On Mon, 15 Nov 2021 11:43:41 +0100 "R. Diez" <rdiezmail-te...@yahoo.de> wrote:
> Hi all: > > I am not an actual sysadmin, not even part time. I don't know much > about e-mail servers, and I get the shivers just by looking at the > table of contents of the documentation for Exim or Postfix. > ... > > Thanks in advance, > rdiez > There are lots of pretty general tutorials for getting OpenSMTPD setup. Here are a couple that helped me: First one is from Gilles Chehade (one of main opensmtpd authors) https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/ https://unixsheikh.com/tutorials/arch-linux-mail-server-tutorial-part-2-opensmtpd-dovecot-dkimproxy-and-lets-encrypt.html I even did my own little tutorial for outgoing mail only: https://simonh.uk/2021/04/16/opensmtpd-for-outgoing-mail-only/ As we all have slightly different requirements, I doubt anyone will have a smtpd.conf that is exactly what you need. Below is one of my conf's in use on a production server for a few months now. Bear in mind, I only use for outgoing mail and don't use a relay. /etc/smtpd.conf # $OpenBSD: smtpd.conf,v 1.10 2018/05/24 11:40:17 gilles Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. table aliases file:/etc/aliases pki somedomain.com key "/etc/letsencrypt/live/somedomain.com/privkey.pem" pki somedomain.com cert "/etc/letsencrypt/live/somedomain.com/fullchain.pem" filter dkimsign proc-exec "filter-dkimsign -d somedomain.com \ -s 20210724 -k /etc/mail/dkim/private.rsa.key" user _dkimsign \ group _dkimsign filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } \ disconnect "550 no residential connections" filter check_rdns phase connect match !rdns \ disconnect "550 no rDNS is so 80s" filter check_fcrdns phase connect match !fcrdns \ disconnect "550 no FCrDNS is so 80s" action "local" maildir alias <aliases> action "relay" relay match for local action "local" match from local for any action "relay" match from any for domain "somedomain.com" action "local" listen on socket filter "dkimsign" listen on localhost filter "dkimsign" listen on eth0 port 25 tls pki somedomain.com filter { "dkimsign",\ check_dyndns, check_rdns, check_fcrdns } Good luck. -- Web: https://simonh.uk Email: m...@simonh.uk
