Hi,
Hi,
HI,
Hi, I'm trying to configure SNI,
but it always returns the first pki from my smtp.conf
Here is what my conf looks like for the moment:
# $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $
# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.
pki "*" cert "/etc/ssl/mail.thinkerwim.org.fullchain.pem"
pki "*" key "/etc/ssl/private/mail.thinkerwim.org.key"
pki "*" cert "/etc/ssl/mail.batterijland.com.fullchain.pem"
pki "*" key "/etc/ssl/private/mail.batterijland.com.key"
pki "mail.thinkerwim.org" cert "/etc/ssl/mail.thinkerwim.org.fullchain.pem"
pki "mail.thinkerwim.org" key "/etc/ssl/private/mail.thinkerwim.org.key"
pki "mail.batterijland.com" cert
"/etc/ssl/mail.batterijland.com.fullchain.pem"
pki "mail.batterijland.com" key "/etc/ssl/private/mail.batterijland.com.key"
filter dkimsign_rsa proc-exec "filter-dkimsign -d thinkerwim.org -s
20220705 -k /etc/mail/dkim/private.rsa.key" user _dkimsign group _dkimsign
#filter "rdns" phase connect match !rdns disconnect "550 DNS ERROR"
#filter "fcrdns" phase connect match !fcrdns disconnect "550 DNS ERROR"
table aliases file:/etc/mail/aliases
table batalias file:/etc/mail/batalias
#table virtuals file:/etc/mail/virtuals
#listen directives
listen on all tls pki "*"
#listen on all port 25 tls pki "*"
#listen on all port 587 tls pki hostname mail.thinkerwim.org tls pki
mail.thinkerwim.org auth
#listen on all port 587 tls-require pki hostname auth hostname
listen on all port 587 tls-require pki mail.thinkerwim.org auth hostname
mail.thinkerwim.org
listen on all port 588 tls-require pki mail.batterijland.com auth
hostname mail.batterijland.com
#listen on all port 465 tls-require pki mail.thinkerwim.org auth
hostname mail.thinkerwim.org
listen on lo0 port 10028 tag DKIM
# send mail to maildir ~/.mail for local accounts in alias table
#action "local" maildir "%{user.directory}/.mail" alias <aliases>
action "local" lmtp "/var/dovecot/lmtp" alias <aliases>
action "batlocal" lmtp "/var/dovecot/lmtp" rcpt-to virtual <batalias>
action "relay" relay helo mail.thinkerwim.org
action "relay_dkim" relay host smtp://127.0.0.1:10027
# thinkerwim.org
match from any for domain "thinkerwim.org" action "local"
match from any for domain "batterijland.com" action "batlocal"
#match from any for domain {"thinkerwim.org","batterijland.com"} action
"local"
# local
match for local action "local"
# dkim
match tag DKIM for any action "relay"
##match auth from any for any action "relay"
match auth from any for any action "relay_dkim"
Thanks
Wim Stockman
