Thanks Gilles for your quick answer. Based on your recommendations, I have now only this 3 match rules :
match from any mail-from <indesirables> for any reject match auth from local action relayer match auth from any action distribuer Below how the server reacts when I try to send an email from my laptop connected at the same osmtpd server network to an outside email domain (redarmor.net) : Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "192.168.0.1" as NETADDR in table static:<anyhost> -> found Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "redarmor.net" as DOMAIN in table static:<anydestination> -> found Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check « [email protected]" as MAILADDR in table static:indesirables -> 0 Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "192.168.0.1" as NETADDR in table static:<localhost> -> 0 Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "192.168.0.1" as NETADDR in table static:<anyhost> -> found Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "redarmor.net" as DOMAIN in table static:<localnames> -> 0 Dec 2 12:43:12 gabrielle smtpd[1459]: no rule matched And when I sent an email from outside domain (redarmor.net) to my domain (example.org) : Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "217.70.183.201" as NETADDR in table static:<anyhost> -> found Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check « example.org" as DOMAIN in table static:<anydestination> -> found Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "[email protected]" as MAILADDR in table static:indesirables -> 0 Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "217.70.183.201" as NETADDR in table static:<localhost> -> 0 Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "217.70.183.201" as NETADDR in table static:<anyhost> -> found Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check « example.org" as DOMAIN in table static:<localnames> -> 0 Dec 2 12:47:02 gabrielle smtpd[1459]: no rule matched As explained in my first email, this two examples leads to the error message result="550 Invalid recipient ». I will try a configuration which set explicitly the source for the « relayer » action like this : action « relayer" relay src <sources> helo-src <helonames> with a table sources set with the local network. BR, François. > Le 2 déc. 2018 à 12:26, Gilles Chehade <[email protected]> a écrit : > > On Sun, Dec 02, 2018 at 11:46:45AM +0100, Fran??ois wrote: >> Hello All >> >> I'm trying to move from Opensmtpd 6.0.2p1 to 6.4.0p2 my email server hosted >> at home. >> I'm running Linux on Raspberry Pi. >> >> I didn't face any issue with the release 6.0.2. But after migrated the >> smtpd.conf file in 6.4.0p2 format, I'm not able to send or receive emails >> properly through smtp protocol. >> > > [...] > >> >> Here after an extract of my smtpd.conf : >> >> listen on 127.0.0.1 >> listen on $lan_addr tls-require pki mail.example.org hostname >> mail.example.org >> listen on $lan_addr smtps pki mail.example.org auth hostname >> mail.example.org mask-src >> listen on $lan_addr port 587 tls-require pki mail.example.org auth hostname >> mail.example.org mask-src >> >> table aliases file:/etc/aliases >> table indesirables { "@qq.com ?? } >> >> action distribuer mbox alias <aliases> >> action relayer relay >> >> match from any mail-from <indesirables> for any reject >> match for local action distribuer >> match for any action relayer >> >> I don't understand my mistake. For information, I compiled the binaries from >> the sources, maybe I missed to set something in the Makefile. >> Thanks in advance for your support. >> > > The problem is that in 6.0.x authenticated users are considered as local > sessions and therefore match you last two rules, but this was not right, > it led to some configuration being impossible to express. > > Starting with 6.4.x, authenticated users are no longer considered local, > and rules must explicitly match them: > > match auth from any [...] > > The 'auth' criteria is no longer related to the locality, so you're able > to write rules that match differently the authenticated users which come > from your machine or from others: > > match auth from local [...] > match auth from any [...] > > Your new ruleset should have one or two additional match rules I guess. > > Also, while at it, it is now also possible to match non-network sessions > with: > > match from socket [...] > > This used to only be matched by from local but can now also be matched a > bit more precisely. > > > -- > Gilles Chehade @poolpOrg > > https://www.poolp.org tip me: https://paypal.me/poolpOrg > > -- > You received this mail because you are subscribed to [email protected] > To unsubscribe, send a mail to: [email protected] > -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
