On Thu, 10 Jun 2021 13:13:30 +0200 Martijn van Duren <opensm...@list.imperialat.at> wrote:
> EHLO, > > I just pushed a new release of libopensmtpd and filter-dkimsign to the > OpenBSD ports tree. These contains the following changes: > > libopensmtpd (0.7): > - Registering OSMTPD_PHASE_LINK_CONNECT should be OSMTPD_TYPE_REPORT > - Fix manpage: 0 is for outgoing connections, not 2. > From Edgar Pettijohn <edgar <at> pettijohn-web <dot> com> > - Fix a spelling mistake. > From Ryan Kavanagh <rak <at> debian <dot> org> > - Major overhaul of the Makefile.gnu so that things properly build on > Debian (not relevant for OpenBSD) > With Ryan Kavanagh <rak <at> debian <dot> org> > > filter-dkimsign (0.5): > - Add support for ed25519. This currently requires openssl1.1 > libcrypto and is thus only enabled in an ed25519 flavor of the > package. Lots of help from tb@ and sthen@ > - Fix error handling in a couple of places > - Fix an initialization issue > Spotted by Maarten de Vries <maarten <at> de-vri <dot> es> > - Fix a couple of signedness warnings > - Allow filter-dkimsign to be build on Debian (not relevant for > OpenBSD) With Ryan Kavanagh <rak <at> debian <dot> org> > > The two major things: > - filter-dkimsign now supports ed25519. Since LibreSSL doesn't have > ed25519 signing yet it requires building against OpenSSL (I've only > tested version 1.1). People on OpenBSD wanting to sign with ed25519 > should intall the ed25519 flavor, which links against openssl's > libcrypto. Note that in my testing many major mail platforms don't > support ed25519 verifying, so continuing to sign with RSA in > addition to ed25519 is still recommended. > - libopensmtpd and filter-dkimsign should now be able to build on > Debian without problems and should appear in the testing release of > Debian soon(tm). This also means that other Linux distros should > probably be able to compile and package them. If you run into issue > please contact me so that things can be ironed out. > > For people who want to test filter-dkimsign on other platforms, the > source can be downloaded at: > https://distfiles.sigtrap.nl/libopensmtpd-0.7.tar.gz > https://distfiles.sigtrap.nl/filter-dkimsign-0.5.tar.gz > > martijn@ > > Hello again. I've got libopensmtpd and filter-dkimsign compiled and installed successfully (I think) but something is wrong as no mail is sent with the below config. According to https://dmarcly.com/tools/dkim-record-checker everything is fine DNS wise. I used the sample from https://openports.pl/path/mail/opensmtpd-filters/dkimsign Here is my /etc/smtpd.conf: # $OpenBSD: smtpd.conf,v 1.10 2018/05/24 11:40:17 gilles Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. table aliases file:/etc/aliases # To accept external mail, replace with: listen on all # listen on localhost action "local" maildir alias <aliases> action "relay" relay # Uncomment the following to accept external mail for domain "example.org" # # match from any for domain "example.org" action "local" match for local action "local" match from local for any action "relay" # Below is for filter-dkimsign filter "dkimsign" proc-exec "filter-dkimsign -d -s -k /mail/dkim/b0x.key" user _dkimsign group _dkimsign listen on localhost filter "dkimsign" I'm wondered if the user and group might be the issue so commented them out, but that didn't help. Do I need to create a _dkimsign user and group? Any help appreciated. I feel so close now. I've tried rspamd and dkimproxy but they both use about 200MB on my server which seems somewhat heavy. -- Web: https://simonh.uk Email: m...@simonh.uk
