diff options
Diffstat (limited to 'content/blog/2020/email-server-extras.md')
| -rw-r--r-- | content/blog/2020/email-server-extras.md | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/content/blog/2020/email-server-extras.md b/content/blog/2020/email-server-extras.md index 816bcd5..5d09466 100644 --- a/content/blog/2020/email-server-extras.md +++ b/content/blog/2020/email-server-extras.md @@ -23,8 +23,8 @@ I'll assume that your two domains are called `foo.com` and `bar.com`. #### DNS records There should be MX, SPF, DKIM and DMARC records for both domains, -as explained in the previous guide. Fortunately, all these records -can have completely identical contents for both domains! +as explained in the previous guide. Fortunately, these records +can have identical contents for both domains! However, it remains essential that the mail server's mailname and reverse DNS domain name match up exactly, @@ -47,11 +47,11 @@ you only need to update the `/etc/dovecot/users` file to add accounts for both domains. However, in the original guide, I said to only write `user` in the file, without the `@foo.com`, for an address `user@foo.com`. -Unsurprisingly, that isn't an option when handling multiple domains, +Unsurprisingly, that isn't an option for multiple domains, so you must put the full address in `/etc/dovecot/users`. -Then update `/etc/dovecot/dovecot.conf` to reflect that change, -by replacing `%n` with `%u` in `username_format`: +Then update `/etc/dovecot/dovecot.conf` to reflect that, +by changing `%n` to `%u` in `username_format`: ```sh userdb { driver = passwd-file @@ -67,8 +67,9 @@ That's all you need to change. #### OpenSMTPD -For OpenSMTPD, create a new file `/etc/smtpd/domains`, -and in there put all desired domains on their own line: +To inform OpenSMTPD of all the domains, +create a new file `/etc/smtpd/domains`, +and in there put all desired names on their own line: ```sh foo.com bar.com @@ -184,7 +185,7 @@ that can be verified using the CA's public certificate. $ openssl x509 -req -in mailclient.csr -out mailclient.crt \ -days 36499 -CA mailca.crt -CAkey mailca.key ``` -If you want to create multiple distinct client certificates, +If you want to multiple client certificates, just repeat the last few steps for each one. @@ -247,10 +248,10 @@ action "SEND" relay srs match from any tag "VALID" for any action "SEND" ``` All incoming connections that present a good certificate -will be tagged as `VALID`, and their mail will be relayed. +will be tagged as being `VALID`, and their mail will be relayed. Unfortunately, we're not quite done yet here, -because we've just made Rspamd very confused... +because Rspamd is now very confused... #### Rspamd @@ -288,8 +289,7 @@ Setting `priority` to `high` ensures that Rspamd checks this rule before doing anything else. You can add any number of `from` directives; this rule will be applied if any of them match. -The only action it takes is to set the threshold -for the action `add_header` to `1000`. +It only sets the threshold for the action `add_header` to `1000`. That is, if the email doesn't get a spam score of at least 1000 (the default is 6) Rspamd will not add any spam tags. |