Re: 6.4 broke procmail .forward
On Sun, Oct 28, 2018 at 02:34:53PM -0400, Matt Schwartz wrote:
> fdm looks a whole helluva lot easier to get going too.
>
yes, I can't find a reason why people still use procmail to be honest.
on a scale from 1 to 10 of horrible, procmail is at 100.
> On Sun, Oct 28, 2018 at 1:52 PM Gilles Chehade wrote:
> >
> > On Sat, Oct 27, 2018 at 10:11:05PM -0700, William Ahern wrote:
> > > On Sat, Oct 27, 2018 at 09:36:15PM -0700, William Ahern wrote:
> > > > On Sat, Oct 27, 2018 at 08:59:37PM -0700, William Ahern wrote:
> > > > > Immediately after upgrading my procmail setup broke. Near as I can
> > > > > tell
> > > > > smtpd now executes .forward pipes with the permissions of _smtpd
> > > > > (same as
> > > > > aliases), whereas previously it executed .forward pipes with the
> > > > > permissions
> > > > > of the user (similar to delivery to /var/mail mbox).
> > > > >
> > > > > Was this intentional or accidental?
> > > >
> > > > Sorry, I was wrong. What's actually happening is that smtpd is no longer
> > > > adding the From_ line, so when procmail appended the message to my
> > > > mailbox
> > > > it was effectively concatenated with the previous message.
> > > >
> > > > Can the old behavior be restored? Or at least can an environment
> > > > variable
> > > > (e.g. SENDER) be added providing the envelope sender which I can easily
> > > > prepend myself?
> > > >
> > >
> > > To respond my own question (again), smtpd will expand %{mbox.from} in the
> > > .forward line. So the fix is to pass it to procmail via the -f option,
> > >
> > > |/usr/local/bin/procmail -f %{mbox.from}
> > >
> > > like how /usr/libexec/mail.mboxfile is written to the mda_exec string
> > > buffer in lka_session.c:lka_submit.
> > >
> >
> > Nice that you found out by yourself and this is in the list so people
> > can be referred to this thread ;-)
> >
> >
> > Now that I have your attention everyone:
> >
> > Please don't use procmail.
> >
> > I don't have a habit of advising against a particular software, but this
> > is one of the cases where I had a look at the code, and wish people knew
> > the horror.
> >
> > There is nothing good to say about procmail, nothing.
> >
> > I don't want to spread FUD but we're talking about a piece of code which
> > processes untrusted input with unreadable code and advises you to run it
> > setuid root because it doesn't know any better.
> >
> > There are safer, nicer and more modern alternatives such as fdm for one,
> > but quite frankly: even the shittiest 30 lines of sh self-written custom
> > mda makes a better choice than procmail.
> >
> > Please do yourselves a favor, ditch procmail in favor of fdm.
> >
> > If you want to argue why procmail is a nice choice be prepared for me to
> > start sharing samples of code and keep reminding you that the authors do
> > advise you to install it setuid root.
> >
> >
> > --
> > Gilles Chehade
> >
> > https://www.poolp.org @poolpOrg
> >
> > --
> > You received this mail because you are subscribed to misc@opensmtpd.org
> > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> >
>
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>
--
Gilles Chehade
https://www.poolp.org @poolpOrg
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Forced to stay at 6.3 but I want 6.4.0
I have a problem with OBSD 6.4 release and so far cannot get the display to work properly. I would like to use the 6.4.0 on 6.3. I haven't look over the source at all yet, I will. Will I have any problems getting this to work on OBSD 6.3? As much as possible, I would like to bring my server closer to OBSD 6.4 but I want my laptop and server working with the same software. Thanks, Chris Bennett PS, I'll explain in my next email why this matters a bit to me. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: OpenSMTPD 6.4 - "Invalid recipient" with external mail client (thunderbird)
Hi, Thank you very much! Cheers Johannes On 27.10.18 at 01:40, Matt Schwartz wrote: > Change your match for any action relay_dkim to match auth from any > for any action relay_dkim. > > On Fri, Oct 26, 2018 at 7:10 PM Jesper Wallin wrote: >> >> Hi, >> >> You need to specify “from any” to your relay_dkim match rule. If not >> specified, it defaults to “from local”, which now is different from “auth”. >> >> >> Regards, >> Jesper Wallin >> >>> On 27 Oct 2018, at 01:06, wrote: >>> >>> Hello, >>> >>> I recently upgraded my server to OpenBSD 6.4. But I have a problem with the >>> new >>> configuartion of OpenSMTPD: >>> >>> When I send a mail with Thunderbird from an external IP, my server always >>> returns >>> the error message "invalid recipient". >>> >>> When I connect to the server through SSH and send a mail via the local >>> client mutt, >>> everything works. >>> >>> This is my configuration: >>> --- >>> queue compression >>> queue encryption ad8004f927bd2b00a672c30704e3de11 >>> >>> pki mx1.example.com.pki cert "/etc/ssl/mx1.example.com.crt" >>> pki mx1.example.com.pki key "/etc/ssl/private/mx1.example.com.key" >>> >>> table aliases file:/etc/mail/aliases >>> table vdomains file:/etc/mail/vdomains >>> table vusers file:/etc/mail/vusers >>> >>> listen on lo0 >>> listen on lo0 port 10028 tag DKIM >>> listen on egress tls pki mx1.example.com.pki auth-optional >>> listen on egress smtps pki mx1.example.com.pki auth >>> listen on egress port submission tls-require pki mx1.example.com.pki auth >>> >>> action "local" mbox alias >>> action "relay" relay >>> action "domain" lmtp "/var/dovecot/lmtp" virtual >>> action relay_dkim relay host smtp://127.0.0.1:10027 >>> >>> match from local for local action "local" >>> match tag DKIM for any action "relay" >>> match from any for domain action "domain" >>> match for any action relay_dkim >>> --- >>> >>> Is there something wrong in my current configuration? >>> >>> Thanks in advance! >>> >>> Cheers >>> Johannes >>> >>> >>> -- >>> You received this mail because you are subscribed to misc@opensmtpd.org >>> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org >>> >> >> >> -- >> You received this mail because you are subscribed to misc@opensmtpd.org >> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org >> > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: New config syntax
Thanks for that what's the best way to debug? is it smtpd -dvv? Thanks Fred On Sat, 27 Oct 2018 at 05:54, Gilles Chehade wrote: > > Sorry sent too fast, wanted to add that debugging configuration without logs > is difficult > > Le 27 oct. 2018 06:48, Gilles Chehade a écrit : > > This can mean you have a loop of some sort in aliases expansion, or maybe in > .forward > > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: 6.4 broke procmail .forward
fdm looks a whole helluva lot easier to get going too.
On Sun, Oct 28, 2018 at 1:52 PM Gilles Chehade wrote:
>
> On Sat, Oct 27, 2018 at 10:11:05PM -0700, William Ahern wrote:
> > On Sat, Oct 27, 2018 at 09:36:15PM -0700, William Ahern wrote:
> > > On Sat, Oct 27, 2018 at 08:59:37PM -0700, William Ahern wrote:
> > > > Immediately after upgrading my procmail setup broke. Near as I can tell
> > > > smtpd now executes .forward pipes with the permissions of _smtpd (same
> > > > as
> > > > aliases), whereas previously it executed .forward pipes with the
> > > > permissions
> > > > of the user (similar to delivery to /var/mail mbox).
> > > >
> > > > Was this intentional or accidental?
> > >
> > > Sorry, I was wrong. What's actually happening is that smtpd is no longer
> > > adding the From_ line, so when procmail appended the message to my mailbox
> > > it was effectively concatenated with the previous message.
> > >
> > > Can the old behavior be restored? Or at least can an environment variable
> > > (e.g. SENDER) be added providing the envelope sender which I can easily
> > > prepend myself?
> > >
> >
> > To respond my own question (again), smtpd will expand %{mbox.from} in the
> > .forward line. So the fix is to pass it to procmail via the -f option,
> >
> > |/usr/local/bin/procmail -f %{mbox.from}
> >
> > like how /usr/libexec/mail.mboxfile is written to the mda_exec string
> > buffer in lka_session.c:lka_submit.
> >
>
> Nice that you found out by yourself and this is in the list so people
> can be referred to this thread ;-)
>
>
> Now that I have your attention everyone:
>
> Please don't use procmail.
>
> I don't have a habit of advising against a particular software, but this
> is one of the cases where I had a look at the code, and wish people knew
> the horror.
>
> There is nothing good to say about procmail, nothing.
>
> I don't want to spread FUD but we're talking about a piece of code which
> processes untrusted input with unreadable code and advises you to run it
> setuid root because it doesn't know any better.
>
> There are safer, nicer and more modern alternatives such as fdm for one,
> but quite frankly: even the shittiest 30 lines of sh self-written custom
> mda makes a better choice than procmail.
>
> Please do yourselves a favor, ditch procmail in favor of fdm.
>
> If you want to argue why procmail is a nice choice be prepared for me to
> start sharing samples of code and keep reminding you that the authors do
> advise you to install it setuid root.
>
>
> --
> Gilles Chehade
>
> https://www.poolp.org @poolpOrg
>
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: 6.4 broke procmail .forward
On Sat, Oct 27, 2018 at 10:11:05PM -0700, William Ahern wrote:
> On Sat, Oct 27, 2018 at 09:36:15PM -0700, William Ahern wrote:
> > On Sat, Oct 27, 2018 at 08:59:37PM -0700, William Ahern wrote:
> > > Immediately after upgrading my procmail setup broke. Near as I can tell
> > > smtpd now executes .forward pipes with the permissions of _smtpd (same as
> > > aliases), whereas previously it executed .forward pipes with the
> > > permissions
> > > of the user (similar to delivery to /var/mail mbox).
> > >
> > > Was this intentional or accidental?
> >
> > Sorry, I was wrong. What's actually happening is that smtpd is no longer
> > adding the From_ line, so when procmail appended the message to my mailbox
> > it was effectively concatenated with the previous message.
> >
> > Can the old behavior be restored? Or at least can an environment variable
> > (e.g. SENDER) be added providing the envelope sender which I can easily
> > prepend myself?
> >
>
> To respond my own question (again), smtpd will expand %{mbox.from} in the
> .forward line. So the fix is to pass it to procmail via the -f option,
>
> |/usr/local/bin/procmail -f %{mbox.from}
>
> like how /usr/libexec/mail.mboxfile is written to the mda_exec string
> buffer in lka_session.c:lka_submit.
>
Nice that you found out by yourself and this is in the list so people
can be referred to this thread ;-)
Now that I have your attention everyone:
Please don't use procmail.
I don't have a habit of advising against a particular software, but this
is one of the cases where I had a look at the code, and wish people knew
the horror.
There is nothing good to say about procmail, nothing.
I don't want to spread FUD but we're talking about a piece of code which
processes untrusted input with unreadable code and advises you to run it
setuid root because it doesn't know any better.
There are safer, nicer and more modern alternatives such as fdm for one,
but quite frankly: even the shittiest 30 lines of sh self-written custom
mda makes a better choice than procmail.
Please do yourselves a favor, ditch procmail in favor of fdm.
If you want to argue why procmail is a nice choice be prepared for me to
start sharing samples of code and keep reminding you that the authors do
advise you to install it setuid root.
--
Gilles Chehade
https://www.poolp.org @poolpOrg
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
