Вступление

Перевод статьи Chess Griffin с небольшим количеством комментариев от переводчика, в основном связанных с тем, что с момента релиза OpenBSD 5.6, система стала еще лучше!

Цель

Создать достаточно безопасный почтовый сервер на базе OpenBSD и нескольких пакетов. OpenSMTPD, spamd, pf и httpd входят в состав базовой системы. Дополнительно потребуются ClamAV, ClamSMTP, SpamAssassin, SpamPD, DKIMproxy, Dovecot, Dovecot-Pigeonhole и Roundcube.

The final setup

Incoming mail:

pf -> spamd -> opensmtpd -> clamsmtpd -> clamd -> clamsmtpd -> opensmtpd -> spampd -> SpamAssassin -> spampd -> opensmtpd -> deliver to dovecot/lmtp

Outoing mail:

opensmtpd -> clamsmtpd -> clamd -> clamsmtpd -> opensmtpd -> dkimproxy -> opensmtpd -> relay out

Other:

SSL IMAP access: Dovecot SSL webmail access: httpd and Roundcube

Why OpenBSD?

Because I think it's a great operating system created and maintained by a lot of very smart people. Plus, I like how there are so many excellent bits of software included in the base system. If you find anything helpful in this guide, or discover how great OpenBSD is, please consider supporting the project, either by purchasing a CD set or making a financial donation. The OpenBSD team does amazing work that benefits the whole community in a wide variety of ways and they can always use the support.

Why SpamAssassin in addition to spamd?

Spamd works wonderfully well and it has a very light footprint. It trapped the bulk of my spam (more than 95%) so I almost just let it go instead of bothering with SpamAssassin. But I thought it would be interesting to try and integrate the two.

Why not <insert name of favorite operating system/software/tool>?

Never heard of it. ;-)

Why bother with setting up your own email server to begin with? Why not just keep using Gmail?

I used to run my own email server back when I hosted the Linux Reality podcast and decided it would be a fun exercise to try it again. The email server I set up using the steps in this guide might become my primary email server. Or, I might take the server down tomorrow and go back to using AOL and working on my Geocities page. Who knows?

Assumptions:

This guide assumes an understanding of how to install and configure OpenBSD and an understanding of networking and email, both in general and in regards to OpenBSD in particular. Additionally, this guide assumes an understanding of how to install packages with a properly configured $PKG_PATH, how to work from the command line and edit configuration files, how to change DNS records and MX records, and other general nuts and bolts. These kinds of basic topics will not be covered in this guide.

Disclaimer:

I am an ordinary OpenBSD user. I am not a sysadmin, developer, programmer, kung-fu master, or expert in any of these areas. This guide is mainly a writeup for myself so I can replicate these steps in the future. If someone finds it helpful, fine, but it is by no means the only way or even the best way to configure an email server. There are most likely mistakes in this guide, so take it for what it's worth and YMMV. If your email breaks because of this guide, then don't run your own email server. Feedback and corrections are welcome.

Updates:

   Updated the last line of example smtpd.conf from "for any" to "for domain <vdomains>".  Thanks to Christoph on the opensmtpd-misc mailing list.
   Removed bit about enabling pf since it's enabled by default.  Duh.  Also changed notations of port 587 to 'submission' which is the name of that port in /etc/services.  Thanks to rjc.

Resources:

   OpenBSD FAQ (required)
   OpenBSD man pages (required)
   OpenSMTPD wiki
   Helpful thread on OpenSMTPD mailing list re: tagging and proxying
   http://www.kernel-panic.it/openbsd/mail/ (the bits about ClamAV and SpamAssassing are helpful)
   https://coderwall.com/p/eejzja/simple-smtp-server-with-opensmtpd
   http://blog.ehouse.io/mail-server-basic-smtp.html
   http://blog.admiral0.it/computing/mail-server-with-opensmtpd-dovecot-and-amavisdspamassassin/