Re: Pluses in addresses do not work as expected

2021-02-01 Thread Péter Bertalan Zoltán 
I think my setup is flawed already because a simple virtual alias does
not work either.

With my current virtual table and config, this happens when I send mail
to :

8<
89aa897be4ac smtp connected address=80.241.56.152 
host=mout-p-102.mailbox.org
debug: looking up pki "foo.bp99.eu"
debug: session_start_ssl: switching to SSL
debug: pony: rsae_priv_enc
89aa897be4ac smtp tls ciphers=TLSv1.3:AEAD-AES256-GCM-SHA384:256
smtp: 0x3c356154000: smtp_cert_verify_cb: no-client-cert
debug: smtp: SIZE in MAIL FROM command
expand: 0xf3c01183018: expand_insert() called for 
address:bertalan.pe...@foo.bp99.eu[parent=0x0, rule=0x0]
expand: 0xf3c01183018: inserted node 0xf3b381c0800
expand: lka_expand: address: bertalan.pe...@foo.bp99.eu [depth=0]
lookup: match "80.241.56.152" as NETADDR in table static: -> true
expand: lka_expand: address: bertalan.pe...@foo.bp99.eu [depth=0] [0/1788]
lookup: match "80.241.56.152" as NETADDR in table static: -> true
lookup: match "foo.bp99.eu" as DOMAIN in table static:domains -> true
rule #1 matched: match from any for domain domains action domain
lookup: lookup "bertalan.pe...@foo.bp99.eu" as ALIAS in table static:virtuals 
-> none
lookup: lookup "bertalan.peter" as ALIAS in table static:virtuals -> "bp99"
expand: 0xf3b3d6a6000: expand_insert() called for username:bp99[parent=0x0, 
rule=0x0]
expand: 0xf3b3d6a6000: inserted node 0xf3b381bf800
expand: 0xf3c01183018: expand_insert() called for 
username:bp99[parent=0xf3b381c0800, rule=0xf3bd11d8a80, 
dispatcher=0xf3c268d3f20]
expand: 0xf3c01183018: inserted node 0xf3b381bf000
expand: 0xf3b3d6a6000: clearing expand tree
expand: 0xf3b3d6a6000: freeing expand tree
debug: aliases_virtual_get: 'bertalan.peter' resolved to 1 nodes
expand: lka_expand: username: bp99 [depth=1, sameuser=0]
lookup: lookup "bp99@" as ALIAS in table static:virtuals -> none
lookup: lookup "bp99" as ALIAS in table static:virtuals -> "vmail"
expand: 0xf3b3d6a6740: expand_insert() called for username:vmail[parent=0x0, 
rule=0x0]
expand: 0xf3b3d6a6740: inserted node 0xf3bec823000
expand: 0xf3c01183018: expand_insert() called for 
username:vmail[parent=0xf3b381bf000, rule=0xf3bd11d8a80, 
dispatcher=0xf3c268d3f20]
expand: 0xf3c01183018: inserted node 0xf3b381bf800
expand: 0xf3b3d6a6740: clearing expand tree
expand: 0xf3b3d6a6740: freeing expand tree
debug: aliases_virtual_get: 'bp99' resolved to 1 nodes
expand: lka_expand: username: vmail [depth=2, sameuser=0]
lookup: lookup "vmail@" as ALIAS in table static:virtuals -> none
lookup: lookup "vmail" as ALIAS in table static:virtuals -> none
lookup: lookup "vmail" as USERINFO in table getpwnam: -> 
"2000:2000:/var/vmail"
expand: no .forward for user vmail, just deliver
expand: 0xf3c01183018: clearing expand tree
smtp: 0x3c356154000: fd 15 from queue
smtp: 0x3c356154000: message fd 15
smtp: 0x3c356154000: message begin
debug: 0x3c356154000: end of message, error=0 89aa897be4ac smtp message 
msgid=a8c64add size=2395 nrcpt=1 proto=ESMTP
debug: scheduler: evp:a8c64add5dd68743 scheduled (mda)
89aa897be4ac smtp envelope evpid=a8c64add5dd68743 from= 
to=
mda: new user 89aacccd047a1572 for ":vmail"
debug: lka: userinfo :vmail
lookup: lookup "vmail" as USERINFO in table getpwnam: -> 
"2000:2000:/var/vmail"
debug: mda: new session 89aaccce2ce3e528 for user ":vmail" evpid 
a8c64add5dd68743
debug: mda: no more envelope for ":vmail"
debug: mda: got message fd 15 for session 89aaccce2ce3e528 evpid 
a8c64add5dd68743
debug: mda: querying mda fd for session 89aaccce2ce3e528 evpid a8c64add5dd68743
debug: smtpd: forking mda for session 89aaccce2ce3e528: vmail as vmail
debug: mda: got mda fd 16 for session 89aaccce2ce3e528 evpid a8c64add5dd68743
debug: mda: end-of-file for session 89aaccce2ce3e528 evpid a8c64add5dd68743
debug: mda: all data sent for session 89aaccce2ce3e528 evpid a8c64add5dd68743 
89aa897be4ac smtp disconnected reason=quit
debug: smtpd: mda process done for session 89aaccce2ce3e528: exited okay
89aacccd047a1572 mda delivery evpid=a8c64add5dd68743 from= 
to= rcpt= user=vmail 
delay=0s result=Ok stat=Delivered
debug: mda: session 89aaccce2ce3e528 done
8<

What I can see here is that smtpd does a lookup for the entire address
 first, then as a fallback, for
`bertalan.peter' in my virtuals file. It indeed fints `bp99' and it
later perofmr s a further lookup for `bp99' and finds `vmail'. There are
no more ‘redirections’, so for `vmail' it eventually looks up the UNIX
user with getpwnam and delivers the message to what I specified in
smtpd.conf.

My problem is that the mail gets delivered to
/var/vmail/foo.bp99.eu/bertalan.peter/.
I would like to have the mail under the ‘resolved’ user’s maildir:
/var/vmail/foo.bp99.eu/bp99/.

I noticed that when I use my entire address in the virtuals file, like
this:

b...@foo.bp99.euvmail
bertalan.pe...@foo.bp99.eu  b...@foo.bp99.eu

It works, because the `to=' changes to the alias address. Like

Re: Pluses in addresses do not work as expected

2021-01-31 Thread Chris Bennett 
On Sun, Jan 31, 2021 at 08:39:18PM -0600, Edgar Pettijohn wrote:
> > action "outbound" relay host smtp+tls://b...@smtp.example.com auth secrts
> > ^^^
> 
> Along with your other 100 users. You would then need to have match rules to 
> correspond to 
> their action rules. I don't really see much need since you could just 
> configure
> their mua's to do this.
> I think the majority of people use this so that their system
> mail reaches them. Such as the output from /etc/daily and the like.

OK, that makes a lot of sense using it for system mail or with just one
or two users.
Thanks
Chris

> 
> Edgar
>

Re: Pluses in addresses do not work as expected

2021-01-31 Thread Edgar Pettijohn 
On Sun, Jan 31, 2021 at 04:24:28PM -0600, Chris Bennett wrote:
> On Sun, Jan 31, 2021 at 03:51:01PM +0100, Pascal Huisman wrote:
> > Which got me out of the mess. See man smtpd.conf
> > It now switches to the user before delivering. So it's not vmail as
> > directory owner, but the username who is directory owner. In the trace
> > you can see the switch in user in the trace.
> > 
> > My virtual user config: 
> > pascal:someencryptedpasswdhash:pascal:1000:1000:/home/pascal::userdb_ma
> > il=maildir:/home/pascal/Maildir
> > 
> 
> The example in smtpd.conf shows:
> 
> action "outbound" relay host smtp+tls://b...@smtp.example.com auth secrts
> ^^^
> Having bob here completely confuses me.
> I'm not using this method, but I have to ask the question:
> What happens if you have two users, bob and jane? Or a hundred users?

You would need to create a credentials table mapping the label `bob' to his 
credentials.
Along with your other 100 users. You would then need to have match rules to 
correspond to 
their action rules. I don't really see much need since you could just configure
their mua's to do this. I think the majority of people use this so that their 
system
mail reaches them. Such as the output from /etc/daily and the like.

> It seems to me that there needs to be a table or something in
> smtpd.conf.

See table(5) under credential tables.

> Could someone explain this example to me, please.
> 
> I'd really like to remove my dunce cap on this one.
> Thanks,
> Chris Bennett
> 
> 
> 

Edgar

Re: Pluses in addresses do not work as expected

2021-01-31 Thread Chris Bennett 
On Sun, Jan 31, 2021 at 03:51:01PM +0100, Pascal Huisman wrote:
> Which got me out of the mess. See man smtpd.conf
> It now switches to the user before delivering. So it's not vmail as
> directory owner, but the username who is directory owner. In the trace
> you can see the switch in user in the trace.
> 
> My virtual user config: 
> pascal:someencryptedpasswdhash:pascal:1000:1000:/home/pascal::userdb_ma
> il=maildir:/home/pascal/Maildir
> 

The example in smtpd.conf shows:

action "outbound" relay host smtp+tls://b...@smtp.example.com auth secrts
^^^
Having bob here completely confuses me.
I'm not using this method, but I have to ask the question:
What happens if you have two users, bob and jane? Or a hundred users?
It seems to me that there needs to be a table or something in
smtpd.conf.
Could someone explain this example to me, please.

I'd really like to remove my dunce cap on this one.
Thanks,
Chris Bennett

Re: Pluses in addresses do not work as expected

2021-01-31 Thread Pascal Huisman 
Dear Bartalan,

I don't have any troubles:


   mtp: 0xf9fd879e000: STATE_HELO -> STATE_BODY
   <<< [MSG] From: pascal 
   <<< [MSG] Date: Sun, 31 Jan 2021 15:18:06 +0100 (CET)
   <<< [MSG] To: pascal+maill...@pascallen.nl
<<< [MSG] Subject: lalal
<<< [MSG]
debug: 0xf9fd879b000: adding Message-ID
<<< [MSG] lala
<<< [MSG] ...
<<< [MSG] .
<<< [EOM]
debug: 0xf9fd879e000: end of message, error=0
smtp: 0xf9fd879e000: >>> 250 2.0.0 b94f4e11 Message accepted for
delivery
5c4a2ac08812e9f5 smtp message msgid=b94f4e11 size=377 nrcpt=1
proto=ESMTP
5c4a2ac08812e9f5 smtp envelope evpid=b94f4e11b762f5bc from=<
pas...@mail.pascallen.nl> to=
smtp: 0xf9fd879e000: STATE_BODY -> STATE_HELO
debug: scheduler: evp:b94f4e11b762f5bc scheduled (mda)
smtp: 0xf9fd879e000: <<< QUIT
smtp: 0xf9fd879e000: >>> 221 2.0.0 Bye
smtp: 0xf9fd879e000: STATE_HELO -> STATE_QUIT
5c4a2ac08812e9f5 smtp disconnected reason=quit
mda: new user 5c4a2ac289677301 for ":pascal"
debug: lka: userinfo :pascal
debug: control -> client: pipe closed
debug: clearing p=client, fd=12, pid=0
debug: mda: new session 5c4a2ac32f6531e9 for user
":pascal" evpid b94f4e11b762f5bc
debug: mda: no more envelope for ":pascal"
debug: mda: got message fd 12 for session 5c4a2ac32f6531e9 evpid
b94f4e11b762f5bc
debug: mda: querying mda fd for session 5c4a2ac32f6531e9 evpid
b94f4e11b762f5bc
debug: smtpd: forking mda for session 5c4a2ac32f6531e9: pascal as
pascal
debug: mda: got mda fd 13 for session 5c4a2ac32f6531e9 evpid
b94f4e11b762f5bc
debug: mda: end-of-file for session 5c4a2ac32f6531e9 evpid
b94f4e11b762f5bc
debug: mda: all data sent for session 5c4a2ac32f6531e9 evpid
b94f4e11b762f5bc
debug: smtpd: mda process done for session 5c4a2ac32f6531e9: exited
okay
5c4a2ac289677301 mda delivery evpid=b94f4e11b762f5bc from=<
pas...@mail.pascallen.nl> to= rcpt=<
pascal+maill...@pascallen.nl> user=pascal delay=0s result=Ok
stat=Delivered
debug: mda: session 5c4a2ac32f6531e9 done
debug: mda: user "pascal" becomes runnable
debug: mda: all done for user ":pascal"

What I did have problems with. Having virtual users and maildir
delivery in /home/%u was, permissions. Opensmtpd uses 700 with the
vmail user. Where dovecot couldn't read the /home/%u/Maildir directory.
Also sshd requires 700 permissions on /home. So having more lose
permissions was not the option.

I changed this part on your config: maildir
"/var/vmail/%{dest.domain}/%{dest.user:lowercase|strip}" 

to

~/Maildir

Which got me out of the mess. See man smtpd.conf
It now switches to the user before delivering. So it's not vmail as
directory owner, but the username who is directory owner. In the trace
you can see the switch in user in the trace.

My virtual user config: 
pascal:someencryptedpasswdhash:pascal:1000:1000:/home/pascal::userdb_ma
il=maildir:/home/pascal/Maildir

I didn't test this while setting up. Your mail to the list triggered me
to test.

Hope this helps. And good luck with rspamd. I'm switching from
exim/spamassassin and have been watching videos and reading docs for 3
days now. Start simple, test, build out, test, etc.

Pascal.

Re: Pluses in addresses do not work as expected

2021-01-30 Thread Tassilo Philipp 

Hello,

I cannot help you with your specific config, and don't know if opensmtp 
has problems resolving the subaddressing for 'maildir' delivery.


However, I guess you use dovecot (which I assume, given the vultr link 
you posted), so you could use LMTP to deliver the messages to dovecot's 
lmtp socket. This is what I use, and I can confirm that subaddressing 
works (not 100% certain on the details, but I think it's the MDA that 
resolves this - in this case dovecot).


hope this helps


On Sat, Jan 30, 2021 at 12:38:06PM +0100, Péter Bertalan Zoltán wrote:

Hello,

Here is my current configuration (only the relevant parts):


smtpd.conf:
---
pki foo.bp99.eu cert "/etc/ssl/foo.bp99.eu.crt"
pki foo.bp99.eu key "/etc/ssl/private/foo.bp99.eu.key"

table domains { foo.bp99.eu }
table aliases file:/etc/mail/aliases
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtual

listen on all tls pki foo.bp99.eu
listen on all port submission tls-require pki foo.bp99.eu \
   auth 

action "local" mbox alias 
action "domain" \
   maildir "/var/vmail/%{dest.domain}/%{dest.user:lowercase|strip}" \
   virtual 
action "relay" relay helo foo.bp99.eu

match from any for domain  action "domain"
match from local for local action "local"
match from any auth for any action "relay"
---


/etc/mail/passwd:
- 
b...@foo.bp99.eu:[hash]:vmail:2000:2000:/var/vmail/foo.bp99.eu/bp99:userdb_mail=maildir:/var/vmail/foo.bp99.eu/bp99 
-



/etc/mail/virtual:
-
abuse   bp99
hostmaster  bp99
postmaster  bp99
webmaster   bp99

bp99vmail
bertalan.peter  bp99
-


My problem is that emails sent to eg  are not 
delivered to , but go into the maildir 
/var/vmail/foo.bp99.eu/bp99+sometag/.


Could you tell me what is wrong with my setup? I find all these tables 
mildly confusing. I can’t even find a mention of any 
`passwd:/path/to/file' in smtpd.conf(5). I found that on Vultr 
(https://www.vultr.com/docs/an-openbsd-e-mail-server-using-opensmtpd-dovecot-rspamd-and-rainloop). 
I think I need this nonstandard (?) credentials file so that I can point 
Dovecot to the same file for webmail authentication.



Thank you very much for your help in advance
Bertalan


--
Bertalan Z. Péter 
PGP: FB9B 34FE 3500 3977 92AE  4809 935C 3BEB 44C1 0F89





signature.asc
Description: PGP signature

Pluses in addresses do not work as expected

2021-01-30 Thread Péter Bertalan Zoltán 
Hello,

Here is my current configuration (only the relevant parts):


smtpd.conf:
---
pki foo.bp99.eu cert "/etc/ssl/foo.bp99.eu.crt"
pki foo.bp99.eu key "/etc/ssl/private/foo.bp99.eu.key"

table domains { foo.bp99.eu }
table aliases file:/etc/mail/aliases
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtual

listen on all tls pki foo.bp99.eu
listen on all port submission tls-require pki foo.bp99.eu \
auth 

action "local" mbox alias 
action "domain" \
maildir "/var/vmail/%{dest.domain}/%{dest.user:lowercase|strip}" \
virtual 
action "relay" relay helo foo.bp99.eu

match from any for domain  action "domain"
match from local for local action "local"
match from any auth for any action "relay"
---


/etc/mail/passwd:
-
b...@foo.bp99.eu:[hash]:vmail:2000:2000:/var/vmail/foo.bp99.eu/bp99:userdb_mail=maildir:/var/vmail/foo.bp99.eu/bp99
-


/etc/mail/virtual:
-
abuse   bp99
hostmaster  bp99
postmaster  bp99
webmaster   bp99

bp99vmail
bertalan.peter  bp99
-


My problem is that emails sent to eg  are not
delivered to , but go into the maildir
/var/vmail/foo.bp99.eu/bp99+sometag/.

Could you tell me what is wrong with my setup? I find all these tables
mildly confusing. I can’t even find a mention of any
`passwd:/path/to/file' in smtpd.conf(5). I found that on Vultr
(https://www.vultr.com/docs/an-openbsd-e-mail-server-using-opensmtpd-dovecot-rspamd-and-rainloop).
I think I need this nonstandard (?) credentials file so that I can point
Dovecot to the same file for webmail authentication.


Thank you very much for your help in advance
Bertalan


-- 
Bertalan Z. Péter 
PGP: FB9B 34FE 3500 3977 92AE  4809 935C 3BEB 44C1 0F89


signature.asc
Description: PGP signature