Hi, I just upgraded various system packages on Fedora 37 and restarted and now I'm getting "550 Invalid recipient" errors in OpenSMTPD to valid email addresses. This might be an interaction with Fedora somehow but I'm a bit stuck and need help understanding what's causing the problem! I can receive email fine but can't send email. Here is a reproduction with /usr/sbin/smtpd -dv:
debug: init ssl-tree info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED debug: using "fs" queue backend debug: using "ramqueue" scheduler backend debug: using "ram" stat backend info: OpenSMTPD 6.8.0p2 starting debug: init ssl-tree debug: init ssl-tree info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED debug: using "fs" queue backend debug: init ssl-tree debug: init ssl-tree info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED debug: using "fs" queue backend info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED debug: using "fs" queue backend debug: using "ramqueue" scheduler backend debug: using "ram" stat backend setup_peer: scheduler -> control[1149] fd=4 debug: init ssl-tree info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED debug: using "fs" queue backend debug: using "ramqueue" scheduler backend debug: using "ram" stat backend setup_peer: lookup -> control[1149] fd=4 debug: init ssl-tree debug: using "ramqueue" scheduler backend debug: using "ram" stat backend info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED debug: using "ramqueue" scheduler backend debug: using "fs" queue backend setup_peer: queue -> control[1149] fd=4 debug: using "ram" stat backend setup_peer: pony express -> control[1149] fd=4 setup_peer: lookup -> pony express[1151] fd=5 info: loading pki information for REDACTED debug: init ca-tree debug: init ssl-tree info: loading pki keys for REDACTED setup_peer: queue -> pony express[1151] fd=5 debug: using "ramqueue" scheduler backend debug: using "ram" stat backend setup_peer: klondike -> control[1149] fd=4 setup_peer: lookup -> queue[1152] fd=6 setup_peer: klondike -> pony express[1151] fd=5 debug: using "fs" queue backend setup_peer: queue -> lookup[1150] fd=6 setup_peer: queue -> scheduler[1153] fd=7 setup_peer: pony express -> klondike[1148] fd=5 setup_peer: pony express -> lookup[1150] fd=6 debug: using "ramqueue" scheduler backend debug: using "ram" stat backend setup_peer: control -> klondike[1148] fd=4 setup_peer: pony express -> queue[1152] fd=7 setup_done: ca[1148] done setup_proc: klondike done setup_peer: control -> lookup[1150] fd=5 setup_peer: control -> pony express[1151] fd=6 setup_peer: scheduler -> queue[1152] fd=5 setup_peer: control -> queue[1152] fd=7 setup_peer: control -> scheduler[1153] fd=8 setup_done: control[1149] done setup_done: lka[1150] done setup_proc: lookup done setup_done: pony[1151] done setup_done: queue[1152] done setup_proc: queue done setup_proc: pony express done setup_done: scheduler[1153] done smtpd: setup done debug: parent_send_config_ruleset: reloading debug: parent_send_config: configuring pony process debug: parent_send_config: configuring ca process debug: init private ssl-tree setup_proc: scheduler done debug: bounce warning after 4h setup_proc: control done debug: rsa_engine_init: using RSA privsep engine debug: ecdsa_engine_init: using ECDSA privsep engine debug: smtp: listen on 127.0.0.1 port 25 flags 0x409 pki "REDACTED" ca "" debug: smtp: listen on [::1] port 25 flags 0x409 pki "REDACTED" ca "" debug: smtp: listen on 164.92.78.241 port 25 flags 0x409 pki "REDACTED" ca "" debug: smtp: listen on 10.48.0.7 port 25 flags 0x409 pki "REDACTED" ca "" debug: smtp: listen on [2604:a880:4:1d0::69c:8000] port 25 flags 0x409 pki "REDACTED" ca "" debug: smtp: listen on [fe80::3b10:2bab:9fcb:c98f] port 25 flags 0x409 pki "REDACTED" ca "" debug: smtp: listen on 127.0.0.1 port 587 flags 0x469 pki "REDACTED" ca "" debug: smtp: listen on [::1] port 587 flags 0x469 pki "REDACTED" ca "" debug: smtp: listen on 164.92.78.241 port 587 flags 0x469 pki "REDACTED" ca "" debug: smtp: listen on 10.48.0.7 port 587 flags 0x469 pki "REDACTED" ca "" debug: smtp: listen on [2604:a880:4:1d0::69c:8000] port 587 flags 0x469 pki "REDACTED" ca "" debug: smtp: listen on [fe80::3b10:2bab:9fcb:c98f] port 587 flags 0x469 pki "REDACTED" ca "" debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca "" debug: smtp: listen on [::1] port 10028 flags 0x400 pki "" ca "" debug: smtp: listen on 127.0.0.1 port 10030 flags 0x400 pki "" ca "" debug: smtp: listen on [::1] port 10030 flags 0x400 pki "" ca "" debug: pony: rsae_init debug: pony: rsae_init debug: smtp: will accept at most 262139 clients debug: queue: done loading queue into scheduler debug: smtpd: scanning offline queue... debug: smtpd: offline scanning done 2b526199c1e7d336 smtp connected address=REDACTED host= REDACTED.lightspeed.austtx.sbcglobal.net <http://redacted.lightspeed.austtx.sbcglobal.net/> debug: looking up pki "REDACTED" debug: session_start_ssl: switching to SSL debug: pony: ecdsae_sign debug: pony: ecdsae_do_sign 2b526199c1e7d336 smtp tls ciphers=TLSv1.3:TLS_AES_256_GCM_SHA384:256 smtp: 0x563d69488c00: smtp_cert_verify_cb: no-client-cert debug: lka: authenticating for passwd:REDACTED 2b526199c1e7d336 smtp authentication user=REDACTED result=ok debug: smtp: SIZE in MAIL FROM command 2b526199c1e7d336 smtp failed-command command="RCPT TO:<redac...@redacted.org>" result="550 Invalid recipient: <redac...@redacted.org>" 2b526199c1e7d336 smtp disconnected reason=disconnect Here's my smtpd.conf: table aliases file:/etc/mail/aliases table domains file:/etc/mail/domains table passwd passwd:/etc/mail/passwd table users file:/etc/mail/users table secrets file:/etc/mail/secrets pki REDACTED cert "/etc/letsencrypt/live/REDACTED/fullchain.pem" pki REDACTED key "/etc/letsencrypt/live/REDACTED/privkey.pem" listen on lo port 25 tls pki REDACTED auth-optional <passwd> listen on eth0 port 25 tls pki REDACTED auth-optional <passwd> listen on lo port 587 tls-require pki REDACTED auth <passwd> listen on eth0 port 587 tls-require pki REDACTED auth <passwd> # DKIM listen on lo port 10028 tag DKIM # spampd/spamassassin will relay back and we'll tag it with SPAMPD to note it has been processed by SPAMPD listen on lo port 10030 tag SPAMPD # Accept incoming mail to local users from the local machine: action "process_local_mail" lmtp "/run/dovecot/lmtp" rcpt-to alias <aliases> match from local for local action "process_local_mail" # Accept external mail tagged after processing by SPAMPD and put in Dovecot. We don't bother with checking spam of # authenticated users relaying mail, so we only worry about incoming spam into Dovecot, so we only configure anti-spam # in Dovecot. action "process_spampd" lmtp "/run/dovecot/lmtp" rcpt-to virtual <users> match tag SPAMPD for domain <domains> action "process_spampd" # Accept external mail and forward to spampd on port 10029 which will relay it back into us on port 10030 action "process_relay" relay host smtp://127.0.0.1:10029 match from any for domain <domains> action "process_relay" # Accept DKIM-processed mails for final relay: action "process_outbound" relay host tls+auth://label@REDACTED auth <secrets> match tag DKIM for any action "process_outbound" # Accept incoming mail from authenticated users who want to send email to domains we don't manage, and send it to DKIM: action "process_dkim" relay host smtp://127.0.0.1:10027 match from local for any action "process_dkim"
