Make sure to chmod +x /bin/service/tcp25 or else the mail server won't be able to start
; cat /bin/service/tcp25 #!/bin/rc #smtp serv net incalldir user user=`{cat /dev/user} exec upas/smtpd -e -f -r -s -n 3
exec upas/smtpd -c /sys/lib/tls/acmed/example.com.crt -e -f -r -s -n 3
Note: the -c argument currently has a bug where it does not send the full chain of the TLS certificate, so email clients that connect to it may report a certificate validation error.
Make sure to edit /mail/lib/smtpd.conf:
# # sample smtpd configuration options for inside connections # # # replace example.com with the name of your domain # replace 198.51.100.0 with the IP address range of your networks defaultdomain example.com norelay on verifysenderdom off #disable dns verification of sender domain saveblockedmsg off #save blocked messages # # if norelay is on, you need to set the # networks allowed to relay through # as well as the domains to accept mail for # ournets 198.51.100.0/24 ourdomains *.example.com Copy /mail/lib/rewrite.direct to /mail/lib/rewrite, while replacing YOURDOMAIN.DOM with your actual domain name. You will also want to edit /mail/lib/names.local for the users you want to handle mail for. Edit /mail/lib/remotemail to add the -C -s flags to turn on TLS encryption when sending. -C is needed in case some certificates don't validate properly: #!/bin/rc shift sender=1 shift addr=1 shift fd=`{/bin/upas/aliasmail -f sender} switch(fd){ case *.* ; case * fd=example.com } exec /bin/upas/smtp -C -s -h fd addr sender * Make sure to replace example.com with your actual domain name. If you are logged in as a user other than the default hostowner (glenda), make sure to add the users to upas group: ; echo 'newuser upas +username' >> /srv/cwfs.cmd Then create the user's mailbox: ; upas/nedmail -c
See dkim.ms guide for enabling dkim. Make sure to add spf and dmarc records as indicated in ndb.ms guide. To test sending an email:
; upasname=sender@example.com upas/marshal -s 'Alpha Bravo Charlie' recipient@example.org