On Thu, Aug 13, 2020 at 10:35:32AM +0000, Martin wrote:
> OpenSMTPd 6.7.0 OpenBSD 6.7-current on local machine. All machine's traffic
> redirected trough iked IPsec VPN to remote gateway machine and uses PF NAT
> rule first:
>
> match out log on enc0 from 0.0.0.0/0 to 0.0.0.0/0 nat-to 10.100.0.2
>
> where 10.100.0.2 is virtual IP to NAT all local machine's traffic right into
> IPsec VPN tunnel.
>
> Other local machine's services successfully connect to their destinations
> using NAT from local machine's localhost by IPsec VPN.
>
> Logically, smtpd should bind on 127.0.0.1 local machine and expose its
> external remote gateway machine's IP in heloname as configured:
>
> # cat /etc/mail/smtpd.conf
> ...
> table sources {127.0.0.1}
> table helonames {1.2.3.4 = smtp.domain.tld}
> ...
>
You don't show how you use these tables in action definitions in your config.
You need to have something like
action dxxx relay src <sources> helo-src <helonames>
