only relay to localhost on port 2525.
To use them, I define 2 matching rules of the very same kind. If the mail that
I want to send match the @domain-name, then choose relay "myserver" or
"openbsd".
The "openbsd" relay is only available when I create a SSH tunnel, binding the
local port 25 of the remote server to my port 2525, with flags
`-L 2525:127.0.0.1:25`.
For a relay using authentication, the login and passwords must be defined in
the file **/etc/mail/secrets** like this: `myrelay login:Pa$W0rd`
[smtpd.conf(5)](http://man.openbsd.org/smtpd.conf) explains creation
of **/etc/mail/secrets** like this:
touch /etc/mail/secrets
chmod 640 /etc/mail/secrets
chown root:_smtpd /etc/mail/secrets
Now, restarts your server. Then if you need to send mails, just use "mail"
command or localhost as a smtp server. Depending on your From address, a
different relay will be used.
Deliveries can be checked in **/var/log/maillog** log file.
doas smtpctl show queue
doas smtpctl schedule all