Null-mailer - DMA

intro | dma | msmtp

Intro

DMA is able to deliver messages locally, it has its own queue and it’s not only implicit SSL but also STARTTLS capable. Besides, we didn’t even have to change anything to the default configuration, which is appreciated, as it simplifies system’s post-installation.

Install

note both ubuntu and slackware renamed heilroom mailx to s-nail

ubuntu

install s-nail or bsd-mailx to avoid postfix dependency, and make sure you have a syslog daemon in place

apt install dma bsd-mailx
# mailutils s-nail
which dma
which mailx

and in case that’s a container, you might also need a log daemon

apt install rsyslog
# sysklogd

slackware

ls -lF /var/lib/pkgtools/packages/postfix-*
ls -lF /var/lib/pkgtools/packages/dma-*

removepkg postfix | grep -v '^  --> Deleting '
#rm -rf /var/spool/postfix/
#rm -rf /etc/postfix/

if you want to prepare the binary on a build system

sbopkg -b dma

otherwise if you’re fine installing it directly

sbopkg -i dma
which dma
ldd /usr/bin/dma

slackpkg search s-nail
slackpkg install s-nail
which mailx
ldd /usr/bin/mailx | grep found
grep -vE '^#|^$' /etc/nail.rc

from source

see dma-source

System preparation

The good thing with DMA is that it reads a plain-text aliases files without the need to run newaliases, hence no need for another MTA package containing that command line.

ls -lF /etc/aliases # no exist
ls -alF /etc/mail/ # no exist
ls -alF /etc/postfix/ # no exist

vi /etc/aliases # new file

MAILER-DAEMON:  root
postmaster: root
abuse:      root

root:       SOME-REAL-ADDRESS

rm -f /etc/aliases.db

it is also good to know which host is actually talking to you daily

    vipw

    root:x:0:0:root@HOST:/root:/bin/bash

DMA setup

Defaults are fine already, as long as you have an FQDN hostname.

Otherwise, define it there and eventually take the chance to enforce STARTTLS

mv -i /etc/dma/dma.conf /etc/dma/dma.conf.dist
grep -vE '^#|^$' /etc/dma/dma.conf.dist > /etc/dma/dma.conf.clean # empty
cat > /etc/dma/dma.conf <<-EOF
MAILNAME HOST.localdomain
SECURETRANSFER
SMARTHOST YOUR-SMTP-RELAY
STARTTLS
EOF

in case you need to talk to the public network instead of using a smart host, tune the MAILNAME

hostname --long

not sure about the default guid, but sounds like the following

ls -alF /var/spool/dma/ | head
chown root:mail /var/spool/dma/
chown mail:mail /var/spool/dma/*
chmod 770 /var/spool/dma/
chmod g+s /var/spool/dma/

Ready to go

there are two ways to outbound and also receive bounces:

  1. on the Postfix relay, add the host to mydestination and mynetworks

  2. keep-going by yourself and setup an SPF record for any A entry and your hosts will be able to contact you back

Acceptance

see null-mailer

Operations

check the queue

mailq
#dma -bp
#sendmail -bp

eventually re-process the queue

runq
#dma -q
#sendmail -q

delete all mail from the queue

ls -lF /var/spool/dma/
rm -f /var/spool/dma/*

Troubles with SASL

draft: that didn’t work, it tried to reach port 25 anyways

on the mail server

useradd -g nogroup SASL-USER
passwd SASL-USER

on the workstation

nmap -p 25,465,587 SASL-SMTP-RELAY

vi /etc/dma/auth.conf

SASL-USER|SASL-SMTP-RELAY:PASSWORD-HERE

vi /etc/dma/dma.conf

MAILNAME HOST.localdomain
SECURETRANSFER
AUTHPATH /etc/dma/auth.conf
PORT 465

Resources

https://github.com/corecode/dma

https://www.dragonflybsd.org/handbook/mta/

https://www.dragonflybsd.org/docs/howtos/HowTo_dma_gmail/

https://wiki.debian.org/Debate/DefaultMTA/DMA

https://wiki.debian.org/Debate/DefaultMTA#dma

runq

Linux Network Administrator’s Guide, 2nd Edition https://www.oreilly.com/openbook/linag2/book/ch18.html

sasl

https://wiki.archlinux.org/index.php/Dma

http://cweiske.de/tagebuch/dma-postfix-dovecot-plain.htm

AUTHPATH nor PORT taken into account - refuses to talk on submissions #109 https://github.com/corecode/dma/issues/109


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | NU | HTML5
Copyright © 2022 Pierre-Philipp Braun