a few more questions

Sun, 18 Jan 2015 14:26:13 -0800

I added another host and test user and everything seems to be working. Reread smtpd.conf(5) and feel good about this setup. A few questions remain. When I connect from my home pc with: 

$ mutt -f imap://t...@test.pettijohn-web.com@test.pettijohn-web.com
and send an email to myself the from address is t...@test.my.domain instead of what it should be. However, when using thunderbird it works as expected. It also does not present the proper cert for the new domain. From the man page: 

#pki listen context
The *hostnames* parameter overrides the server name for specific addresses. Table /names/ contains a mapping of IP addresses to hostnames and smtpd(8) <http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd&sec=8> will use the hostname that matches the address on which the connection arrives if it is found in the mapping.
If all virtual domains map to the same ip then this <names> table won't work. 

#pki relay context
When relaying, STARTTLS is always attempted if available on remote host and OpenSMTPD will try to present a certificate matching the outgoing hostname if one is registered in the pki. If pki is specified, the certificate registered for pkiname is used instead.
Is there a way to make the listen work like the relay and just use the matching cert? 

# cat /etc/mail/smtpd.conf
#       $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

table aliases db:/etc/mail/aliases.db
table vdomains db:/etc/mail/vdomains.db
table vusers db:/etc/mail/vusers.db

pki test.pettijohn-web.com certificate "/etc/ssl/test.pettijohn-web.com.crt"
pki test.pettijohn-web.com key "/etc/ssl/private/test.pettijohn-web.com.key"
pki openbsd.pettijohn-web.com certificate "/etc/ssl/openbsd.pettijohn-web.com.crt" pki openbsd.pettijohn-web.com key "/etc/ssl/private/openbsd.pettijohn-web.com.key" 

listen on egress tls
listen on lo0

queue compression
queue encryption key f61de1a07fba7ccd57af89df8c28fc1f

accept from any for domain <vdomains> virtual <vusers> deliver to mda \
        "/usr/local/libexec/dovecot/dovecot-lda -f %{sender} -d %{rcpt}"
accept for local alias <aliases> deliver to maildir
accept from any for any relay


Thanks,

Edgar

Reply via email to