On Fri, Sep 13, 2019 at 08:04:12PM -0300, marcio_silva wrote: > Hi all, > > I am using Hyperbola distro with the following packages: > > * opensmtpd 6.4.2p1 > * dkimproxy 1.4.1 > > I have installed a mail server to send and receive emails with my own domain > with the following configurations: > > * "smtp.libreware.info" as server > * "libreware.info" as email address > * "dusseldorf.libreware.info" as PTR in IPv4 > * "smtp.libreware.info" as PTR in IPv6 > > Features that works well: > > * Accessing to port 587 SMTP+TLS > * Receiving from itself and from another smtp servers around internet (eg. > riseup.net emails) > * Sending emails to itself and another @libreware.info users > > Issues: > > * Port 25 to send emails has not been tested > * Localhost network has not been tested > * Accessing to port 465 (SMTPS) is not working > * Sending email to another smtp servers (eg. f...@libreware.info -> > b...@example.com) is not working by generating 550 error (550 Invalid > recipient) > > -------------------- > > smtpd.conf: > > ## This is the smtpd server system-wide configuration file. > ## See smtpd.conf(5), aliases(5) and table(5) for more information. > > ca smtp.libreware.info cert > '/etc/letsencrypt/archive/libreware.info/chain1.pem' > > bounce warn-interval '4h' > > mta max-deferred 100 > > pki smtp.libreware.info cert > '/etc/letsencrypt/archive/libreware.info/fullchain1.pem' > pki smtp.libreware.info dhe auto > pki smtp.libreware.info key > '/etc/letsencrypt/archive/libreware.info/privkey1.pem' > > queue compression > queue ttl '4d' > > smtp ciphers > 'HIGH:AES128:!aNULL:!kDH:!kPSK:!NULL:!kRSA:!kRSAPSK:SHA:SHA256:SHA384:!TLSv1' > smtp max-message-size '35M' > smtp sub-addr-delim '+' > > table aliases '/etc/smtpd/tables.d/aliases.conf' > table credentials '/etc/smtpd/tables.d/credentials.conf' > table domains '/etc/smtpd/tables.d/domains.conf' > table hostnames_inet '/etc/smtpd/tables.d/hostnames.conf' > table virtuals '/etc/smtpd/tables.d/virtuals.conf' > > > > action deliver_to_inet maildir > '/var/mail/%{user.username}/inbox' \ > alias <aliases> > action deliver_to_local maildir > '/var/mail/%{user.username}/inbox' \ > virtual <virtuals> > action relay_to_inet_smtp relay > helo-src <hostnames_inet> > action relay_to_inet_subm relay > \ > helo-src <hostnames_inet> > \ > host > smtp+tls://la...@smtp.libreware.info:25 \ > auth <credentials> > action relay_to_inet_subms relay > \ > helo-src <hostnames_inet> > \ > host > smtp+tls://la...@smtp.libreware.info:25 \ > auth <credentials> > action relay_to_local relay > > listen on lo port 24 \ > tag lmtp_local > listen on eth0 auth-optional <credentials> > \ > ca smtp.libreware.info \ > hostnames <hostnames_inet> \ > mask-src \ > pki smtp.libreware.info \ > port 25 \ > tag smtp_server_starttls \ > tls-require > listen on eth0 auth <credentials> > \ > ca smtp.libreware.info \ > hostnames <hostnames_inet> \ > mask-src \ > pki smtp.libreware.info \ > port 465 \ > smtps \ > tag smtps_submission > listen on eth0 auth <credentials> > \ > ca smtp.libreware.info \ > hostnames <hostnames_inet> \ > mask-src \ > pki smtp.libreware.info \ > port 587 \ > tag smtp_submission_starttls \ > tls-require > Need to add rules to match authenticated users.
match auth from any for any action ... match auth from any for domain <domains> action ... > match for domain <domains> \ > from any \ > action deliver_to_inet > match for local \ > from local \ > action deliver_to_local > match for any \ > from local \ > tag lmtp_local \ > action relay_to_local > match for any \ > from local \ > tag smtp_server_starttls \ > action relay_to_inet_smtp > match for any \ > from local \ > tag smtp_submission_starttls \ > action relay_to_inet_subm > match for any \ > from local \ > tag smtps_submission \ > action relay_to_inet_subms > > -------------------- > > DNS Records (with DNSSEC included): > > TTL=900 > > libreware.info A 130.255.76.200 > libreware.info AAAA 2a02:e00:ffec:45c::1 > libreware.info MX 10 smtp.libreware.info > libreware.info TXT "v=spf1 a mx > -all" > smtp.libreware.info A 130.255.76.200 > smtp.libreware.info AAAA 2a02:e00:ffec:45c::7 > smtp.libreware.info MX 10 smtp.libreware.info > smtp.libreware.info TXT "v=spf1 a mx > -all" > dusseldorf.libreware.info A 130.255.76.200 > dusseldorf.libreware.info AAAA 2a02:e00:ffec:45c::1 > dusseldorf.libreware.info MX 10 smtp.libreware.info > dusseldorf.libreware.info TXT "v=spf1 a mx > -all" > > ..others... TXT "v=spf1 a mx > -all" > > _25._tcp. TLSA 3 1 2 ..sha512hash... > _25._tcp.smtp TLSA 3 1 2 ..sha512hash... > _25._tcp.dusseldorf TLSA 3 1 2 ..sha512hash... > _465.tcp. TLSA 3 1 2 ..sha512hash... > _465.tcp.smtp TLSA 3 1 2 ..sha512hash... > _465.tcp.dusseldorf TLSA 3 1 2 ..sha512hash... > _587.tcp. TLSA 3 1 2 ..sha512hash... > _587.tcp.smtp TLSA 3 1 2 ..sha512hash... > _587.tcp.dusseldorf TLSA 3 1 2 ..sha512hash... > _submission._tcp SRV 10 0 587 > smtp.libreware.info > _submissions._tcp SRV 10 0 465 > smtp.libreware.info > dusseldorf._domainkey TXT "v=DKIM1;h=sha256;k=rsa;s=email;p=..." > _dmarc TXT > "v=DMARC1;p=quarantine;pct=20;adkim=s;aspf=s;sp=quarantine;rf=afrf;ri=86400;fo=1;rua=mailto=sysad...@libreware.info;ruf=mailto=sysad...@libreware.info; > > Note: DMARC has been added to the DNS Records, however it is not being used > yet > > ------------------------- > > Test 1 - mar...@libreware.info: -> mar...@libreware.info > > * Account '/var/mail/marcio': Connecting to SMTP server: > smtp.libreware.info:587... > [17:33:08] SMTP< 220 dusseldorf.libreware.info ESMTP OpenSMTPD > [17:33:08] ESMTP> EHLO smtp.libreware.info > [17:33:08] ESMTP< 250-dusseldorf.libreware.info Hello smtp.libreware.info > [167.57.83.20], pleased to meet you > [17:33:09] ESMTP< 250-8BITMIME > [17:33:09] ESMTP< 250-ENHANCEDSTATUSCODES > [17:33:09] ESMTP< 250-SIZE 36700160 > [17:33:09] ESMTP< 250-DSN > [17:33:09] ESMTP< 250-STARTTLS > [17:33:09] ESMTP< 250 HELP > [17:33:09] ESMTP> STARTTLS > [17:33:09] ESMTP< 220 2.0.0: Ready to start TLS > [17:33:10] ESMTP> EHLO smtp.libreware.info > [17:33:10] ESMTP< 250-dusseldorf.libreware.info Hello smtp.libreware.info > [public_ipv4], pleased to meet you > [17:33:10] ESMTP< 250-8BITMIME > [17:33:10] ESMTP< 250-ENHANCEDSTATUSCODES > [17:33:10] ESMTP< 250-SIZE 36700160 > [17:33:10] ESMTP< 250-DSN > [17:33:10] ESMTP< 250-AUTH PLAIN LOGIN > [17:33:10] ESMTP< 250 HELP > [17:33:10] ESMTP> [AUTH PLAIN] > [17:33:10] ESMTP< 235 2.0.0: Authentication succeeded > [17:33:10] ESMTP> MAIL FROM:<mar...@libreware.info> SIZE=989 > [17:33:10] SMTP< 250 2.0.0: Ok > [17:33:10] SMTP> RCPT TO:<mar...@libreware.info> > [17:33:11] SMTP< 250 2.1.5 Destination address valid: Recipient ok > [17:33:11] SMTP> DATA > [17:33:11] SMTP< 354 Enter mail, end with "." on a line by itself > [17:33:11] SMTP> . (EOM) > [17:33:12] SMTP< 250 2.0.0: 9962f78e Message accepted for delivery > * Mail sent successfully. > [17:33:12] SMTP> QUIT > [17:33:12] SMTP< 221 2.0.0: Bye > > ----------------------------- > > Test 2 - mar...@libreware.info -> hyperb...@yopmail.com > > * Account '/var/mail/marcio': Connecting to SMTP server: > smtp.libreware.info:587... > [17:34:15] SMTP< 220 dusseldorf.libreware.info ESMTP OpenSMTPD > [17:34:15] ESMTP> EHLO smtp.libreware.info > [17:34:15] ESMTP< 250-dusseldorf.libreware.info Hello smtp.libreware.info > [public_ipv4], pleased to meet you > [17:34:15] ESMTP< 250-8BITMIME > [17:34:15] ESMTP< 250-ENHANCEDSTATUSCODES > [17:34:15] ESMTP< 250-SIZE 36700160 > [17:34:15] ESMTP< 250-DSN > [17:34:15] ESMTP< 250-STARTTLS > [17:34:15] ESMTP< 250 HELP > [17:34:15] ESMTP> STARTTLS > [17:34:16] ESMTP< 220 2.0.0: Ready to start TLS > [17:34:16] ESMTP> EHLO smtp.libreware.info > [17:34:17] ESMTP< 250-dusseldorf.libreware.info Hello smtp.libreware.info > [public_ipv4], pleased to meet you > [17:34:17] ESMTP< 250-8BITMIME > [17:34:17] ESMTP< 250-ENHANCEDSTATUSCODES > [17:34:17] ESMTP< 250-SIZE 36700160 > [17:34:17] ESMTP< 250-DSN > [17:34:17] ESMTP< 250-AUTH PLAIN LOGIN > [17:34:17] ESMTP< 250 HELP > [17:34:17] ESMTP> [AUTH PLAIN] > [17:34:17] ESMTP< 235 2.0.0: Authentication succeeded > [17:34:17] ESMTP> MAIL FROM:<mar...@libreware.info> SIZE=989 > [17:34:17] SMTP< 250 2.0.0: Ok > [17:34:17] SMTP> RCPT TO:<hyperb...@yopmail.com> > [17:34:18] SMTP< 550 Invalid recipient > ** error occurred on SMTP session > *** Error occurred while sending the message: > 550 Invalid recipient > > ----------------------------------- > > Thank you very much in advance! > Marcio >