Re: SPF checking

2016-03-29 Thread Joerg Jung 

> Am 29.03.2016 um 12:05 schrieb Boudewijn Dijkstra 
> :
> 
> Hi,
> 
> It was a bit of a struggle, but I managed to set up a simple build 
> environment in OpenBSD 5.9 for creating OpenSMTPD filters.  I currently have 
> a filter in beta quality that performs an SPF check using libspf2 and inserts 
> a "Received-SPF:" header into the message.  Would the OpenSMTPD developers be 
> interested in integrating such a program into the Extras package?

Absolutely, yes. Send a diff or better a pull request, please :)
Make sure you follow coding style of existing filters.

> I am planning to build upon this to create a spammer-filter that resembles 
> OpenBSD's spamd (in greylisting mode), but based on domain names (and also 
> sender glob patterns).  

This sounds as you want to do to many things in a single filter.
You can easily chain filters, so try to do single simple tasks in a filter.
Keep it simple for a start and have a look into the existing ones, e.g. 
filter-regex 

> Alas the filter API doesn't provide a direct way to 'stutter' an entire 
> conversation, though of course it is possible to pause on every callback 
> event.  What do you think of the idea of a stutter mode in OpenSMTPD?

I use it already, see filter-pause. You may want to extend it, instead of 
re-inventing the wheel.
As mentioned above, you can chain things. 
Make sure you follow timeouts recommended in RFCs for stuttering.

> This spammer-filter needs an interface to a database where greylisting status 
> is kept and where policies are kept.  For a filter program, what would you 
> recommend for persistent storage?

This again sounds a bit over-engineered. Start simple, and add DB later. 
Do you really want to re-implement spamd, why?
There are already tables in extras which use various DBs for lookups,
have a look there for ideas.

> -- 
> (Remove the obvious prefix to reply privately.)
> Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Is the /etc/aliases file an anachronism on modern systems running OpenSMTPD?

2016-03-29 Thread Gilles Chehade 
On Wed, Mar 23, 2016 at 09:38:12AM -0700, Seth wrote:
> I've been running several OpenSMPTD servers on OpenBSD for a while now
> without using the /etc/aliases file.
> 
> I'm having issues however with annoying email being generated from the
> r...@mx.domain.tld and mailer-dae...@mx.domain.tld addresses which get stuck
> in the delivery queue because I don't have the systems configured to accept
> email at the mx.domain.tld subdomain.
> 

Not quite sure I understand how this is related to aliases


> Maybe this is more of a question for the OpenBSD list, but I'm wondering if
> in this day and age, the '/etc/aliases' file is really just a dumb clunky
> sendmail throwback that needs to die in a fire and is unnecessary on modern
> OpenBSD/OpenSMTPD systems.
>

I don't know if you're talking about the aliases mechanism or the aliases
file itself, so I'll give you my opinion (fwiw) on this.

The aliases mechanism is not just a dumb clunky sendmail throwback, it has
use-cases that are very valid, that can't be achieved without aliases, and
that cannot be fullfilled with the "virtual" mechanism.

The /etc/aliases or /etc/mail/aliases file however is historical and comes
from a time where you would simply assume that one MX == one set of users.
I don't know about other MTA, but OpenSMTPD supporting per-domain userbase
we also had to support per-domain aliases mappings and so it does not make
sense to define one "aliases" file when there can be one per rule.

 
> If it's not necessary, is there anyway that I can force all system email
> generated for the root user to go to a designated email of my choosing,
> without having to use /etc/aliases and add the corresponding table and
> accept lines in smptd.conf? I can edit the cron /etc/daily|weekly|monthly
> scripts but that does not seem to address the smtpd daemon generated error
> messages.
>

something like (untested but you get the idea):

table myalias { root = gil...@poolp.org }
accept from any for any recipient root alias 


> Curious to know how other OpenSMTPD users address 'the aliases' question.
> 

I have /etc/mail/aliases-opensmtpd.org and used to also have
/etc/mail/aliases-poolp.org but no longer needed it



-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org