Re: elementary opensmtpd setting on rental server

[koko]

On Sat, 25 Jul 2015 11:22:09 +0900
Tuyosi Takesima nakajin.fu...@gmail.com wrote:

 for me  , nsd is too hard .
 so i  make a tryal to build intranet mail server
 with  unbound ,  opensmtpd and dovecot  without nsd or bind .
 
nsd if for authoritative only, if you need recursive and
cache dns server, use unbound or bind/named.

 see http://aoiyuma.mydns.jp/unbound+opensmtpd.html by using proper
 translation URL .
 
there a lot of how to for this purposes if you search on
goole... http://blather.michaelwlucas.com/archives/580

Re: elementary opensmtpd setting on rental server

[tuyosi]

hi all .
i write up at http://aoiyuma.mydns.jp/mydns-MS.html for comvinience .

perhaps it has some errors.
please point out them .

in english translation ,
https://translate.google.co.jp/translate?sl=jatl=enjs=yprev=_thl=jaie=UTF-8u=http%3A%2F%2Faoiyuma.mydns.jp%2Fmydns-MS.htmledit-text=

without openbsd fellow's , i remain postfix  and  struggle .
opensmtpd is simple ant talentful and beautiful .
--
regards
tuyosi

Re: elementary opensmtpd setting on rental server

[Tuyosi Takesima]

thanks  koko .

for me  , nsd is too hard .
so i  make a tryal to build intranet mail server
with  unbound ,  opensmtpd and dovecot  without nsd or bind .


see http://aoiyuma.mydns.jp/unbound+opensmtpd.html by using proper
translation URL .

-
see you .

Re: elementary opensmtpd setting on rental server

[koko]

On Fri, 24 Jul 2015 20:17:47 +0900
tuyosi nakajin.fu...@gmail.com wrote:

 hi all .
 i write up at http://aoiyuma.mydns.jp/mydns-MS.html for comvinience .
 
 perhaps it has some errors.
 please point out them .
 
 in english translation ,
 https://translate.google.co.jp/translate?sl=jatl=enjs=yprev=_thl=jaie=UTF-8u=http%3A%2F%2Faoiyuma.mydns.jp%2Fmydns-MS.htmledit-text=
 
 without openbsd fellow's , i remain postfix  and  struggle .
 opensmtpd is simple ant talentful and beautiful .
 
good tutorial, hope will useful for the others..

Re: elementary opensmtpd setting on rental server

[Tuyosi Takesima]

Gilles's advices is essential !

i read  http://yama-ga.seesaa.net/article/394367473.html too.

so i rewrite smtpd.conf

listen on lo0
listen on em0 port 25
listen on em0 port 465
listen on em0 port 587
table aliases db:/etc/mail/aliases.db
accept from any for domain aoiyuma.mydns.jp   alias aliases 
deliver to maildir
accept from any for domain aoiyuma.mydns.jp   
deliver to maildir
accept for localalias aliases 
deliver to maildir
accept for local
deliver to maildir

mynetwork = 61.214.236.211/32
accept from source $mynetwork for any relay
reject from any for any
 

in this setting , i can send  mail to x...@gmail.com and
 recieve mail from x...@gmail.com.



and at http://www.rbl.jp/svcheck.php

Mail Relay testing.
Connecting to aoiyuma.mydns.jp for test ...

 220 aoiyuma.mydns.jp ESMTP OpenSMTPD
 HELO h.rbl.jp
 250 aoiyuma.mydns.jp Hello h.rbl.jp [115.125.246.68], pleased to 
meet you



Relay test 0

 RSET
 250 2.0.0: Reset state
 MAIL FROM: rly...@h.rbl.jp
 250 2.0.0: Ok
 RCPT TO: rlyt...@rbl.jp
 550 Invalid recipient
relay NOT accepted!!

Relay test 1

 RSET
 250 2.0.0: Reset state
 MAIL FROM: rlychk
relay NOT accepted!!

Relay test 2

 RSET
relay NOT accepted!!

Relay test 3

 RSET
relay NOT accepted!!

Relay test 4

 RSET
relay NOT accepted!!

Relay test 5

 RSET
relay NOT accepted!!

Relay test 6

 RSET
relay NOT accepted!!

Relay test 7

 RSET
relay NOT accepted!!

Relay test 8

 RSET
relay NOT accepted!!

Relay test 9

 RSET
relay NOT accepted!!

Relay test 10

 RSET
relay NOT accepted!!

Relay test 11

 RSET
relay NOT accepted!!

Relay test 12

 RSET
relay NOT accepted!!

Relay test 13

 RSET
relay NOT accepted!!

Relay test 14

 RSET
relay NOT accepted!!

Relay test 15

 RSET
relay NOT accepted!!

Relay test 16

 RSET
relay NOT accepted!!

Relay test 17

 RSET
relay NOT accepted!!

Relay test 18

 RSET
relay NOT accepted!!

Relay test 19

 RSET
relay NOT accepted!!
Closing connection ...

 QUIT

Relay test result

All tests performed, no relays accepted.


without fellows helps  , i cannot .
thanks for all

tuyosi

Re: elementary opensmtpd setting on rental server

[Gilles Chehade]

On Fri, Jul 24, 2015 at 02:09:53AM +0900, Tuyosi Takesima wrote:
 thanks for Denis
 
 |Tell me if I'm wrong but you don't listen on port 25 or 465.
 your advise is great !
 
 /etc/mail/smtpd.conf  is rewriten .
 listen on lo0
 listen on em0 port 25-to recieve mail from gmx
 listen on em0 port 465  -to recieve mail from gmail
 table aliases db:/etc/mail/aliases.db
 
 accept from any for domain aoiXXX.mydns.jp   alias aliases
 deliver to maildir
 accept from any for domain aoiXXX.mydns.jp
 deliver to maildir
 
 accept for localalias aliases
 deliver to maildir
 accept for local
 deliver to maildir
 
 reject from any for any
 --
 
 then  i can get mails from x...@gmail.com  x...@gmx.com .
 buti cannot send mails to x...@gmail.com  x...@gmx.com .
 
 but this is great progress .
 

Jumping in to put an end to this thread:

Let's look at what you want to do:

  send mail to @gmail.com  @gmx.de

Then, let's check if your ruleset has any rule matching these:

 accept from any for domain aoiXXX.mydns.jp [...] - no
 accept from any for domain aoiXXX.mydns.jp [...] - no
 accept for local [...] - no
 accept for local [...] - no
 reject from any for any - yes

Your ruleset doesn't allow for your own users to send mail to anything
but your local domains.

You need a rule that states:

accept from local for any relay

It needs to be at the bottom of your config, right where you added this
reject rule (which serves no purpose btw since this is the default).


-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

Re: elementary opensmtpd setting on rental server

[Denis Fondras]

 so , accordingly i rewrite /etc/mail/smtpd.conf
 listen on lo0
 listen on em0 port 587
 

Tell me if I'm wrong but you don't listen on port 25 or 465.

Re: elementary opensmtpd setting on rental server

[Tuyosi Takesima]

thanks for Denis

|Tell me if I'm wrong but you don't listen on port 25 or 465.
your advise is great !

/etc/mail/smtpd.conf  is rewriten .
listen on lo0
listen on em0 port 25-to recieve mail from gmx
listen on em0 port 465  -to recieve mail from gmail
table aliases db:/etc/mail/aliases.db

accept from any for domain aoiXXX.mydns.jp   alias aliases 
deliver to maildir
accept from any for domain aoiXXX.mydns.jp   
deliver to maildir


accept for localalias aliases 
deliver to maildir
accept for local
deliver to maildir


reject from any for any
--

then  i can get mails from x...@gmail.com  x...@gmx.com .
buti cannot send mails to x...@gmail.com  x...@gmx.com .

but this is great progress .

Re: elementary opensmtpd setting on rental server

[Tuyosi Takesima]

i have done my homework

buti cannot send mails to x...@gmail.com  x...@gmx.com .


Do you have any error code or message ?



thunderbird says
---
An error occurred while sending mail. The mail server responded:
Invalid recipient. ---
Please check the message recipient n...@gmail.com and try again.Jul 24 
04:06:43 aoiyuma



/var/log/maillog says
--
Jul 24 04:06:43 aoiYYY smtpd[6328]: smtp-in: New session 
d5af55f155071cfa from

host pYYY.akita.ocn.ne.jp [6.2.222.333]
Jul 24 04:06:44 aoiYYY smtpd[6328]: smtp-in: Failed command on session 
d5af55f1

55071cfa: RCPT TO:n...@gmail.com = 550 Invalid recipient -


Invalid recipient !!
-
regards

Re: elementary opensmtpd setting on rental server

[Denis Fondras]

 buti cannot send mails to x...@gmail.com  x...@gmx.com .
 

Do you have any error code or message ?

Re: elementary opensmtpd setting on rental server

[Craig Skinner]

On 2015-07-23 Thu 11:27 AM |, Tuyosi Takesima wrote:
 
 Gmail server reject mail from PC2 because Gmail server thinks that it is
 relayed by aoi.

Post logs.

 and
 aoi server   reject mail from PC1 because aoi server  thinks that it is
 relayed by Gmail.
 

Post logs.

 
 ssh -l user aoi.jp
 and directory
 echo '---mail to Gmail from aoi --'| mail x...@gmail.com
 
 then surely Gmail has this mail bcaue it is not relayed but directly .
 

Post logs.

By the way, the OpenSMTPD mailing list is best for detailed or unusual
OpenSMTPD configuration questions, that aren't dependant on the OS.

Re: elementary opensmtpd setting on rental server

[Gregor Best]

On Wed, Jul 22, 2015 at 03:22:36PM +0200, Denis Fondras wrote:
 [...]
 You should re-read the manual :)
 If from is not specified, from local is assumed.
 [...]

Whoops, caught me. Thanks for the hint :)

-- 
Gregor Best

elementary opensmtpd setting on rental server

[tuyosi]

Hi all

i manage to make ***elementary***  mail server by opensmtpd and dovecot .

overview is next.

internet---arch linux(thunderbird)
|
|
|
openbsd on rental server( mail server)


1) only opensmtpd run .
# ps ax | grep post
26624 p0  S+  0:00.00 grep post


# ps ax | grep dove
28879 ??  Ss  0:00.05 /usr/local/sbin/dovecot
16673 ??  S   0:00.01 dovecot/log
22057 ??  S   0:00.01 dovecot/anvil
 3778 ??  S   0:00.02 dovecot/config
30430 ??  S   0:00.02 dovecot/auth
12534 ??  S   0:00.02 dovecot/auth -w
 6640 ??  I   0:00.01 dovecot/auth -w
19804 ??  S   0:00.04 dovecot/imap
10004 ??  I   0:00.03 dovecot/imap
10167 ??  S   0:00.02 dovecot/imap
19903 p0  R+  0:00.00 grep dove


# ps ax | grep smtp
 4495 ??  Is  0:00.02 smtpd: [priv] (smtpd)
23819 ??  I   0:00.02 smtpd: pony express (smtpd)
 6484 ??  I   0:00.01 smtpd: lookup (smtpd)
 4356 ??  I   0:00.01 smtpd: klondike (smtpd)
14814 ??  I   0:00.02 smtpd: queue (smtpd)
15067 ??  I   0:00.01 smtpd: scheduler (smtpd)
23009 ??  I   0:00.01 smtpd: control (smtpd)
10327 p0  R+  0:00.00 grep smtp



2)# dovecot -n
# 2.2.15: /etc/dovecot/dovecot.conf
# OS: OpenBSD 5.7 amd64
auth_mechanisms = plain login
disable_plaintext_auth = no
first_valid_uid = 1000
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
listen = *
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
mmap_disable = yes
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox Sent Messages {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix =
}
passdb {
  driver = bsdauth
}
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
protocols = imap
service imap-login {
  inet_listener imaps {
port = 993
ssl = yes
  }
}
ssl = no
ssl_cert = /etc/ssl/dovecotcert.pem
ssl_key = /etc/ssl/private/dovecot.pem
userdb {
  driver = passwd
}



3) /etc/mail/smtpd.conf

listen on lo0
listen on em0 port 587
table aliases db:/etc/mail/aliases.db
accept from any for domain openbsd.link alias aliases   deliver 
to maildir

accept from any for domain openbsd.link deliver to maildir
accept for local alias aliasesdeliver 
to maildir





4)
openbsd.link -fail --gmai.com
---
An error occurred while sending mail. The mail server responded:
Invalid recipient.
 Please check the message recipient n--...@gmail.com and try again


gmai.com -fail  -- openbsd.link


5) x...@openbsd.link -- OK  --- x...@openbsd.link

6) i can not emai extra @openbsd.link .
but this is safe .

becasue except @openbsd.link cannot send to  @openbsd.link .
so virus is difficult to go into my PCs .

company wellcome this condition .

but this is deficits.
please teach me the method to send to gmail and recieve from gmail .



regards

Re: elementary opensmtpd setting on rental server

[Denis Fondras]

 Please don't. This will allow people from the outside to send mail to
 other people not on your machine using your server as a relay. This is
 most certainly not what you want. Use something like
 

You should re-read the manual :)
If from is not specified, from local is assumed.

Re: elementary opensmtpd setting on rental server

[Mariano Baragiola]

Hello tuyosi, 
I have a hard time reading your English so maybe I'm not following you well.

Are you trying to use Gmail through your personal domain as a mask?
Does Thunderbird connect to your Dovecot (IMAP/POP3) or to your Gmail account?

If you are trying to mask your Gmail, you don't need Dovecot and the 
configuration is far simpler.

On the other hand, if you really do want your own personal IMAP/POP3 server 
using Dovecot, 
and the problem it's just that you can't send/receive email from addresses from 
@gmail.com,
maybe your rental's IP address is just blacklisted because someone was using it 
to spam.

Please, use the following or similar test: https://mxtoolbox.com/diagnostic.aspx

If you're blacklisted, you should contact your rental server support and ask 
them to
do the procedures to remove it from the blacklist.

Sorry if I'm getting this all wrong.

Re: elementary opensmtpd setting on rental server

[Seth]

On Wed, 22 Jul 2015 04:14:59 -0700, tuyosi nakajin.fu...@gmail.com wrote:

listen on lo0
listen on em0 port 587
table aliases db:/etc/mail/aliases.db
accept from any for domain openbsd.link alias aliases   deliver  
to maildir

accept from any for domain openbsd.link deliver to maildir
accept for local alias aliasesdeliver  
to maildir


I'm not 100% clear on the problem statement, but from what I can gather  
you're unable to relay email to outside addresses at providers such as  
gmail.com


You might try adding this line an the end of smtpd.conf

accept for any relay


This will relay any messages that do not match the previous rules out to  
the Internet at large.

Re: elementary opensmtpd setting on rental server

[Tuyosi Takesima]

Hi all.
sorry for my poor english.

following may be illusion .
but i do experiment .

for example　
Gmail server 3.4.5.6--4.5.6.7PC1
 |
 |
aoi server 2.3.4.5 --1.2.3.4PC2

Gmail server reject mail from PC2 because Gmail server thinks that it is 
relayed by aoi.

and
aoi server   reject mail from PC1 because aoi server  thinks that it is 
relayed by Gmail.



so , accordingly i rewrite /etc/mail/smtpd.conf
listen on lo0
listen on em0 port 587
table aliases db:/etc/mail/aliases.db
accept from any for domain aoi.jp   alias aliases deliver to 
maildir

accept from any for domain aoi.jp deliver to maildir
accept for localalias aliases 
deliver to maildir
accept for local
deliver to maildir

accept from local for any relay --
reject from any for any --

and then
ssh -l user aoi.jp
and directory
echo '---mail to Gmail from aoi --'| mail x...@gmail.com

then surely Gmail has this mail bcaue it is not relayed but directly .


this is the reason
'send mail to Gmail' is easyier than 'recieve from Gmail '

normaly anybody cannot login Gmail server by ssh .

pehaps relay setting of smtpd.conf is important .
by now i have no good idea to deal it .
--
regards

Re: elementary opensmtpd setting on rental server

[Seth]

On Wed, 22 Jul 2015 06:22:36 -0700, Denis Fondras open...@ledeuns.net  
wrote:



Please don't. This will allow people from the outside to send mail to
other people not on your machine using your server as a relay. This is
most certainly not what you want. Use something like



You should re-read the manual :)
If from is not specified, from local is assumed.


That is true. Since the OP is new to OpenSMTPD, it probably would have  
been best to provide both examples with an explanation of the implicit  
from local in the shortened rule.

Re: elementary opensmtpd setting on rental server

[Gregor Best]

On Wed, Jul 22, 2015 at 05:31:56AM -0700, Seth wrote:
 [...]
 You might try adding this line an the end of smtpd.conf
 
 accept for any relay
 [...]

Please don't. This will allow people from the outside to send mail to
other people not on your machine using your server as a relay. This is
most certainly not what you want. Use something like

accept from local for any relay

or

listen on em0 \
tls pki mail auth \
tag AUTH
accept tagged AUTH for any relay

instead. This will require senders to either come from the local machine
or be authenticated before sending.

-- 
Gregor Best