I have working smtp server on OBSD 6.6 which did it's job successfully using
egress server's IP before IPsec iked tunnel has been implemented.
/etc/mail/smtpd.conf
...
# smptd bound on server's egress interface (early setup with clearnet IP config
without IPsec)
table sources {1.2.3.4}
table helonames {1.2.3.4 = smtp.domain.tld}
...
Now all server's traffic goes trough IKEv2 gateway with NAT, and smtpd runs on
the same server, but now behind IPsec NAT.
The goal is that smtpd should send/receive mail trough IPsec tunnel. smtpd
receives mail successfully but can't send mail trough IPsec tunnel.
Once mail is sent by mail agent, mailq reports "No valid route to destination".
I tried to bind smtpd to localhost and IPsec server's local NAT interface in
smtpd.conf but unsuccessfully:
...
table sources {127.0.0.1}
table helonames {4.3.2.1 = smtp.another-domain.tld}
...
I suppose smtpd uses system default routing table for delivering mail, instead
of using IPsec gateway. And binding smtpd to localhost or IPsec NAT interface
can't solve the problem.
Any suggestions what can be missed or misconfigured?
Martin
