Re: smtpd / mail.lmtp rewrites from address, breaking lmtp
On 17.09.2019 1:08, Michal Krzysztofowicz wrote:
Thanks for looking after this. Unfortunately, no dice:
Sep 16 21:57:13 atlantic smtpd[83146]: 70aec8652b2efbe8 mda delivery evpid=0f662ffc0f395dbe
from= to= rcpt=
user=me delay=0s result=PermFail stat=Error ("/bin/sh: no closing quote”)
’ is not in MAILADDR_ALLOWED, ' and ` are though.
I'll test the slash issue tomorrow once I figure out how to apply the
patch. Nearly 20 years have passed since I last applied one. :D
Good luck,
Reio
Re: smtpd / mail.lmtp rewrites from address, breaking lmtp
>
> can you try the following diff ?
>
> [...]
>
Thanks for looking after this. Unfortunately, no dice:
Sep 16 21:57:13 atlantic smtpd[83146]: 70aec8652b2efbe8 mda delivery
evpid=0f662ffc0f395dbe from= to=
rcpt= user=me delay=0s result=PermFail stat=Error ("/bin/sh:
no closing quote”)
After that, my smtpd sends a bounce message back to the sender.
Just to make sure you have a full picture, the following are the relevant
action and match statements from my smtpd.conf:
action "lmtp" mda "/usr/libexec/mail.lmtp -f \"%{sender}\" -d /var/dovecot/lmtp
%{user.username}" virtual
match from any for domain !rcpt-to action
“lmtp"
Thanks!
Mike
--
Michal Krzysztofowicz
http://beautifulocean.org/
Failed logins hammer/filter.
Hello! Until upgrading to OpenSMTPD 6.6 I used fail2ban to ban excessive login failures from IPs, but that doesn't work any more with the log format changed from: smtp event=failed-command address=185.13.39.7 host=vps-33288.fhnet.fr command="AUTH LOGIN (password)" result="535 Authentication failed" | smtp failed-command command="AUTH LOGIN (password)" result="535 Authentication failed" Surprisingly SMTP isn't brute forced that much, but as I registered 472 failed authentications from a single IP yesterday, I'm going to have a Go at a filter too. :) All the best, Reio
