Improve the SMTP doc

This commit is contained in:
Quentin 2024-01-25 09:06:36 +01:00
parent 2e26863b5f
commit e4299a8ca4
Signed by: quentin
GPG key ID: E9602264D639FF68
2 changed files with 56 additions and 9 deletions

View file

@ -23,6 +23,9 @@ work will be required.
- [Integration with a service manager](@/documentation/cookbook/service-manager.md) (systemd or docker) - [Integration with a service manager](@/documentation/cookbook/service-manager.md) (systemd or docker)
- [SMTP server integration](@/documentation/cookbook/smtp-server.md) (MTA) - [SMTP server integration](@/documentation/cookbook/smtp-server.md) (MTA)
*Multi-node deployments and lifecycle maintainance are not covered yet.*
<!--
## Multi-nodes, standard deployment ## Multi-nodes, standard deployment
Aerogramme is intended for multi-nodes deployment. This guide Aerogramme is intended for multi-nodes deployment. This guide
@ -44,3 +47,4 @@ Hopefully you will love Aerogramme, and thus you will have to do some maintainan
## Hardened flavor ## Hardened flavor
- [Manual configuration](@/documentation/cookbook/manual-hardened.md) - [Manual configuration](@/documentation/cookbook/manual-hardened.md)
-->

View file

@ -3,19 +3,27 @@ title = "SMTP servers"
weight = 50 weight = 50
+++ +++
Many email Message Transfer Agent (MTA) supports LMTP delivery. SMTP servers that are recommended for Aerogramme are the ones that support:
Some of them are covered here. - TCP delivery over the LMTP protocol
- TCP authentication over the [Dovecot SASL Auth protocol](https://doc.dovecot.org/developer_manual/design/auth_protocol/)
Postfix supports these 2 features and is the only recommended choice *for now*.
## Postfix ## Postfix
Configuring Postfix requires to add these 2 lines to `main.cf`: Configuring [Postfix](https://www.postfix.org/) requires to add these 4 lines to `main.cf`:
```ini ```ini
smtpd_sasl_type = dovecot
smtpd_sasl_path = inet:localhost:12345
virtual_mailbox_domains = your-domain.tld virtual_mailbox_domains = your-domain.tld
virtual_transport = lmtp:[::1]:1025 virtual_transport = lmtp:[::1]:1025
``` ```
Make sure that `your-domain.org` is not already configured in the `mydomain` variable, Aerogramme implements Dovecot SASL protocol. By configuring Postfix
with it,
Make sure that `your-domain.tld` is not already configured in the `mydomain` variable,
or it might conflict with Postfix local delivery logic. or it might conflict with Postfix local delivery logic.
*Indeed, Postfix internally has its default configuration for "local" mail delivery, *Indeed, Postfix internally has its default configuration for "local" mail delivery,
@ -26,6 +34,14 @@ the "virtual" ones.*
You can learn more about Postfix LMTP capabilities on this page: [lmtp(8)](https://www.postfix.org/lmtp.8.html). You can learn more about Postfix LMTP capabilities on this page: [lmtp(8)](https://www.postfix.org/lmtp.8.html).
## Maddy
[Maddy](https://maddy.email/) is a more recent email server written in Go.
However it does not support LMTP delivery over TCP, only over UNIX socket: without a specific adapter, it's not yet compatible with Aerogramme.
For LMTP delivery, read [SMTP & LMTP transparent forwarding](https://maddy.email/reference/targets/smtp/#smtp-lmtp-transparent-forwarding).
For the Dovecot Auth Protocol, read [Dovecot SASL](https://maddy.email/reference/auth/dovecot_sasl/).
## OpenSMTPD ## OpenSMTPD
Something like below might work (untested): Something like below might work (untested):
@ -36,14 +52,19 @@ match from any for domain "your-domain.tld" action "remote_mail"
``` ```
The syntax is described in their manpage [smtpd.conf(5)](https://man.openbsd.org/smtpd.conf#lmtp). The syntax is described in their manpage [smtpd.conf(5)](https://man.openbsd.org/smtpd.conf#lmtp).
opensmtpd does not support Dovecot's SASL protocol, you can signal your interest [in their dedicated issue](https://github.com/OpenSMTPD/OpenSMTPD/issues/1085).
## Chasquid
[chasquid](https://blitiri.com.ar/p/chasquid/) supports [LMTP delivery](https://blitiri.com.ar/p/chasquid/howto/#configure-chasquid)
and the [Dovecot Auth Protocol](https://blitiri.com.ar/p/chasquid/docs/dovecot/) but only over UNIX sockets. Thus, it's not yet compatible with Aerogramme.
## Other servers ## Other servers
[Maddy](https://maddy.email/) might be configured to deliver LMTP messages to Aerogramme through its [SMTP & LMTP transparent forwarding](https://maddy.email/reference/targets/smtp/#smtp-lmtp-transparent-forwarding) feature.
[Exim](https://www.exim.org/) has some support [for LMTP](https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_lmtp_transport.html) too. [Exim](https://www.exim.org/) has some support [for LMTP](https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_lmtp_transport.html) too.
[sendmail](https://www.proofpoint.com/us/products/email-protection/open-source-email-solution) might deliver to LMTP through a dedicated binary named [smtpc](https://www.sympa.community/manual/customize/lmtp-delivery.html) [sendmail](https://www.proofpoint.com/us/products/email-protection/open-source-email-solution) might deliver to LMTP through a dedicated binary named [smtpc](https://www.sympa.community/manual/customize/lmtp-delivery.html).
<!-- <!--
Let start by creating a folder for Postfix, for example `/opt/aerogramme-postfix`: Let start by creating a folder for Postfix, for example `/opt/aerogramme-postfix`:
@ -64,14 +85,31 @@ sudo groupadd postdrop
The considered `main.cf`: The considered `main.cf`:
``` ```
mynetworks=127.0.0.0/8 # postfix files
compatibility_level=3.6
queue_directory=/tmp/postfix-test/queue queue_directory=/tmp/postfix-test/queue
data_directory=/tmp/postfix-test/data data_directory=/tmp/postfix-test/data
maillog_file=/dev/stdout maillog_file=/dev/stdout
# nuke postfix legacy as much as possible (an era of UNIX account and open relay on local networks...)
mynetworks=127.0.0.0/8
compatibility_level=3.6
alias_database= alias_database=
alias_maps= alias_maps=
# add support for authentication
smtpd_sasl_auth_enable=yes
smtpd_tls_auth_only = yes
smtpd_relay_restrictions =
permit_sasl_authenticated
reject_unauth_destination
# add support for TLS (RSA only for now)
smtpd_tls_cert_file=/home/quentin/.lego/certificates/saint-ex.deuxfleurs.org.crt
smtpd_tls_key_file=/home/quentin/.lego/certificates/saint-ex.deuxfleurs.org.key
# aerogramme specific configuration
smtpd_sasl_type = dovecot
smtpd_sasl_path = inet:localhost:12345
virtual_mailbox_domains=saint-ex.deuxfleurs.org virtual_mailbox_domains=saint-ex.deuxfleurs.org
virtual_transport=lmtp:[::1]:1025 virtual_transport=lmtp:[::1]:1025
``` ```
@ -81,6 +119,11 @@ The considered `master.cf`:
``` ```
smtp inet n - n - - smtpd smtp inet n - n - - smtpd
smtp unix - - n - - smtp smtp unix - - n - - smtp
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
lmtp unix - - n - - lmtp lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil anvil unix - - n - 1 anvil
rewrite unix - - n - - trivial-rewrite rewrite unix - - n - - trivial-rewrite