Last active
June 2, 2018 16:32
-
-
Save gretel/e56956f05cc59682195ade6a089c28db to your computer and use it in GitHub Desktop.
openbsd 6.3-current new grammer opensmtpd configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://gist.github.com/gretel/e56956f05cc59682195ade6a089c28db | |
# tables | |
table aliases file:/etc/mail/aliases | |
table domains file:/etc/mail/domains | |
table passwd file:/etc/mail/passwd | |
table secrets file:/etc/mail/secrets | |
table deny db:/etc/mail/deny.db | |
table receip db:/etc/mail/receip.db | |
table sender db:/etc/mail/senders.db | |
# tls | |
ca mail.jitter.eu cert "/etc/ssl/letsencrypt-ca.pem" | |
pki mail.jitter.eu cert "/etc/ssl/jitter.eu.fullchain.pem" | |
pki mail.jitter.eu key "/etc/ssl/private/jitter.eu.key" | |
pki mail.jitter.eu dhe auto | |
# options | |
set smtp max-message-size 50M | |
set queue encryption "dec4d2291d3384106242a4576f0c6ee3" | |
set queue compression | |
# listeners | |
listen on lo0 hostname mail.jitter.eu tls received-auth | |
listen on lo0 hostname mail.jitter.eu smtps auth <passwd> senders <sender> received-auth | |
listen on lo0 hostname mail.jitter.eu port submission tls-require auth <passwd> senders <sender> received-auth | |
# inbound | |
##action "lmtp-local" mda "/usr/libexec/mail.lmtp -d unix:/var/dovecot/lmtp -f %{sender} %{rcpt.user}" virtual <receip> | |
##action "lmtp-local" lmtp "unix:/var/dovecot/lmtp" | |
action "lmtp-local" maildir alias <aliases> | |
# outbound | |
action "relay" relay host "tls+auth://mail-user@email-smtp.eu-west-1.amazonaws.com" auth <secrets> helo "mail.jitter.eu" | |
# blacklist | |
match mail-from <deny> reject | |
# local-local | |
match from local for local action "lmtp-local" | |
# internet-auth-local | |
match tls from any for domain <domains> action "lmtp-local" | |
# internet-receip-local | |
match from any rcpt-to <receip> action "lmtp-local" | |
# local-auth-internet | |
match auth from any ! for domain <domains> action "relay" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment