This is based on a series of tweets which I now want to place into blog post. When I go searching for something I’ve done before, I usually check my blog first.
dma is “is a small Mail Transport Agent (MTA), designed for home and office use. It accepts mails from locally installed Mail User Agents (MUA) and delivers the mails either locally or to a remote destination. Remote delivery includes several features like TLS/SSL support and SMTP authentication.”
See the man page for more information.
I like it because configuration for my needs is similar and it comes with the base operating system.
In this blog post:
- FreeBSD 13.1
- It is assumed the jail will be relaying to a smarter host
- In my case, the jails relay to the host itself. Only the host speaks to the outside mail servers.
/etc/dma/dma.conf
This is the /etc/dma/dma.conf I use:
SMARTHOST 127.163.0.25 SECURETRANSFER STARTTLS
In my case, the jail host is configured to listen on 127.163.0.25.
/etc/mail/mailer.conf
I place this in /etc/mail/mailer.conf:
sendmail /usr/libexec/dma mailq /usr/libexec/dma newaliases /usr/libexec/dma rmail /usr/libexec/dma
This tells the system to use dma, instead of say sendmail or postfix.
/usr/local/etc/cron.d/dma
I create a cronjob to retry requeued entries.
Here is what I put in /usr/local/etc/cron.d/dma:
*/30 * * * * root /usr/libexec/dma -q
Disable any other mail clients
If you had another mail client in use, now is the time to disable and/or remove that.
Testing
This is the type of test I do:
root@r720-02-ingress01:/ # echo testing from ingress01 | mail dan@example.net root@r720-02-ingress01:/ # tail /var/log/maillog Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]:trying delivery Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]: using smarthost (127.163.0.25:25) Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]: trying remote delivery to 127.163.0.25 [127.163.0.25] pref 0 Aug 15 15:26:28 r720-02-ingress01 dma[91a57.800e48000][87172]: delivery successful Aug 15 15:45:17 r720-02-ingress01 dma[91274][91092]: new mail from user=root uid=26 envelope_from= Aug 15 15:45:17 r720-02-ingress01 dma[91274][91092]: mail to= queued as 91274.800e48000 Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]: trying delivery Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]: using smarthost (127.163.0.25:25) Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]: trying remote delivery to 127.163.0.25 [127.163.0.25] pref 0 Aug 15 15:45:17 r720-02-ingress01 dma[91274.800e48000][91093]: delivery successful
The logs show the mail was delivered from this host to the jail’s host. From there it was delivered to my inbox.
Job done. Time for more beach.
Things to check
Edit added on 2023-03-08: Some applications want to connect to port 25. You may get failures in your jail. I reconfigured such applications to connect to the SMARTHOST value specified in my /etc/dma/dma.conf file.