DMA Setup

Intro

DMA is able to deliver messages locally, it has its own queue and it’s not only implicit SSL but also STARTTLS capable. Besides, we didn’t even have to change anything to the default configuration, which is appreciated, as it simplifies system’s post-installation.

Install

note both ubuntu and slackware renamed heilroom mailx to s-nail

ubuntu

install s-nail or bsd-mailx to avoid postfix dependency, and make sure you have a syslog daemon in place

apt install dma bsd-mailx
# mailutils s-nail
which dma
which mailx

and in case that’s a container, you might also need a log daemon

apt install rsyslog
# sysklogd

slackware

ls -lF /var/lib/pkgtools/packages/postfix-*
ls -lF /var/lib/pkgtools/packages/dma-*

removepkg postfix | grep -v '^  --> Deleting '
#rm -rf /var/spool/postfix/
#rm -rf /etc/postfix/

if you want to prepare the binary on a build system

sbopkg -b dma

otherwise if you’re fine installing it directly

sbopkg -i dma
which dma
ldd /usr/bin/dma

slackpkg search s-nail
slackpkg install s-nail
which mailx
ldd /usr/bin/mailx | grep found
grep -vE '^#|^$' /etc/nail.rc

from source

see dma-source

System preparation

The good thing with DMA is that it reads a plain-text aliases files without the need to run newaliases, hence no need for another MTA package containing that command line.

ls -alF /etc/mail/ # no exist
ls -alF /etc/postfix/ # no exist

# exists on debian's dma
ls -lF /etc/aliases
mv -i /etc/aliases /etc/aliases.dist
grep -v ^# /etc/aliases.dist > /etc/aliases
vi /etc/aliases

mailer-daemon:  root
postmaster: root
abuse:      root

root:       SOME-REAL-ADDRESS

rm -f /etc/aliases.db

it is also good to know which host is actually talking to you daily

    vipw

    root:x:0:0:root@HOST:/root:/bin/bash

crontab -e

MAILFROM=root@HOST

Setup

Defaults are fine already, as long as you have an FQDN hostname.

Otherwise, define it there and eventually take the chance to enforce STARTTLS

mv -i /etc/dma/dma.conf /etc/dma/dma.conf.dist
grep -vE '^#|^$' /etc/dma/dma.conf.dist > /etc/dma/dma.conf.clean # empty on slackware
grep -vE '^#|^$' /etc/dma/dma.conf.dist > /etc/dma/dma.conf # empty on slackware
vi /etc/dma/dma.conf

SMARTHOST YOUR-SMTP-RELAY
SECURETRANSFER
STARTTLS
MAILNAME HOST.localdomain

in case you need to talk to the public network instead of using a smart host, tune the MAILNAME

hostname --long

not sure about the default guid, but sounds like the following

ls -alF /var/spool/dma/ | head
chown root:mail /var/spool/dma/
chown mail:mail /var/spool/dma/*
chmod 770 /var/spool/dma/
chmod g+s /var/spool/dma/

Ready to go

there are two ways to outbound and also receive bounces:

  1. on the Postfix relay, add the host to mydestination and mynetworks

  2. keep-going by yourself and setup an SPF record for any A entry and your hosts will be able to contact you back

Acceptance

see null-mailers

Operations

check the queue

mailq
#dma -bp
#sendmail -bp

eventually re-process the queue

runq
#dma -q
#sendmail -q

delete all mail from the queue

ls -lF /var/spool/dma/
rm -f /var/spool/dma/*

Troubles with SASL

draft: that didn’t work, it tried to reach port 25 anyways

on the mail server

useradd -g nogroup SASL-USER
passwd SASL-USER

on the workstation

nmap -p 25,465,587 SASL-SMTP-RELAY

vi /etc/dma/auth.conf

SASL-USER|SASL-SMTP-RELAY:PASSWORD-HERE

vi /etc/dma/dma.conf

MAILNAME HOST.localdomain
SECURETRANSFER
AUTHPATH /etc/dma/auth.conf
PORT 465

Resources

https://github.com/corecode/dma

https://www.dragonflybsd.org/handbook/mta/

https://www.dragonflybsd.org/docs/howtos/HowTo_dma_gmail/

https://wiki.debian.org/Debate/DefaultMTA/DMA

https://wiki.debian.org/Debate/DefaultMTA#dma

runq

Linux Network Administrator’s Guide, 2nd Edition https://www.oreilly.com/openbook/linag2/book/ch18.html

sasl

https://wiki.archlinux.org/index.php/Dma

http://cweiske.de/tagebuch/dma-postfix-dovecot-plain.htm

AUTHPATH nor PORT taken into account - refuses to talk on submissions #109 https://github.com/corecode/dma/issues/109


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun