How I configure dma for mail delivery in jails on my internet hosts

Leave a Comment / dma, Mail / By

This is based on a series of tweets which I now want to place into blog post. When I go searching for something I’ve done before, I usually check my blog first.

dma is “is a small Mail Transport Agent (MTA), designed for home and office use. It accepts mails from locally installed Mail User Agents (MUA) and delivers the mails either locally or to a remote destination. Remote delivery includes several features like TLS/SSL support and SMTP authentication.”

See the man page for more information.

I like it because configuration for my needs is similar and it comes with the base operating system.

In this blog post:

  • FreeBSD 13.1
  • It is assumed the jail will be relaying to a smarter host
  • In my case, the jails relay to the host itself. Only the host speaks to the outside mail servers.

/etc/dma/dma.conf

This is the /etc/dma/dma.conf I use:

SMARTHOST 127.163.0.25
SECURETRANSFER
STARTTLS

In my case, the jail host is configured to listen on 127.163.0.25.

/etc/mail/mailer.conf

I place this in /etc/mail/mailer.conf:

sendmail      /usr/libexec/dma
mailq         /usr/libexec/dma
newaliases    /usr/libexec/dma
rmail         /usr/libexec/dma

This tells the system to use dma, instead of say sendmail or postfix.

/usr/local/etc/cron.d/dma

I create a cronjob to retry requeued entries.

Here is what I put in /usr/local/etc/cron.d/dma:

*/30    *       *       *       *       root    /usr/libexec/dma -q

Disable any other mail clients

If you had another mail client in use, now is the time to disable and/or remove that.

Testing

This is the type of test I do:

root@r720-02-ingress01:/ # echo testing from ingress01 | mail dan@example.net
root@r720-02-ingress01:/ # tail /var/log/maillog
Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]:  trying delivery
Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]: using smarthost (127.163.0.25:25)
Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]: trying remote delivery to 127.163.0.25 [127.163.0.25] pref 0
Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]:  delivery successful
Aug 15 15:45:17 r720-02-ingress01 dma[91274][91092]: new mail from user=root uid=26 envelope_from=
Aug 15 15:45:17 r720-02-ingress01 dma[91274][91092]: mail to= queued as 91274.800e48000
Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]:  trying delivery
Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]: using smarthost (127.163.0.25:25)
Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]: trying remote delivery to 127.163.0.25 [127.163.0.25] pref 0
Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]:  delivery successful

The logs show the mail was delivered from this host to the jail’s host. From there it was delivered to my inbox.

Job done. Time for more beach.

Things to check

Edit added on 2023-03-08: Some applications want to connect to port 25. You may get failures in your jail. I reconfigured such applications to connect to the SMARTHOST value specified in my /etc/dma/dma.conf file.

Website Pin Facebook Twitter Myspace Friendfeed Technorati del.icio.us Digg Google StumbleUpon Premium Responsive

Leave a Comment

Scroll to Top