Setting up an OpenBSD Mail/Web Server
List of Resources
HTTPD, MariaDB:
http://thecyberrecce.net/2017/01/15/secure-webservers-with-openbsd-6-0-setting-up-httpd-mariadb-and-php/
OpenSMTP, spamd, spamassasin, dkimproxy, dovecot:
https://frozen-geek.net/openbsd-email-server-1/"
http://technoquarter.blogspot.com/p/series.html
Note: The blacklist table CANNOT be empty, or smtpd will fail startup. To quickly add root and the service accounts to the blacklist, type:
egrep "^root|^_" /etc/passwd | awk -F: ' { print $1 } ' >> /etc/mail/blacklist-recipients
chown _smtpd:_smtpd /etc/mail/blacklist-recipients
chmod 0664 /etc/mail/blacklist-recipients
Creating the OpenSMTPD/Dovecot shared user database from /etc/master.passwd (See "FreeBSD /etc/master.passwd as passdb and userdb" near the bottom of the page):"
https://wiki.dovecot.org/AuthDatabase/PasswdFile
Roundcube:
http://technoquarter.blogspot.com/2015/02/openbsd-mail-server-part-7-roundcube.html"
https://frozen-geek.net/roundcube-webmail-on-openbsd-59/
https://plugins.roundcube.net/explore/
RoundCube STARTLS problem:
https://github.com/roundcube/roundcubemail/issues/4821
https://www.howtoforge.com/community/threads/solved-roundcube-smtp-error-authentication-failure.73804/
I was unable to get OpenSMTPD to listen on localhost:587 or to accept authentication on localhost:25, and RoundCube requires authentication. I was able to work around this by configuring RoundCube to use port 587 on the external interface, and to not be picky about certificates, since it's on the same host (see the 2nd link, above):
(/var/www/roundcubemail/config/config.inc.php)
$config['smtp_server'] = 'tls://mail.example.com';
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);