💾 Archived View for perso.pw › blog › articles › openbsd-opensmtpd-relay.gmi captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-12-03)

➡️ Next capture (2021-12-17)

-=-=-=-=-=-=-

Configuration of OpenSMTPD to relay mails to outbound smtp server

on Mastodon

In this article I will show how to configure OpenSMTPD, the default mail server

on OpenBSD, to relay mail sent locally to your smtp server. In pratice, this

allows to send mail through "localhost" by the right relay, so it makes also

possible to send mail even if your computer isn't connected to the internet.

Once connected, opensmtpd will send the mails.

All you need to understand the configuration and write your own one is in the

man page [smtpd.conf(5)](http://man.openbsd.org/smtpd.conf). This is only a

highlight on was it possible and how to achieve it.

In OpenBSD 6.4 release, the configuration of opensmtpd changed drasticaly, now

you have to defines rules and action to do when a mail match the rules, and you

have to define those actions.

In the following example, we will see two kinds of relay, the first is through

smtp over the Internet, it's the most likely you will want to setup. And the

other one is how to relay to a remote server not allowing relaying from

outside.

table aliases file:/etc/mail/aliases

table secrets file:/etc/mail/secrets

listen on lo0

action "local" mbox alias <aliases>

action "relay" relay

action "myserver" relay host smtps://myrelay@perso.pw auth <secrets>

action "openbsd" relay host localhost:2525

match mail-from "@perso.pw" for any action "myserver"

match mail-from "@openbsd.org" for any action "openbsd"

match for local action "local"

match for any action "relay"

I defined 2 actions, one from "myserver", it has a label "myrelay" and we use

`auth <secrets>` to tell opensmtpd it needs authentication.

The other action is "openbsd", it will only relay to localhost on port 2525.

To use them, I define 2 matching rules of the very same kind. If the mail that

I want to send match the @domain-name, then choose relay "myserver" or

"openbsd".

The "openbsd" relay is only available when I create a SSH tunnel, binding the

local port 25 of the remote server to my port 2525, with flags

`-L 2525:127.0.0.1:25`.

For a relay using authentication, the login and passwords must be defined in

the file **/etc/mail/secrets** like this: `myrelay login:Pa$W0rd`

[smtpd.conf(5)](http://man.openbsd.org/smtpd.conf) explains creation

of **/etc/mail/secrets** like this:

touch /etc/mail/secrets

chmod 640 /etc/mail/secrets

chown root:_smtpd /etc/mail/secrets

Now, restarts your server. Then if you need to send mails, just use "mail"

command or localhost as a smtp server. Depending on your From address, a

different relay will be used.

Deliveries can be checked in **/var/log/maillog** log file.

See mails in queue

doas smtpctl show queue

Try to deliver now

doas smtpctl schedule all