OpenSMTPd 6.7.0 OpenBSD 6.7-current on local machine. All machine's traffic
redirected trough iked IPsec VPN to remote gateway machine and uses PF NAT rule
first:
match out log on enc0 from 0.0.0.0/0 to 0.0.0.0/0 nat-to 10.100.0.2
where 10.100.0.2 is virtual IP to NAT all local machine's traffic right into
IPsec VPN tunnel.
Other local machine's services successfully connect to their destinations using
NAT from local machine's localhost by IPsec VPN.
Logically, smtpd should bind on 127.0.0.1 local machine and expose its external
remote gateway machine's IP in heloname as configured:
# cat /etc/mail/smtpd.conf
...
table sources {127.0.0.1}
table helonames {1.2.3.4 = smtp.domain.tld}
...
But any attempt to send mail returns errors as shown below and no messages are
sent to their destinations in result.
smtpd [95677]: smtp-out: Error on 127.0.0.1 <-> 199.185.178.25
(mail.openbsd.org): Failed to retrieve helo string
smtpd [95677]: smtp-out: Disabling route 127.0.0.1 <-> 199.185.178.25
(mail.openbsd.org) for 15s
smtpd [95677]: 0000000000000000 mta delivery evpid=9f2a1cf3a8e83deb
from=<[email protected]> to=<[email protected]> rcpt=<-> source"-"
relay="openbsd.org" delay=6m42s result="TempFail" stat="No valid route to
destionatin"
smtpd [95677]: smtp-out: Enabling route 127.0.0.1 <-> 199.185.178.25
(mail.openbsd.org)
Telnet connects from local machine to 199.185.178.25 successfully.
# telnet 199.185.178.25 25
Trying 199.185.178.25...
Connected to 199.185.178.25
Escape character is '^]'.
220 mail.openbsd.org ESMTP mail.openbsd.org; Thu Aug 13 04:26:10 2020
Please advice what I did wrong in configuring smtpd?
Can smtpd send messages in any way stays behind IPsec VPN NAT?
Martin
