On Thu, Apr 26, 2018 at 01:15:21PM -0400, Shawn Webb wrote: > I've got two email servers using the .onion TLD (using Tor Onion > Services). I'm trying to test sending email from one OpenSMTPd instace > to the other. > > I've got a very basic configuration, which is posted below. The error > I'm getting is: > > user@[scrubbed].onion: Invalid domain name > > Does OpenSMTPd not allow arbitrary TLDs? > > OpenSMTPd configuration, matching on both sides: > > listen on [scrubbed] > table aliases file:/etc/mail/aliases > accept from any for domain "[scrubbed].onion" alias <aliases> deliver to mbox > accept for local alias <aliases> deliver to mbox > accept for any relay
Looking at net.c and dns.c, it appears OpenSMTPd doesn't really care. It tries an MX record lookup and if that fails with an NXDOMAIN, it'll try an A/AAAA lookup next. On Tor, the MX lookup will fail with NOTIMPL. If I'm reading this right (I could be wrong), OpenSMTPd will treat that as an unrecoverable error: https://github.com/OpenSMTPD/OpenSMTPD/blob/d1e589873ff06daa610ef59270de4e1b5d6a449b/smtpd/dns.c#L287 So, I wonder if placing a different resolver behind Tor to massage the DNS responses would help. -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: [email protected] GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
