Hello,
We have a departmental server that serves as a simple mail hub mostly to keep track of internal mailing lists. The /etc/mail/aliases file expands names to our corporate emails or things like mail-SMS gateways. We've used sendmail for years, but I want to switch to OpenSMTPD. The following configuration works fine as long as I use the server's actual name in the destination: listen on lo0 listen on em0 table aliases db:/etc/mail/aliases.db pki selenium.abc.example.com certificate "/etc/ssl/selenium.pem" pki selenium.abc.example.com key "/etc/ssl/private/selenium.key" pki selenium.abc.example.com ca "/etc/ssl/abcchain2.pem" accept for local alias <aliases> deliver to mbox accept from any for any relay Example successful session (translates my first name to my corporate email address): Feb 8 16:12:17 selenium smtpd[30548]: smtp-in: New session 4b0dece7604e2ab4 from host ytterbium.abc.example.com[10.1.217.70] Feb 8 16:12:17 selenium smtpd[30548]: smtp-in: Accepted message a4d2ba61 on session 4b0dece7604e2ab4: from=<bu...@ytterbium.abc.example.com>, to=< mich...@selenium.abc.example.com>, size=488, ndest=1, proto=ESMTP Feb 8 16:12:17 selenium smtpd[30548]: smtp-in: Closing session 4b0dece7604e2ab4 Feb 8 16:12:17 selenium smtpd[30548]: smtp-out: Connecting to smtp+tls:// 10.1.217.34:25 (selenium.abc.example.com) on session 4b0decea9465f088... Feb 8 16:12:17 selenium smtpd[30548]: smtp-out: Connected on session 4b0decea9465f088 Feb 8 16:12:17 selenium smtpd[30548]: smtp-in: New session 4b0deceb7185e55e from host selenium.abc.example.com[10.1.217.34] Feb 8 16:12:17 selenium smtpd[30548]: smtp-in: Accepted message 63dd05ac on session 4b0deceb7185e55e: from=<bu...@ytterbium.abc.example.com>, to=< mich...@selenium.abc.example.com>, size=719, ndest=1, proto=ESMTP Feb 8 16:12:17 selenium smtpd[30548]: relay: Ok for a4d2ba611f5d69f3: session=4b0decea9465f088, from=<bu...@ytterbium.abc.example.com>, to=< mich...@selenium.abc.example.com>, rcpt=<->, source=10.1.217.34, relay=10.1.217.34 (selenium.abc.example.com), delay=0s, stat=250 2.0.0: 63dd05ac Message accepted for delivery Feb 8 16:12:17 selenium smtpd[30548]: smtp-out: Connecting to smtp+tls:// 10.2.33.34:25 (mailhost.example.com) on session 4b0deceed4ae1a78... Feb 8 16:12:17 selenium smtpd[30548]: smtp-out: Connected on session 4b0deceed4ae1a78 Feb 8 16:12:17 selenium smtpd[30548]: smtp-out: Started TLS on session 4b0deceed4ae1a78: version=TLSv1/SSLv3, cipher=DHE-RSA-AES256-SHA, bits=256 Feb 8 16:12:17 selenium smtpd[30548]: smtp-out: Server certificate verification succeeded on session 4b0deceed4ae1a78 Feb 8 16:12:17 selenium smtpd[30548]: relay: Ok for 63dd05ac3126ba1f: session=4b0deceed4ae1a78, from=<bu...@ytterbium.abc.example.com>, to=< michael.b...@example.com>, rcpt=<mich...@selenium.abc.example.com>, source=10.1.217.34, relay=10.2.33.34 (mailhost.example.com), delay=0s, stat=250 2.0.0 Ok: queued as AC2FBCA1FE Feb 8 16:12:27 selenium smtpd[30548]: smtp-in: Closing session 4b0deceb7185e55e Feb 8 16:12:27 selenium smtpd[30548]: smtp-out: Closing session 4b0decea9465f088: 1 message sent. Feb 8 16:12:27 selenium smtpd[30548]: smtp-out: Closing session 4b0deceed4ae1a78: 1 message sent. If I send a message to the server's CNAME, it goes into a loop which is eventually detected and shut down: ... Feb 8 16:14:17 selenium smtpd[30548]: warn: loop detected Feb 8 16:14:17 selenium smtpd[30548]: smtp-in: Failed command on session 4b0decf39bd54111: "DATA" => 500 5.4.6 Routing loop detected: Loop detected Feb 8 16:14:17 selenium smtpd[30548]: relay: PermFail for 63bffc06b4c44cec: session=4b0decf2a712e432, from=< bu...@ytterbium.abc.example.com>, to=<mich...@se.abc.example.com>, rcpt=<->, source=10.1.217.34, relay=10.1.217.34 (selenium.abc.example.com), delay=1s, stat=500 5.4.6 Routing loop detected: Loop detected Feb 8 16:14:18 selenium smtpd[30548]: smtp-in: New session 4b0decf71e1730a5 from host selenium.abc.example.com [local] Feb 8 16:14:18 selenium smtpd[30548]: smtp-in: Accepted message 293cbf9d on session 4b0decf71e1730a5: from=<>, to=<bu...@ytterbium.abc.example.com>, size=23050, ndest=1, proto=ESMTP Feb 8 16:14:18 selenium smtpd[30548]: smtp-in: Closing session 4b0decf71e1730a5 Feb 8 16:14:27 selenium smtpd[30548]: smtp-in: Closing session 4b0decf39bd54111 Feb 8 16:14:27 selenium smtpd[30548]: smtp-out: Closing session 4b0decf2a712e432: 98 messages sent. Feb 8 16:14:45 selenium smtpd[30548]: smtp-out: Error on session 4b0decf6733a5e76: IO Error: No route to host Feb 8 16:14:45 selenium smtpd[30548]: smtp-out: Disabling route [] <-> 10.1.217.70 (ytterbium.abc.example.com) for 800s Feb 8 16:14:45 selenium smtpd[30548]: smtp-out: No valid route for [connector:[]->[relay:ytterbium.abc.example.com],0x0] Feb 8 16:14:51 selenium smtpd[30548]: relay: TempFail for 195cd84d2faa71d4: session=0000000000000000, from=<>, to=< bu...@ytterbium.abc.example.com>, rcpt=<->, source=-, relay= ytterbium.abc.example.com, delay=8m1s, stat=Network error on destination MXs Feb 8 16:14:51 selenium smtpd[30548]: relay: TempFail for 293cbf9db63406a8: session=0000000000000000, from=<>, to=< bu...@ytterbium.abc.example.com>, rcpt=<->, source=-, relay= ytterbium.abc.example.com, delay=33s, stat=Network error on destination MXs I've tried lots of things, including adding a table and using the virtual keyword: listen on lo0 listen on em0 table aliases db:/etc/mail/aliases.db pki selenium.abc.example.com certificate "/etc/ssl/selenium.pem" pki selenium.abc.example.com key "/etc/ssl/private/selenium.key" pki selenium.abc.example.com ca "/etc/ssl/abcchain2.pem" table vhost {se=selenium.abc.example.com, se.abc.example.com= selenium.abc.example.com, fismail2=selenium.abc.example.com, fismail2.abc.example.com=selenium.abc.example.com} accept for local alias <aliases> deliver to mbox accept from any for local virtual <vhost> accept from any for any relay When I do this, mail to the hostname fails with invalid recipient, and mail to the CNAME still loops: Feb 8 16:36:03 selenium smtpd[18798]: smtp-in: New session 08c95e08536690c5 from host ytterbium.abc.example.com[10.1.217.70] Feb 8 16:36:03 selenium smtpd[18798]: smtp-in: Failed command on session 08c95e08536690c5: "RCPT TO:<mich...@selenium.abc.example.com> ORCPT=rfc822;michael@selenium" => 550 Invalid recipient Feb 8 16:36:03 selenium smtpd[18798]: smtp-in: Closing session 08c95e08536690c5 I'm confused about lots of things, though I've read all the documentation I could find. Can anyone point me in the right direction? Thanks, Michael