Thanks for everyone’s input! I think the issue is resolved. Please see below.
> On Nov 28, 2018, at 6:44 PM, Matt Schwartz <[email protected]> wrote: > > Also, OpenSMTPD 6.4 has the added advantage of more reliable message > queueing. If you restart the smtp daemon, the queue resumes reliably. There > is no good reason to stick with the older version of OpenSMTPD. I didn’t know about the OpenSMTPd changes in OpenBSD 6.4—but I do plan to upgrade to that within a month or so. This mail server has been working very well as a relay for many months—I recently added the smtp auth stuff, and ran into this problem. > > On Wed, Nov 28, 2018, 8:41 PM Thomas Bohl <[email protected] > wrote: > > By default, there is ‘accept from local for any relay’, and I’ve kept that > > in place. Is this what you were referring to? > > That is what's casing the loop. "relay" looks for the MX record (Which > is what you want for everting but your own domain). "relay via" skips that. Removing that line resolved the mail loop issue. > > As a test to understand what you’d recommended, I added > > > > accept from local for domain <domain> relay via <server> > > > > and tested—that presented the same mail loop problem. > > 1. Is <server> what you call "upstream"? Aka your mailbox system? Yes. > 2. Are the accept lines in the right order? From specific to common. They weren’t. I moved ‘accept from local for any relay’ to the bottom of the relay rules (it was previously in its default location at the top of smtpd.conf). That resolved the mail loop issue, and still allows non-local email from authenticated users to be delivered. > 3. Can you post the error log? There isn’t much in the way of errors—it just showed this: Nov 29 00:53:55 hostname smtpd[93758]: warn: loop detected Nov 29 00:53:55 hostname smtpd[93758]: 41ffd55e6342f33e smtp event=failed-command address=###.###.###.### host=server.domain.tld command="DATA" result="500 5.4.6 Routing loop detected: Loop detected" There are actually quite a few related lines that precede these two, but they all show the same thing—the single email being delivered and received many times before the loop is detected. > (4. Full smtpd.conf would be nice.) Here’s the config with the change noted above: table aliases file:/etc/mail/aliases listen on lo0 accept for local alias <aliases> deliver to mbox mx_domain = “server.domain.tld" pki $mx_domain certificate "/etc/ssl/domain.tld.fullchain.pem" pki $mx_domain key "/etc/ssl/private/domain.tld.key” listen on egress tls hostname $mx_domain pki $mx_domain accept from any for domain <domain> relay via <mailbox server> accept from local for any relay smtp_domain = “server.domain.tld" pki $smtp_domain certificate "/etc/ssl/domain.tld.fullchain.pem" pki $smtp_domain key "/etc/ssl/private/domain.tld.key" table smtpout_auth file:/etc/mail/smtpout_auth listen on egress port 465 smtps auth <smtpout_auth> hostname $smtp_domain pki $smtp_domain listen on egress port 587 tls-require auth <smtpout_auth> hostname $smtp_domain pki $smtp_domain > > I’m somewhat new to OpenSMTPd > > Then you should skip 6.3 and move to OpenBSD 6.4, because of the new > configuration style. You are learning a deprecated config style at the > moment. I was unaware of the new config style, but I’ll be migrating to 6.4 over the next month or so. -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
