As many readers may be aware, the venerable Sendmail has been the default mail daemon in OpenBSD for years. This is largely because it is the only reasonable BSD-licensed mail server around. Personally, I have never trusted Sendmail enough to use it on any of my hosts - despite the fact that it has been audited by the OpenBSD team. It has a Byzantine configuration which I could never figure out, and perhaps more importantly has a terrible security record, owing at least partly to its monolithic single-process design. So I've always used either Qmail or more recently
smtpd is not enabled by default. In order to use it as the system mailer, ensure the mail queue is empty, then stop sendmail(8): # pkill sendmail Modify the current mailwrapper(8) settings by editing /etc/mailer.conf: sendmail /usr/sbin/smtpctl send-mail /usr/sbin/smtpctl mailq /usr/sbin/smtpctl makemap /usr/libexec/smtpd/makemap newaliases /usr/libexec/smtpd/makemap Rebuild the aliases database, and enable the daemon: # newaliases # echo "sendmail_flags=NO" >> /etc/rc.conf.local # echo "smtpd_flags=" >> /etc/rc.conf.local # smtpdNote that while debugging your setup, you might find running smtpd in verbose foreground mode via `smtpd -dv' useful. OpenSMTPd configuration I'm very impressed at how simple and clean the OpenSMTPd configuration is. Check out the docs here. There are some more docs and example configs at Calomel.org. It still took me a little while to figure out a few things, so I thought I'd post my configurations to help others. Using OpenSMTPd as a Backup MX I've been using Postfix as a backup MX for unworkable.org. I decided to try OpenSMTPd in this role instead.
listen on lo0
listen on bnx0
map "aliases" { source db "/etc/mail/aliases.db" }
accept from all for local deliver to mbox
accept for all relay
accept from all for domain "unworkable.org" relay
The configuration is pretty straight forward once you are aware that the default 'from' is 'local' - that is why its necessary to add `accept from all' to accept mail from the outside world.
Relaying mail to another SMTP server for delivery (nullmailer) with SSL
I use Mutt as my MUA. Mutt assumes you have a local MTA to deliver mail. This means you need to use something like nullmailer or msmtp. Until now. My ISP (sonic.net) doesn't let me use port 25, so I have to relay to their SMTP server to send mail,
listen on lo0
map aliases { source db "/etc/mail/aliases.db" }
map secrets { source db "/etc/mail/secrets.db" }
accept for local deliver to maildir
accept for all relay via smtp.sonic.net ssl enable auth
The /etc/mail/secrets.db file is generated from a map, /etc/mail/secrets. This file includes your username and password - check out the smtpd.conf manual page for details.
Niall O'Higgins is an author and software developer. He wrote the O'Reilly book MongoDB and Python. He also develops Strider Open Source Continuous Deployment and offers full-stack consulting services at FrozenRidge.co.
Tweet