btw your SPF setup seems to be broken, as mail bounces: ch...@open-systems.net: 554 5.7.1 Service unavailable; Client host [85.214.232.249] blocked using b.barracuda.org; v=spf1 a -all
> Am 19.05.2016 um 08:45 schrieb Joerg Jung <m...@umaxx.net>: > > > >> Am 18.05.2016 um 23:01 schrieb Chris Watson <ch...@open-systems.net>: >> >> >> Chris Watson, Open Systems >> ch...@open-systems.net >> CEO, Owner >> 316-558-0440 >> >> PGP Fingerprint: BE67 ED60 6BB0 6B1E 2EB8 95D0 4A35 6B4D F529 1D0D >> PGP Key ID: F5291D0D >> >>> On May 18, 2016, at 2:14 PM, Joerg Jung <m...@umaxx.net> wrote: >>> >>> On Wed, May 18, 2016 at 01:48:11PM -0500, Chris Watson wrote: >>>> So I’ve been brought up on Sendmail, then later Postfix. Yesterday I >>>> decided to try moving from Postfix to OpenSMTPD. The main reason was >>>> because with Postfix for a remote user you have to install and configure a >>>> bunch of other things to auth before SMTP posting. So when I read >>>> OpenSMTPD supported that internally I jumped. That and I had heard it was >>>> much simpler and easier to maintain. >>>> >>>> So a couple of issues have hit me in the face like a sledge hammer. First >>>> let me describe my setup: >>>> >>>> I have a virtual host @ rootbsd.net <http://rootbsd.net/>. It hosts my >>>> business website. All web and email goes there. >>>> I use a MBP at home to connect to the RootBSD VPS hosting my mail server, >>>> which is now OpenSMTPD. It also hosts Archiveopteryx to act as my IMAP >>>> server and email storage archive. So mail leaves my MBP connects to >>>> OpenSMTPD and then Archiveopteryx to handle outgoing mail. Incoming mail I >>>> connect right to archiveopteryx via IMAP. >>>> So my fist issue is virtual aliases. I have tried everything under the sun >>>> to get them to work with OpenSMTPD and clearly I am not understanding the >>>> docs at all. >>>> This is such an easy thing to do yet I can’t seem to grasp it with >>>> OpenSMTPD. >>>> >>>> Here is my config: >>>> >>>> # This is the smtpd server system-wide configuration file. >>>> # See smtpd.conf(5) for more information. >>>> >>>> # To accept external mail, replace with: listen on all >>>> listen on localhost >>>> #listen on all >>>> >>>> # filters and filter chains setup >>>> filter filter-pause pause >>>> filter filter-regex regex >>>> filter filter-dnsbl-sorbs dnsbl >>>> filter filter-dnsbl-spamcop dnsbl "-h bl.spamcop.net" >>>> filter filter-dnsbl-spamhaus dnsbl "-h sbl-xbl.spamhaus.org" >>>> filter filter-spamassassin spamassassin "-s reject" >>>> filter filter-clamav clamav >>>> filter all chain filter-pause filter-regex filter-dnsbl-sorbs >>>> filter-dnsbl-spamcop filter-dnsbl-spamhaus filter-spamassassin >>>> filter-clamav >>>> filter sub chain filter-pause filter-spamassassin filter-clamav >>>> >>>> # Enable TLS encryption >>>> pki xxxx-systems.net certificate "/etc/ssl/certs/mail.xxxx-systems.net.pem" >>>> pki xxxx-systems.net key "/etc/ssl/private/mail.xxxx-systems.net.key" >>>> >>>> # listen on 204.109.61.174 tls pki xxxx-systems.net >>>> listen on xn0 tls-require pki xxxx-systems.net >>>> >>>> # If you edit the file, you have to run "smtpctl update table aliases" >>>> table aliases file:/etc/mail/aliases >>>> table virtuals file:/etc/mail/virtuals >>>> table passwd passwd:/etc/mail/passwd >>>> >>>> # Allow Archiveopteryx to get sent mail. >>>> accept from any for domain “xxxx-systems.net" relay via >>>> lmtp://127.0.0.1:2026 >>>> # accept from any for domain “xxxx-systems.net" alias <aliases> deliver to >>>> mbox >>>> >>>> accept for local alias <aliases> deliver to mbox >>>> accept for any relay >>>> >>>> So thing’s seem to work ok as long as the user I am emailing @ >>>> xxxx-systems.net <http://xxxx-systems.net/> is a valid local user. >>>> For instance ch...@xxxx-systems.net <mailto:ch...@xxxx-systems.net> works >>>> fine, because it is a real user, but chris.wat...@xxxx-systems.net >>>> <mailto:chris.wat...@xxxx-systems.net>, a virtual user, does not. >>>> Obviously because it’s not a local user, it’s an alias. I have beaten my >>>> head senseless trying to grasp how to add virtual users. >>> >>> Your config seems to follow the FAQ example. But you missed the need to >>> setup /etc/mail/virtuals table and the use of this table, e.g a: >>> ... virtual <virtuals> .... >>> You also missed the rcpt-to keyword. >> >> Thank you. So the table is defined, table virtuals file:/etc/mail/virtuals. >> Then I can get it half working i think using the following: >> accept from any for domain “xxxx-systems.net" virtual <virtuals>. It won’t >> work with “relay via lmtp” like the line below it does. > > Why not just use deliver to lmtp? > >> So I can’t figure out how to get it to pass virtual users into >> Archiveopteryx via lmtp, as the valid local users mail does. >> And the “rcpt-to” keyword is no where in my documentation for smtpd.conf. >> FreeBSD 10.3, OpenSMTPD 5.7.3. > > It is a new feature (available in 5.9.2). > >> So I am not sure of it’s syntax or function. But so far I was able to deduce >> the following to use lmtp: >> accept from any for domain “xxxx-systems.net" virtual <virtuals> deliver to >> lmtp 127.0.0.1:2026 >> >> But the logs show opensmtpd complaining of, what else, rcpt-to. >> >> May 18 16:49:59 open-systems smtpd[32600]: delivery: TempFail for >> 2b7daee119906ec0: from=<ch...@xxxx--systems.net>, >> to=<chris.wat...@xxxx-systems.net>, user=chris, method=lmtp, delay=5h38m22s, >> stat=Error ("smtpd: RCPT TO rejected: 501 5.5.2 Address must have both >> localpart and domain") >> >> If it feels like I am almost there. Is rcpt-to documented anywhere? >> >> Thanks again! >> >> >> >>>> I have tried every example on the net, I have read the docs but it’s just >>>> not clear to me how one creates a simple virtual address. >>>> And I discovered although I did not see it in the docs, you cannot use >>>> aliases or virtuals with a relay which is an issue because mail is >>>> injecting with Archiveopteryx via LMTP. >>>> How does one add a simple email virtual user alias when a relay like above >>>> is involved? >>>> Do I need a usertable? I can’t seem to use any table at all with a relay. >>> >>> recipients keyword may help you. >>> >>>> Thanks for any guidance you offer. >>>> >>>> Chris Watson, Open Systems >>>> ch...@open-systems.net >>>> CEO, Owner >>>> 316-558-0440 >>>> >>>> PGP Fingerprint: BE67 ED60 6BB0 6B1E 2EB8 95D0 4A35 6B4D F529 1D0D >>>> PGP Key ID: F5291D0D >>
