Date: 2023-05-04 Last update: 2024-11-17 Simple mail server with SMTPD and Mail util on OpenBSD ------------------------------------------------------ This is easy-peasy task if your IP address or whole IP range is not blacklisted. If that is the case, no any setup will help you. You have to fix that issue by changing your server/IP provider. I don't recommend to run a mail server on these well known big VPS providers. Their IP ranges are often blocked, blacklisted and treated badly. Currently they often block port 25 by default anyway. ---------------------------------------------------------------------- # cat /etc/mail/smtpd.conf table aliases file:/etc/mail/aliases pki morena.rip cert "/etc/ssl/morena.rip.fullchain.pem" pki morena.rip key "/etc/ssl/private/morena.rip.key" filter dkimsign proc-exec "filter-dkimsign -d morena.rip -s mail \ -k /etc/mail/dkim/private.rsa.key" user _dkimsign group _dkimsign listen on socket filter "dkimsign" mask-src listen on lo0 filter "dkimsign" mask-src listen on re0 tls pki morena.rip action "local_mail" mbox alias action "outbound" relay helo rat.morena.rip match from any for domain "morena.rip" action "local_mail" match from local for local action "local_mail" match from local for any action "outbound" ---------------------------------------------------------------------- I somehow managed to create self-signed certificate, I already have no idea how ;/ You have to figure it out youself. I assume you will copy & paste from some random website you find first ;/ Some may use some certificate from a fake authority, I don't like that idea. This certificate is not really necessary, it is there for other mail servers, that they can upgrade a connection from plain text to TLS using STARTTLS over port 25. I may this evaluate and remove later. I had to create another key for dkimsign. Another pointless crap, but without it, big monopoly corporations will probably put my emails to junk. It's pretty easy using package opensmtpd-filter-dkimsign. It has copy/paste readme in default OpenBSD location for that purpose. You will be informed about that after the installation of the package. It is just a filter for smtpd that will sign your outgoing emails. Receiving mail server will check the key you added in your DNS. All is well documented in pkg-readme. While you are in DNS at your domain registrar or other provider, gently add also MX and TXT - SPF records. You can also add DMARC nonsense, maybe it helps you look more cool in the eyes of big corporations like Google, Microsoft and Apple. This setup does not connect and allow IMAP. I use mail util for mail handling. ---------------------------------------------------------------------- $ cat /home/morena/.mailrc set record=/home/morena/mail/sent set from=morena@morena.rip set folder=mail set MBOX=mail/mbox set Replyall set ask retain Subject ---------------------------------------------------------------------- This .mailrc is not necessary. It just make mail utility more friendly to my taste. That's all ladies. I can read, send and reply emails to any mail server in the world. I already got some greetings from SEO experts from India ;/ This is not a step by step guide. Maybe just some "showcase" that running your own mail server is not that hard. This setup does not allow external IMAP and SMTP access. Just from this server. The only port needed for this setup is port 25. This port is used for communication between mail servers either you send or receive emails. Other ports related to mail like 465, 587, 143, 993 are used just for email clients to communicate with your SMTP or IMAP server, not with other mail servers. In a case I would like to use this server from another machine I would connect to the server (SMTPS) using 465 TLS. While checking IMAP with 993 TLS. This would require some tiny change to the setup above and installing something horrible as Dovecot for IMAP handling. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Creativity is the greatest rebellion in existence. .