Hi all,
I am using Hyperbola distro with the following packages:
* opensmtpd 6.4.2p1
* dkimproxy 1.4.1
I have installed a mail server to send and receive emails with my own
domain with the following configurations:
* "smtp.libreware.info" as server
* "libreware.info" as email address
* "dusseldorf.libreware.info" as PTR in IPv4
* "smtp.libreware.info" as PTR in IPv6
Features that works well:
* Accessing to port 587 SMTP+TLS
* Receiving from itself and from another smtp servers around internet
(eg. riseup.net emails)
* Sending emails to itself and another @libreware.info users
Issues:
* Port 25 to send emails has not been tested
* Localhost network has not been tested
* Accessing to port 465 (SMTPS) is not working
* Sending email to another smtp servers (eg. f...@libreware.info ->
b...@example.com) is not working by generating 550 error (550 Invalid
recipient)
--------------------
smtpd.conf:
## This is the smtpd server system-wide configuration file.
## See smtpd.conf(5), aliases(5) and table(5) for more information.
ca smtp.libreware.info cert
'/etc/letsencrypt/archive/libreware.info/chain1.pem'
bounce warn-interval '4h'
mta max-deferred 100
pki smtp.libreware.info cert
'/etc/letsencrypt/archive/libreware.info/fullchain1.pem'
pki smtp.libreware.info dhe auto
pki smtp.libreware.info key
'/etc/letsencrypt/archive/libreware.info/privkey1.pem'
queue compression
queue ttl '4d'
smtp ciphers
'HIGH:AES128:!aNULL:!kDH:!kPSK:!NULL:!kRSA:!kRSAPSK:SHA:SHA256:SHA384:!TLSv1'
smtp max-message-size '35M'
smtp sub-addr-delim '+'
table aliases '/etc/smtpd/tables.d/aliases.conf'
table credentials '/etc/smtpd/tables.d/credentials.conf'
table domains '/etc/smtpd/tables.d/domains.conf'
table hostnames_inet '/etc/smtpd/tables.d/hostnames.conf'
table virtuals '/etc/smtpd/tables.d/virtuals.conf'
action deliver_to_inet maildir
'/var/mail/%{user.username}/inbox' \
alias <aliases>
action deliver_to_local maildir
'/var/mail/%{user.username}/inbox' \
virtual <virtuals>
action relay_to_inet_smtp relay
helo-src <hostnames_inet>
action relay_to_inet_subm relay
\
helo-src <hostnames_inet>
\
host
smtp+tls://la...@smtp.libreware.info:25 \
auth <credentials>
action relay_to_inet_subms relay
\
helo-src <hostnames_inet>
\
host
smtp+tls://la...@smtp.libreware.info:25 \
auth <credentials>
action relay_to_local relay
listen on lo port 24 \
tag lmtp_local
listen on eth0 auth-optional <credentials> \
ca smtp.libreware.info \
hostnames <hostnames_inet> \
mask-src \
pki smtp.libreware.info \
port 25 \
tag smtp_server_starttls \
tls-require
listen on eth0 auth <credentials> \
ca smtp.libreware.info \
hostnames <hostnames_inet> \
mask-src \
pki smtp.libreware.info \
port 465 \
smtps \
tag smtps_submission
listen on eth0 auth <credentials> \
ca smtp.libreware.info \
hostnames <hostnames_inet> \
mask-src \
pki smtp.libreware.info \
port 587 \
tag smtp_submission_starttls \
tls-require
match for domain <domains> \
from any \
action deliver_to_inet
match for local \
from local \
action deliver_to_local
match for any \
from local \
tag lmtp_local \
action relay_to_local
match for any \
from local \
tag smtp_server_starttls \
action relay_to_inet_smtp
match for any \
from local \
tag smtp_submission_starttls \
action relay_to_inet_subm
match for any \
from local \
tag smtps_submission \
action relay_to_inet_subms
--------------------
DNS Records (with DNSSEC included):
TTL=900
libreware.info A 130.255.76.200
libreware.info AAAA 2a02:e00:ffec:45c::1
libreware.info MX 10
smtp.libreware.info
libreware.info TXT "v=spf1
a mx -all"
smtp.libreware.info A 130.255.76.200
smtp.libreware.info AAAA 2a02:e00:ffec:45c::7
smtp.libreware.info MX 10
smtp.libreware.info
smtp.libreware.info TXT "v=spf1
a mx -all"
dusseldorf.libreware.info A 130.255.76.200
dusseldorf.libreware.info AAAA 2a02:e00:ffec:45c::1
dusseldorf.libreware.info MX 10
smtp.libreware.info
dusseldorf.libreware.info TXT "v=spf1
a mx -all"
...others... TXT "v=spf1
a mx -all"
_25._tcp. TLSA 3 1 2
...sha512hash...
_25._tcp.smtp TLSA 3 1 2
...sha512hash...
_25._tcp.dusseldorf TLSA 3 1 2
...sha512hash...
_465.tcp. TLSA 3 1 2
...sha512hash...
_465.tcp.smtp TLSA 3 1 2
...sha512hash...
_465.tcp.dusseldorf TLSA 3 1 2
...sha512hash...
_587.tcp. TLSA 3 1 2
...sha512hash...
_587.tcp.smtp TLSA 3 1 2
...sha512hash...
_587.tcp.dusseldorf TLSA 3 1 2
...sha512hash...
_submission._tcp SRV 10 0 587
smtp.libreware.info
_submissions._tcp SRV 10 0 465
smtp.libreware.info
dusseldorf._domainkey TXT
"v=DKIM1;h=sha256;k=rsa;s=email;p=..."
_dmarc TXT
"v=DMARC1;p=quarantine;pct=20;adkim=s;aspf=s;sp=quarantine;rf=afrf;ri=86400;fo=1;rua=mailto=sysad...@libreware.info;ruf=mailto=sysad...@libreware.info;
Note: DMARC has been added to the DNS Records, however it is not being
used yet
-------------------------
Test 1 - mar...@libreware.info: -> mar...@libreware.info
* Account '/var/mail/marcio': Connecting to SMTP server:
smtp.libreware.info:587...
[17:33:08] SMTP< 220 dusseldorf.libreware.info ESMTP OpenSMTPD
[17:33:08] ESMTP> EHLO smtp.libreware.info
[17:33:08] ESMTP< 250-dusseldorf.libreware.info Hello
smtp.libreware.info [167.57.83.20], pleased to meet you
[17:33:09] ESMTP< 250-8BITMIME
[17:33:09] ESMTP< 250-ENHANCEDSTATUSCODES
[17:33:09] ESMTP< 250-SIZE 36700160
[17:33:09] ESMTP< 250-DSN
[17:33:09] ESMTP< 250-STARTTLS
[17:33:09] ESMTP< 250 HELP
[17:33:09] ESMTP> STARTTLS
[17:33:09] ESMTP< 220 2.0.0: Ready to start TLS
[17:33:10] ESMTP> EHLO smtp.libreware.info
[17:33:10] ESMTP< 250-dusseldorf.libreware.info Hello
smtp.libreware.info [public_ipv4], pleased to meet you
[17:33:10] ESMTP< 250-8BITMIME
[17:33:10] ESMTP< 250-ENHANCEDSTATUSCODES
[17:33:10] ESMTP< 250-SIZE 36700160
[17:33:10] ESMTP< 250-DSN
[17:33:10] ESMTP< 250-AUTH PLAIN LOGIN
[17:33:10] ESMTP< 250 HELP
[17:33:10] ESMTP> [AUTH PLAIN]
[17:33:10] ESMTP< 235 2.0.0: Authentication succeeded
[17:33:10] ESMTP> MAIL FROM:<mar...@libreware.info> SIZE=989
[17:33:10] SMTP< 250 2.0.0: Ok
[17:33:10] SMTP> RCPT TO:<mar...@libreware.info>
[17:33:11] SMTP< 250 2.1.5 Destination address valid: Recipient ok
[17:33:11] SMTP> DATA
[17:33:11] SMTP< 354 Enter mail, end with "." on a line by itself
[17:33:11] SMTP> . (EOM)
[17:33:12] SMTP< 250 2.0.0: 9962f78e Message accepted for delivery
* Mail sent successfully.
[17:33:12] SMTP> QUIT
[17:33:12] SMTP< 221 2.0.0: Bye
-----------------------------
Test 2 - mar...@libreware.info -> hyperb...@yopmail.com
* Account '/var/mail/marcio': Connecting to SMTP server:
smtp.libreware.info:587...
[17:34:15] SMTP< 220 dusseldorf.libreware.info ESMTP OpenSMTPD
[17:34:15] ESMTP> EHLO smtp.libreware.info
[17:34:15] ESMTP< 250-dusseldorf.libreware.info Hello
smtp.libreware.info [public_ipv4], pleased to meet you
[17:34:15] ESMTP< 250-8BITMIME
[17:34:15] ESMTP< 250-ENHANCEDSTATUSCODES
[17:34:15] ESMTP< 250-SIZE 36700160
[17:34:15] ESMTP< 250-DSN
[17:34:15] ESMTP< 250-STARTTLS
[17:34:15] ESMTP< 250 HELP
[17:34:15] ESMTP> STARTTLS
[17:34:16] ESMTP< 220 2.0.0: Ready to start TLS
[17:34:16] ESMTP> EHLO smtp.libreware.info
[17:34:17] ESMTP< 250-dusseldorf.libreware.info Hello
smtp.libreware.info [public_ipv4], pleased to meet you
[17:34:17] ESMTP< 250-8BITMIME
[17:34:17] ESMTP< 250-ENHANCEDSTATUSCODES
[17:34:17] ESMTP< 250-SIZE 36700160
[17:34:17] ESMTP< 250-DSN
[17:34:17] ESMTP< 250-AUTH PLAIN LOGIN
[17:34:17] ESMTP< 250 HELP
[17:34:17] ESMTP> [AUTH PLAIN]
[17:34:17] ESMTP< 235 2.0.0: Authentication succeeded
[17:34:17] ESMTP> MAIL FROM:<mar...@libreware.info> SIZE=989
[17:34:17] SMTP< 250 2.0.0: Ok
[17:34:17] SMTP> RCPT TO:<hyperb...@yopmail.com>
[17:34:18] SMTP< 550 Invalid recipient
** error occurred on SMTP session
*** Error occurred while sending the message:
550 Invalid recipient
-----------------------------------
Thank you very much in advance!
Marcio
