Improve the SMTP doc
This commit is contained in:
parent
2e26863b5f
commit
e4299a8ca4
2 changed files with 56 additions and 9 deletions
|
@ -23,6 +23,9 @@ work will be required.
|
|||
- [Integration with a service manager](@/documentation/cookbook/service-manager.md) (systemd or docker)
|
||||
- [SMTP server integration](@/documentation/cookbook/smtp-server.md) (MTA)
|
||||
|
||||
*Multi-node deployments and lifecycle maintainance are not covered yet.*
|
||||
|
||||
<!--
|
||||
## Multi-nodes, standard deployment
|
||||
|
||||
Aerogramme is intended for multi-nodes deployment. This guide
|
||||
|
@ -44,3 +47,4 @@ Hopefully you will love Aerogramme, and thus you will have to do some maintainan
|
|||
## Hardened flavor
|
||||
|
||||
- [Manual configuration](@/documentation/cookbook/manual-hardened.md)
|
||||
-->
|
||||
|
|
|
@ -3,19 +3,27 @@ title = "SMTP servers"
|
|||
weight = 50
|
||||
+++
|
||||
|
||||
Many email Message Transfer Agent (MTA) supports LMTP delivery.
|
||||
Some of them are covered here.
|
||||
SMTP servers that are recommended for Aerogramme are the ones that support:
|
||||
- TCP delivery over the LMTP protocol
|
||||
- TCP authentication over the [Dovecot SASL Auth protocol](https://doc.dovecot.org/developer_manual/design/auth_protocol/)
|
||||
|
||||
Postfix supports these 2 features and is the only recommended choice *for now*.
|
||||
|
||||
## Postfix
|
||||
|
||||
Configuring Postfix requires to add these 2 lines to `main.cf`:
|
||||
Configuring [Postfix](https://www.postfix.org/) requires to add these 4 lines to `main.cf`:
|
||||
|
||||
```ini
|
||||
smtpd_sasl_type = dovecot
|
||||
smtpd_sasl_path = inet:localhost:12345
|
||||
virtual_mailbox_domains = your-domain.tld
|
||||
virtual_transport = lmtp:[::1]:1025
|
||||
```
|
||||
|
||||
Make sure that `your-domain.org` is not already configured in the `mydomain` variable,
|
||||
Aerogramme implements Dovecot SASL protocol. By configuring Postfix
|
||||
with it,
|
||||
|
||||
Make sure that `your-domain.tld` is not already configured in the `mydomain` variable,
|
||||
or it might conflict with Postfix local delivery logic.
|
||||
|
||||
*Indeed, Postfix internally has its default configuration for "local" mail delivery,
|
||||
|
@ -26,6 +34,14 @@ the "virtual" ones.*
|
|||
|
||||
You can learn more about Postfix LMTP capabilities on this page: [lmtp(8)](https://www.postfix.org/lmtp.8.html).
|
||||
|
||||
## Maddy
|
||||
|
||||
[Maddy](https://maddy.email/) is a more recent email server written in Go.
|
||||
However it does not support LMTP delivery over TCP, only over UNIX socket: without a specific adapter, it's not yet compatible with Aerogramme.
|
||||
|
||||
For LMTP delivery, read [SMTP & LMTP transparent forwarding](https://maddy.email/reference/targets/smtp/#smtp-lmtp-transparent-forwarding).
|
||||
For the Dovecot Auth Protocol, read [Dovecot SASL](https://maddy.email/reference/auth/dovecot_sasl/).
|
||||
|
||||
## OpenSMTPD
|
||||
|
||||
Something like below might work (untested):
|
||||
|
@ -36,14 +52,19 @@ match from any for domain "your-domain.tld" action "remote_mail"
|
|||
```
|
||||
|
||||
The syntax is described in their manpage [smtpd.conf(5)](https://man.openbsd.org/smtpd.conf#lmtp).
|
||||
opensmtpd does not support Dovecot's SASL protocol, you can signal your interest [in their dedicated issue](https://github.com/OpenSMTPD/OpenSMTPD/issues/1085).
|
||||
|
||||
## Chasquid
|
||||
|
||||
[chasquid](https://blitiri.com.ar/p/chasquid/) supports [LMTP delivery](https://blitiri.com.ar/p/chasquid/howto/#configure-chasquid)
|
||||
and the [Dovecot Auth Protocol](https://blitiri.com.ar/p/chasquid/docs/dovecot/) but only over UNIX sockets. Thus, it's not yet compatible with Aerogramme.
|
||||
|
||||
## Other servers
|
||||
|
||||
[Maddy](https://maddy.email/) might be configured to deliver LMTP messages to Aerogramme through its [SMTP & LMTP transparent forwarding](https://maddy.email/reference/targets/smtp/#smtp-lmtp-transparent-forwarding) feature.
|
||||
|
||||
[Exim](https://www.exim.org/) has some support [for LMTP](https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_lmtp_transport.html) too.
|
||||
|
||||
[sendmail](https://www.proofpoint.com/us/products/email-protection/open-source-email-solution) might deliver to LMTP through a dedicated binary named [smtpc](https://www.sympa.community/manual/customize/lmtp-delivery.html)
|
||||
[sendmail](https://www.proofpoint.com/us/products/email-protection/open-source-email-solution) might deliver to LMTP through a dedicated binary named [smtpc](https://www.sympa.community/manual/customize/lmtp-delivery.html).
|
||||
|
||||
|
||||
<!--
|
||||
Let start by creating a folder for Postfix, for example `/opt/aerogramme-postfix`:
|
||||
|
@ -64,14 +85,31 @@ sudo groupadd postdrop
|
|||
The considered `main.cf`:
|
||||
|
||||
```
|
||||
mynetworks=127.0.0.0/8
|
||||
compatibility_level=3.6
|
||||
# postfix files
|
||||
queue_directory=/tmp/postfix-test/queue
|
||||
data_directory=/tmp/postfix-test/data
|
||||
maillog_file=/dev/stdout
|
||||
|
||||
# nuke postfix legacy as much as possible (an era of UNIX account and open relay on local networks...)
|
||||
mynetworks=127.0.0.0/8
|
||||
compatibility_level=3.6
|
||||
alias_database=
|
||||
alias_maps=
|
||||
|
||||
# add support for authentication
|
||||
smtpd_sasl_auth_enable=yes
|
||||
smtpd_tls_auth_only = yes
|
||||
smtpd_relay_restrictions =
|
||||
permit_sasl_authenticated
|
||||
reject_unauth_destination
|
||||
|
||||
# add support for TLS (RSA only for now)
|
||||
smtpd_tls_cert_file=/home/quentin/.lego/certificates/saint-ex.deuxfleurs.org.crt
|
||||
smtpd_tls_key_file=/home/quentin/.lego/certificates/saint-ex.deuxfleurs.org.key
|
||||
|
||||
# aerogramme specific configuration
|
||||
smtpd_sasl_type = dovecot
|
||||
smtpd_sasl_path = inet:localhost:12345
|
||||
virtual_mailbox_domains=saint-ex.deuxfleurs.org
|
||||
virtual_transport=lmtp:[::1]:1025
|
||||
```
|
||||
|
@ -81,6 +119,11 @@ The considered `master.cf`:
|
|||
```
|
||||
smtp inet n - n - - smtpd
|
||||
smtp unix - - n - - smtp
|
||||
smtps inet n - n - - smtpd
|
||||
-o smtpd_tls_wrappermode=yes
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
||||
-o milter_macro_daemon_name=ORIGINATING
|
||||
lmtp unix - - n - - lmtp
|
||||
anvil unix - - n - 1 anvil
|
||||
rewrite unix - - n - - trivial-rewrite
|
||||
|
|
Loading…
Reference in a new issue