I added another host and test user and everything seems to be working.
Reread smtpd.conf(5) and feel good about this setup. A few questions
remain. When I connect from my home pc with:
$ mutt -f imap://t...@test.pettijohn-web.com@test.pettijohn-web.com
and send an email to myself the from address is t...@test.my.domain
instead of what it should be. However, when using thunderbird it works
as expected. It also does not present the proper cert for the new
domain. From the man page:
#pki listen context
The *hostnames* parameter overrides the server name for specific
addresses. Table /names/ contains a mapping of IP addresses to hostnames
and smtpd(8) <http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd&sec=8>
will use the hostname that matches the address on which the connection
arrives if it is found in the mapping.
If all virtual domains map to the same ip then this <names> table won't
work.
#pki relay context
When relaying, STARTTLS is always attempted if available on remote host
and OpenSMTPD will try to present a certificate matching the outgoing
hostname if one is registered in the pki. If pki is specified, the
certificate registered for pkiname is used instead.
Is there a way to make the listen work like the relay and just use the
matching cert?
# cat /etc/mail/smtpd.conf
# $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $
# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.
table aliases db:/etc/mail/aliases.db
table vdomains db:/etc/mail/vdomains.db
table vusers db:/etc/mail/vusers.db
pki test.pettijohn-web.com certificate "/etc/ssl/test.pettijohn-web.com.crt"
pki test.pettijohn-web.com key "/etc/ssl/private/test.pettijohn-web.com.key"
pki openbsd.pettijohn-web.com certificate
"/etc/ssl/openbsd.pettijohn-web.com.crt"
pki openbsd.pettijohn-web.com key
"/etc/ssl/private/openbsd.pettijohn-web.com.key"
listen on egress tls
listen on lo0
queue compression
queue encryption key f61de1a07fba7ccd57af89df8c28fc1f
accept from any for domain <vdomains> virtual <vusers> deliver to mda \
"/usr/local/libexec/dovecot/dovecot-lda -f %{sender} -d %{rcpt}"
accept for local alias <aliases> deliver to maildir
accept from any for any relay
Thanks,
Edgar