BSDCan2019 - 1.8

BSDCan 2019
The Technical BSD Conference

Aaron Poffenberger
Day Tutorials #1 - 15 May - 2019-05-15
Room DMS 1120
Start time 09:00
Duration 03:00
ID 1098
Track Tutorial
Language used for presentation English

OpenSMTPD for the Real World

Mail Server Tutorial

This session is aimed at administrators who can't or won't use 3rd-party mail hosting (and who would?) but still need a reliable, spam and virus-resistant mail server. A basic knowledge of BSD, smtp and dns is required.

The session is a hands-on tutorial covering configuration and useof OpenSMTPD as the core of a spam- and virus-resistant mail server.

After this tutorial you will know how to:

  • Configure smtpd as a Mail Transfer Agent (MTA) for single and multi-domain use
  • Install a certificate and configure smtpd to provide or require TLS
  • Accept or reject mail based on criteria like recipient, source, sender and domain
  • Tag mail
  • Configure smtpd to work with Spam Assassin, ClamAV or Local-Mail-Transfer-Protocol (LMTP) services (in series or individually)
  • Use OpenSMTPD filters

We'll also look at integration of OpenSMTPD with other spam-fighting services:

  • Simple pf configuration for spamd
  • Adding blacklist sources to spamd.conf
  • Updating spamd with OpenBGPD
  • Using spf_fetch and smtpctl spfwalk to whitelist outbound mailers from Google, Microsoft, et al.

New and updated for 2019: * Use OpenSMTPD filters * Implement "Fighting Spam at the Front Line" techniques from 2018 BSDCan talk * TLS with Let's Encrypt and acme-client * Using rspamd rather than amavisd: pros and cons * Coordinating multiple mail servers

The instructor will conduct the tutorial on OpenBSD and will attempt to help students who want to use another BSD platform supported by OpenSMTPD.

The session is meant to be hands on. To get the most out of it, please bring a laptop with OpenSMTPD, Spam Assassin and ClamAV installed and at least SQLite.