---
categories: ['Devuan','Network','Client']
date: 2020-04-27T09:19:56+02:00
description: "Howto Install OpenSMTPD on Devuan, and config as client with auth SMTP"
draft: false
tags: ['Debian','Devuan','Linux Mint','OpenSMPTD','smtp','client','mail','auth']
title: "Devuan: Opensmtpd Client Auth"
translationKey: "devuan-opensmtpd-auth-client"
---
## Description
**OpenSMTPD** is a free implementation of the SMTP protocol, as
defined in {{< rfc 5321 >}}, with some additional standard extensions.
It allows the machines to exchange mail.
**OpenSMTPD** is a part the OpenBSD base system. It was ported to others
OSes, as Devuan.
Informations:
* Website: https://www.opensmtpd.org
---
{{< abbr Q "Question" >}} : **Why do I use OpenSMTPD?**
Because, OpenSMTPD is:
- **easy to {{< anchor config configuration >}}:** only one file text!
- recognized as reliable AND secure.
---
Fully functional and tested on:
- Debian Sid, Devuan Ceres
- Linux Mint
## Installation
`apt install opensmtpd`
* the file log: `/var/log/mail.log`
## Configuration
* The file config: `/etc/smtpd.conf`
To send a mail by SMTP to a mail service requiring identification, it is
necessary to first create a file `secrets` with the appropriate rights
on your system, then we have to configure the file `smtpd.conf`.
### File secrets
To create the secrets file:
`$ mkdir -p .config/mail`
`$ touch .config/mail/secrets`
`$ chmod 0640 .config/mail/secrets`
Then, it's necessary to write:
`identifiant username:password`
{{< color red >}}Do Not Write TEXTUALLY this information{{}},
replace with:
* `identifiant`: your choosed id — *this will use later on your config file*.
* `username`: usually, your email.
* `password`: the password for your email identification.
{{< note warning >}}
It's possible to (re?)name the secrets file as you want, and put in other
place on your system.
It's better put rights `0400` on this secrets file. *Default: `0640`*.
Even, it's possible for the service to access at your secrets file, with
your personal rights as `$USER:$USER`, it's better to put the group right
`opensmtpd`.
{{< /note >}}
### File smtpd.conf
Now, edit the config file `/etc/smtpd.conf`
```cfg
# $OpenBSD: smtpd.conf,v 1.10 2018/05/24 11:40:17 gilles Exp $
# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.
table aliases file:/etc/aliases
table secrets file:/home/your-id/.config/mail/secrets
queue compression
# To accept external mail, replace with: listen on all
listen on localhost
action "local" maildir alias
action "relay" relay host smtp+tls://identifiant@server auth mail-from "@your-domain.tld"
# Uncomment the following to accept external mail for domain "example.org"
#
# match from any for domain "example.org" action "local"
match for local action "local"
match from local for any action "relay"
```
---
**Explainations**
So compared to the original version, we added:
* the line `table secrets`: it call the secrets file
— *write your custom filename*.
* the line `action relay`: to define the necessary action to send emails
to the server.
* NOTE about `identifiant@serveur`:
* you have to replace the string `identifiant` by your created.
* and too, to replace the `serveur` by the name of SMTP server.
* the string `smtp+tls` is the used protocol to connect at the SMTP
server.
others protocols are:
* `lmtp`: to connect on a
{{< abbr LMTP "Local Mail Transfer Protocol" >}} session.
* `smtp`: to attempt a connection with a STARTTLS session, if
possible.
* `smtp+tls`: to force the connection on a STARTTLS session.
* `smtp+notls`: to use a plain text SMTP session without TLS.
* `smtps`: to force the connexion via
{{< abbr TLS "Transport Layer Secure" >}}
— *default port: 465*
* with no specified protocol, the connection will be done on the
default port: 25.
* the string `auth`: to specify the secrets table.
* the string `mail-from`: to specify the domain name to use.
* the line `match … action "relay"`: this is the action that will be
triggered to send the emails.
### aliases
About aliases system:
It is interesting to manage the alias related to your `root` account or
even that of your main user…
Edit the file `/etc/aliases`, with rights admin.
At the end of file, modify `root` with your desired address email.
Do the same for your system user. ;)
And, do not forget to reload the aliases base, with the command `newaliases`!
## Utilisation
{{< note warning >}}
Before restart the **opensmtpd** service, we need to test the config file:
`# smtpd -n`
If the result is: `configuration OK`
that's folk!
Otherwise, re-edit the file, at the line indicated first!
{{< /note >}}
Now, restart the service:
`# service opensmtpd restart`
### Send
So:
* `echo "Test to send email on $(hostname); date: $(date)" | mail -s "Email test" email`
* or, `echo "Test to send email on $(hostname); date: $(date)" | mail -s "Email test" root`
For all cases, the log will display messages, as:
```log
(…)
Apr 27 09:16:47 pc-z smtpd[1718]: 09cca279ca1178e4 smtp connected address=local host=***
Apr 27 09:16:47 pc-z smtpd[1718]: 09cca279ca1178e4 smtp message msgid=85868a25 size=474 nrcpt=1 proto=ESMTP
Apr 27 09:16:47 pc-z smtpd[1718]: 09cca279ca1178e4 smtp envelope evpid=85868a25fcb1569a from= to=
Apr 27 09:16:47 pc-z smtpd[1718]: 09cca279ca1178e4 smtp disconnected reason=quit
Apr 27 09:16:51 pc-z smtpd[1718]: 09cca27892fa38ea mta delivery evpid=85868a25fcb1569a from= to= rcpt= source="192.168.47.47" relay="80.67.160.70 (lautre.net)" delay=4s result="Ok" stat="250 2.0.0 Ok: queued as 53C92112839"
Apr 27 09:17:02 pc-z smtpd[1718]: 09cca27892fa38ea mta disconnected reason=quit messages=2
(…)
```
Now, you can send email from console/terminal or yours scripts shell
with SMTP authentification!
### Errors
Look the different possible errors on my article
{{< inside2 a="errors" l="sys:openbsd:smtpd-config-auth" >}}
## Documentations
The SMTP protocol defined by RFC 5321:
{{< rfcdoc 5321 >}}
### Manpages
* {{< man smtpd.conf 5 >}}
### Wikipedia
* {{< wp "Local_Mail_Transfer_Protocol" >}}
---