Hello OpenSMTPD users,
I've settled on the following config, could you double check that I've
not missed something obvious, or am I open to any form of attack with
such a config, do you see something I could bulletproof?
Thanks for your time.
Philippe
--8<--
pki strauss.vserver.nimag.net cert
"/etc/letsencrypt/live/strauss.vserver.nimag.net-0001/fullchain.pem"
pki strauss.vserver.nimag.net key
"/etc/letsencrypt/live/strauss.vserver.nimag.net-0001/privkey.pem"
table aliases file:/etc/aliases
filter "rspamd-in" proc-exec "/usr/libexec/opensmtpd/filter-rspamd"
filter "rspamd-out" proc-exec "/usr/libexec/opensmtpd/filter-rspamd
-settings-id outgoing"
listen on lo filter "rspamd-in"
listen on eth0 port 25 tls pki strauss.vserver.nimag.net filter
"rspamd-in"
listen on eth0 port 465 tls pki strauss.vserver.nimag.net auth filter
"rspamd-out"
action delivery maildir junk alias <aliases>
action "outbound" relay
match for local action delivery
match from any for domain straussaudio.ch action delivery
match auth from any for any action "outbound"
--
Philippe Strauss
https://straussaudio.ch
