Inside the sender's /etc/mail/smtpd.conf:

table aliases file:/etc/mail/aliases
table secrets file:/etc/mail/secrets

listen on lo0

action "local_mail" mbox alias <aliases>
action "outbound" relay host smtp+tls:// \
auth <secrets>

match for local action "local_mail"
match for any action "outbound"

Inside /etc/mail/secrets:

  • Note**: You must include the full domain in the username (it may even be necessary to restart opensmtpd) or else you may get an 535 Authentication failed error.

Inside the mail relay's /etc/mail/smtpd.conf:

pki cert "/etc/ssl/"
pki key "/etc/ssl/private/"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals
table hosts file:/etc/mail/hosts

listen on lo0 mask-src
listen on lo0 port 10028 tag DKIM mask-src
listen on egress port 25 tls pki mask-src
listen on egress port 587 tls-require pki auth <passwd> mask-src 
action "lmtp" lmtp "/var/dovecot/lmtp" rcpt-to virtual <virtuals>
action "relay" relay
action "relay_dkim" relay host smtp://

match from any for domain <domains> action "lmtp"
match tag DKIM for any action "relay"
match from src <hosts> for any action "relay_dkim"
match auth from any for any action "relay_dkim"
  • Note**: If you are getting 421 4.3.0 Temporary Error and the following message when you run # smtpd -dv -T all:

imsg: pony <- queue: IMSG_SMTP_MESSAGE_CREATE (len=12) smtp: >>> 421 4.3.0 Temporary Error

This means smtpd has failed to create the directory or file holding the message. It is a permissions error that can probably be solved by doing this:

# rcctl stop smtpd
# rm -r /var/spool/smtpd
# rcctl start smtpd