On Sun, Dec 02, 2018 at 01:05:56PM +0100, Fran??ois wrote: > Thanks Gilles for your quick answer. > > Based on your recommendations, I have now only this 3 match rules : > > match from any mail-from <indesirables> for any reject > match auth from local action relayer > match auth from any action distribuer >
you also need a for on the last rules not specifying from implies from local, not specifying for implies for local. you should most definitely have something along the lines of: match auth from local for [...] match auth from auth for [...] > Below how the server reacts when I try to send an email from my laptop > connected at the same osmtpd server network to an outside email domain > (redarmor.net) : > > Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "192.168.0.1" as NETADDR > in table static:<anyhost> -> found > Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "redarmor.net" as DOMAIN > in table static:<anydestination> -> found > Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check ?? franc...@example.org" > as MAILADDR in table static:indesirables -> 0 > Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "192.168.0.1" as NETADDR > in table static:<localhost> -> 0 > Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "192.168.0.1" as NETADDR > in table static:<anyhost> -> found > Dec 2 12:43:12 gabrielle smtpd[1459]: lookup: check "redarmor.net" as DOMAIN > in table static:<localnames> -> 0 > Dec 2 12:43:12 gabrielle smtpd[1459]: no rule matched > > And when I sent an email from outside domain (redarmor.net) to my domain > (example.org) : > > Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "217.70.183.201" as > NETADDR in table static:<anyhost> -> found > Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check ?? example.org" as > DOMAIN in table static:<anydestination> -> found > Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "za...@redarmor.net" as > MAILADDR in table static:indesirables -> 0 > Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "217.70.183.201" as > NETADDR in table static:<localhost> -> 0 > Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check "217.70.183.201" as > NETADDR in table static:<anyhost> -> found > Dec 2 12:47:02 gabrielle smtpd[1459]: lookup: check ?? example.org" as > DOMAIN in table static:<localnames> -> 0 > Dec 2 12:47:02 gabrielle smtpd[1459]: no rule matched > > As explained in my first email, this two examples leads to the error message > result="550 Invalid recipient ??. > > I will try a configuration which set explicitly the source for the ?? relayer > ?? action like this : action ?? relayer" relay src <sources> helo-src > <helonames> with a table sources set with the local network. > > BR, Fran??ois. > > > > > > Le 2 d??c. 2018 ?? 12:26, Gilles Chehade <gil...@poolp.org> a ??crit : > > > > On Sun, Dec 02, 2018 at 11:46:45AM +0100, Fran??ois wrote: > >> Hello All > >> > >> I'm trying to move from Opensmtpd 6.0.2p1 to 6.4.0p2 my email server > >> hosted at home. > >> I'm running Linux on Raspberry Pi. > >> > >> I didn't face any issue with the release 6.0.2. But after migrated the > >> smtpd.conf file in 6.4.0p2 format, I'm not able to send or receive emails > >> properly through smtp protocol. > >> > > > > [...] > > > >> > >> Here after an extract of my smtpd.conf : > >> > >> listen on 127.0.0.1 > >> listen on $lan_addr tls-require pki mail.example.org hostname > >> mail.example.org > >> listen on $lan_addr smtps pki mail.example.org auth hostname > >> mail.example.org mask-src > >> listen on $lan_addr port 587 tls-require pki mail.example.org auth > >> hostname mail.example.org mask-src > >> > >> table aliases file:/etc/aliases > >> table indesirables { "@qq.com ?? } > >> > >> action distribuer mbox alias <aliases> > >> action relayer relay > >> > >> match from any mail-from <indesirables> for any reject > >> match for local action distribuer > >> match for any action relayer > >> > >> I don't understand my mistake. For information, I compiled the binaries > >> from the sources, maybe I missed to set something in the Makefile. > >> Thanks in advance for your support. > >> > > > > The problem is that in 6.0.x authenticated users are considered as local > > sessions and therefore match you last two rules, but this was not right, > > it led to some configuration being impossible to express. > > > > Starting with 6.4.x, authenticated users are no longer considered local, > > and rules must explicitly match them: > > > > match auth from any [...] > > > > The 'auth' criteria is no longer related to the locality, so you're able > > to write rules that match differently the authenticated users which come > > from your machine or from others: > > > > match auth from local [...] > > match auth from any [...] > > > > Your new ruleset should have one or two additional match rules I guess. > > > > Also, while at it, it is now also possible to match non-network sessions > > with: > > > > match from socket [...] > > > > This used to only be matched by from local but can now also be matched a > > bit more precisely. > > > > > > -- > > Gilles Chehade @poolpOrg > > > > https://www.poolp.org tip me: https://paypal.me/poolpOrg > > > > -- > > You received this mail because you are subscribed to misc@opensmtpd.org > > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > > > > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org