Re: Hello everybody

2022-12-17 Thread Chris Brannon 
"Unicorn"  writes:

> Not quite the topic of the ML, but it's awesome that you founded the
> BLVUUG!

Right now, it's just a dirty hippie in his office/bedroom with a
mailing list and some computing resources, but I'm hoping someone who
knows what they're doing will step in.

> I originally started using OpenSMTPD with the great guide on
> poolp.org from 2019, which was also pretty much the start of my server
> journey, starting with Debian, continuing to OpenBSD and finally
> settling on Alpine Linux.

Yes, that's a great guide, and it was my intro to OpenSMTPD as well.

> Thanks to Gilles for his fantastic guide and thanks to everybody else
> here for this great piece of software! :)

I second that.

-- 
Chris Brannon
Founder: Blind and Low Vision Unix Users Group (https://blvuug.org/).
Personal website: (https://the-brannons.com/)
Chat: IRC: teiresias on libera.chat and OFTC, XMPP: ch...@chat.number89.net

Re: Hello everybody

2022-12-17 Thread Unicorn 
On Sat Dec 17, 2022 at 11:16 AM CET, Chris Brannon wrote:
> I suppose I should give my own introduction.  I've been lurking here
> for about two years now.  In 2020, I replaced my postfix+spamassassin
> setup with opensmtpd+rspamd.  I got tired of feeling dread every time I
> went to make changes to postfix config, which while not as inscrutable
> as sendmail, is still pretty complicated.  I've been a lot happier with
> the new setup.

Not quite the topic of the ML, but it's awesome that you founded the
BLVUUG!

I have also been lurking for two or three years, I will introduce myself
too. I originally started using OpenSMTPD with the great guide on
poolp.org from 2019, which was also pretty much the start of my server
journey, starting with Debian, continuing to OpenBSD and finally
settling on Alpine Linux. What has stayed the same is that I am using
OpenSMTPD with Dovecot and Rspamd, and it has been a wonderfully stable
and reliable setup with a tiny footprint.
Thanks to Gilles for his fantastic guide and thanks to everybody else
here for this great piece of software! :)

Best,
Edin

PS - I also started a little blog to hopefully create similarly good
guides for others who are starting out:
https://regrow.earth
gemini://regrow.earth

Re: Hello everybody

2022-12-17 Thread Chris Brannon 
I suppose I should give my own introduction.  I've been lurking here
for about two years now.  In 2020, I replaced my postfix+spamassassin
setup with opensmtpd+rspamd.  I got tired of feeling dread every time I
went to make changes to postfix config, which while not as inscrutable
as sendmail, is still pretty complicated.  I've been a lot happier with
the new setup.

-- 
Chris Brannon
Founder: Blind and Low Vision Unix Users Group (https://blvuug.org/).
Personal website: (https://the-brannons.com/)
Chat: IRC: teiresias on libera.chat and OFTC, XMPP: ch...@chat.number89.net

Re: Hello everybody

2022-12-17 Thread Unicorn 
On Thu Dec 8, 2022 at 10:54 PM CET, Souji Thenria wrote:
> Hey everybody,
>
> I just joined this mailing list, and want to use this opportunity to 
> introduce myself, as noted on the website :).
>
> I started to use OpenSMTPD (and with that OpenBSD) as mail server just 
> recently, and hope for some good discussions on this mailing list.
>
> Have a great day, evening or night, whatever time it is at your side of 
> the world now ;).
>
> -- 
> Souji Thenria

Hello Souji,

always happy to read introductions, and since nobody else replied, I
will! Welcome to the list, and a good day/evening/night to you too! :)

Best,
Edin

Re: Hello@All + Cygwin64

2020-05-29 Thread drav...@dravionsoftware.com 


On 5/29/2020 9:11 PM, chris wrote:
> You may want to omit '--with-libs=/usr/local/lib' and instead target
> individual libraries, e.g. '--with-cflags="-I/usr/local/openssl/include"
> --with-ldflags="-L/usr/local/openssl/lib"' ; the aforementioned is
> causing gcc to attempt to output over a directory. (as per config.log)

i tested it:

./configure '--with-cflags="-I/usr/local/include"
--with-ldflags="-L/usr/local/lib"'

but the outcome is still the same.

#Error
checking if compiler allows __attribute__ on return types... yes
checking compiler and flags for sanity... no
configure: error: *** compiler cannot create working executables, check

I guess it's something else, maybe it has some problems figuring out my
system specs (which are not Linux/Not Unix) ;-)

uname -a CYGWIN_NT-10.0 CAMELOT 3.1.4(0.340/5/3) 2020-02-19 08:49 x86_64
Cygwin

My libressl build works fine.
Dravion@CAMELOT /usr/local/include

$ ls -la
total 24
drwxr-xr-x+ 1 Dravion None    0 May 29 14:13 .
drwxr-xr-x+ 1 Dravion None    0 May 29 14:13 ..
drwxr-xr-x+ 1 Dravion None    0 May 29 14:13 openssl
-rw-r--r--  1 Dravion None 9416 May 29 14:13 tls.h

Dravion@CAMELOT /usr/local/lib
$ ls -la
total 22036
drwxr-xr-x+ 1 Dravion None    0 May 29 14:14 .
drwxr-xr-x+ 1 Dravion None    0 May 29 14:13 ..
-rw-r--r--  1 Dravion None 16054220 May 29 14:13 libcrypto.a
-rw-r--r--  1 Dravion None  2439224 May 29 14:12 libcrypto.dll.a
-rw-r--r--  1 Dravion None  910 May 29 14:12 libcrypto.la
-rw-r--r--  1 Dravion None  346 May 29 14:13 libssl.a
-rw-r--r--  1 Dravion None   202402 May 29 14:13 libssl.dll.a
-rw-r--r--  1 Dravion None  923 May 29 14:13 libssl.la
-rw-r--r--  1 Dravion None   558660 May 29 14:13 libtls.a
-rw-r--r--  1 Dravion None    59596 May 29 14:13 libtls.dll.a
-rw-r--r--  1 Dravion None  948 May 29 14:13 libtls.la
drwxr-xr-x+ 1 Dravion None    0 May 29 14:14 pkgconfig

Dravion@CAMELOT /usr/local/bin
$ ./openssl version
LibreSSL 3.1.2

Re: Hello@All + Cygwin64

2020-05-29 Thread chris 
You may want to omit '--with-libs=/usr/local/lib' and instead target
individual libraries, e.g. '--with-cflags="-I/usr/local/openssl/include"
--with-ldflags="-L/usr/local/openssl/lib"' ; the aforementioned is
causing gcc to attempt to output over a directory. (as per config.log)

Re: Hello@All

2020-05-29 Thread gilles 
May 28, 2020 10:51 AM, drav...@dravionsoftware.com wrote:

> Hi,
> 

Hi,


> I want to introduce myself to the list ;d
> 

Welcome


> By the way, is there anybody out there, tried to make OpenSMTPD work on
> Cygwin/Windows?
> 
> I was able to built OpenSMTPD under Windows Subsystem for Windows (WSL),
> but i am curious and eager to know if someone had some progress, making
> it work on Cygwin,
> MinGW of MSYS2 as well.
> 

No one has ever discussed this with me so I'm fairly confident no one tried :-)

Re: Hello World!

2016-06-13 Thread Edgar Pettijohn 


Sent from my iPhone

> On Jun 13, 2016, at 8:08 PM, Christopher Ahrens 
>  wrote:
> 
> Hello all,
> Just finished setting up my shiny new OpenBSD-based IMAP server.
> 
> Long time OpenBSD user, but finally got myself a nice reliable OpenBSD box 
> (Something with a static IP on a network with a proper level of uptime) that 
> I can use for e-mail.
> 
> I followed the instructions in the FAQ to set my server up, everything went 
> flawlessly except two little bits that might be worth adding:
> 
> * dovecot.conf needed mail_location to be set, I ended up using:
> "mail_location = maildir:/mail/%d/%n:LAYOUT=fs"
> (I have a 1 TB disk mounted to /mail, the rest is on a 20 GB SSD)
> 
> * I also had to bump up the number of open files in login.conf, specifically:
> 
> 
>  daemon:\
>  :ignorenologin:\
>  :datasize=infinity:\
>  :maxproc=infinity:\
> --:openfiles-cur=128:
> ++:openfiles-cur=1024:\
>  :stacksize-cur=8M:\
>  :localcipher=blowfish,9:\
>  :tc=default:
> 

Look in /usr/local/share/doc/pkg-readmes I believe or maybe one level up there 
is dovecot info. I'm pretty sure it gives a login.conf example you will want to 
look at.

> 
> Otherwise the documentation was very helpful and simple enough to follow, but 
> not too simple.  I went from a fresh OpenBSD 5.9 box to working, and fully 
> secured, IMAP server in a few hours with TLS everywhere and fully trusted 
> certs and spam / virus protection.  I used to be a corporate email admin and 
> this was the simplest, yet most secure and robust install I've ever done.  
> Plus everything is encrypted except on machines I don't control, it's been 
> too long since I've had that.
> 
> I would suggest adding in a part on using 'encrypt -p -b 8' to produce the 
> passwords for /etc/mail/passwd.  And perhaps a section added to STARTTLS on 
> the certificate format it uses (i.e. take the CA certificate, append the 
> intermediate certificate, then attach the server cert.  All in the same file, 
> all in pem format.)
> 
> 
> 
> 
> 
> -Christopher Ahrens
> 
> 
> 
> 
> 
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2016-03-03 Thread Jason A. Donenfeld 
On Thu, Mar 3, 2016 at 11:23 AM, Jason A. Donenfeld  wrote:
> I'll
> open a Github issue about it, but not a PR, since the patch I made
> yesterday most definitely you do not want to ship upstream.

https://github.com/OpenSMTPD/OpenSMTPD/issues/662

Done.

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2016-03-03 Thread Jason A. Donenfeld 
On Thu, Mar 3, 2016 at 9:50 AM, Gilles Chehade  wrote:
> no ticket mentions this issue and as a matter of fact I had no idea that
> gentoo was shipping with this patch.
>
> if you want it fixed, please open a PR so I have a look at this

I just put libressl on my Gentoo machines yesterday and discovered the
segfault. I fixed it yesterday with the above horrendous commit. Some
googling lead me to this thread that ended in, "let's continue this
conversation on IRC". So I figured I'd ask about the verdict. I'll
open a Github issue about it, but not a PR, since the patch I made
yesterday most definitely you do not want to ship upstream.

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2016-03-02 Thread Jason A. Donenfeld 
Gentoo is now applying this very very ugly patch to work around the bug:

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8146a1f86e72210919cd8a0020aaf19838da0637

Was there ever an upstream commit made to fix this?

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-10-06 Thread andreas 



On 2015-10-05 17:03, Gilles Chehade wrote:

On Sat, Oct 03, 2015 at 12:14:34PM +, andreas wrote:



On 2015-10-02 12:25, Gilles Chehade wrote:
>On Thu, Oct 01, 2015 at 06:39:11AM +, andreas wrote:
>>Hi,
>>
>>Thank you for your support and replies. I will be able to test this
>>during
>>the weekend.
>>
>
>ok, i'll work on a diff this week-end and mail it here.

It's not critical for me, so please don't hurry for my sake alone.

>long story short, the arc4random() detection in configure.ac is bogus.
>we should not be shipping arc4random() in the portable layer.

Ok, that means I should be able to remove that from OpenSMTPd 
alltogether.

I'll try it myself as well.



Did you try ?
Did it work for you ? :-)


Sorry for being slow answering. Yes, I did try, but so far to no avail. 
It seems I have to patch LibreSSL to expose the arc4random 
functionality, or else trick the compiler into finding it anyway, and I 
have not yet been successful.



>if you're using LibreSSL, or your system provides arc4random() that is
>what we should be using.

I'll give it a go, though I'm beginning to seriously consider 
switching to

OpenBSD alltogether.



I'd encourage you to, but we'd still need to fix the problem anyways ;)


I'm picking out a machine as we speak. ;)

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-10-06 Thread Gilles Chehade 
On Tue, Oct 06, 2015 at 06:51:22AM +, andreas wrote:
> 
> 
> On 2015-10-05 17:03, Gilles Chehade wrote:
> >On Sat, Oct 03, 2015 at 12:14:34PM +, andreas wrote:
> >>
> >>
> >>On 2015-10-02 12:25, Gilles Chehade wrote:
> >>>On Thu, Oct 01, 2015 at 06:39:11AM +, andreas wrote:
> Hi,
> 
> Thank you for your support and replies. I will be able to test this
> during
> the weekend.
> 
> >>>
> >>>ok, i'll work on a diff this week-end and mail it here.
> >>
> >>It's not critical for me, so please don't hurry for my sake alone.
> >>
> >>>long story short, the arc4random() detection in configure.ac is bogus.
> >>>we should not be shipping arc4random() in the portable layer.
> >>
> >>Ok, that means I should be able to remove that from OpenSMTPd
> >>alltogether.
> >>I'll try it myself as well.
> >>
> >
> >Did you try ?
> >Did it work for you ? :-)
> 
> Sorry for being slow answering. Yes, I did try, but so far to no avail. It
> seems I have to patch LibreSSL to expose the arc4random functionality, or
> else trick the compiler into finding it anyway, and I have not yet been
> successful.
> 

any chance you can come over to IRC tomorrow ?

#opensmtpd @ freenode

i might find some time to troubleshoot this and make it work for all

-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-10-02 Thread Gilles Chehade 
On Thu, Oct 01, 2015 at 06:39:11AM +, andreas wrote:
> Hi,
> 
> Thank you for your support and replies. I will be able to test this during
> the weekend.
> 

ok, i'll work on a diff this week-end and mail it here.

long story short, the arc4random() detection in configure.ac is bogus.
we should not be shipping arc4random() in the portable layer.

if you're using LibreSSL, or your system provides arc4random() that is
what we should be using.

-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-10-01 Thread andreas 

Hi,

Thank you for your support and replies. I will be able to test this 
during the weekend.


Best regards
Andreas

On 2015-09-30 22:45, Gilles Chehade wrote:

On Tue, Sep 29, 2015 at 12:52:29PM +0200, Gilles Chehade wrote:

On Tue, Sep 15, 2015 at 02:15:57PM +, andreas wrote:
> Hi,
>

Hi,


> Ok, so I compiled it all on my laptop. I'm running libressl-2.2.3 and
> opensmtpd-5.7.1p1
>
> What happens is RAND_bytes in rand_lib.c in libressl, line 90, calls
> arc4random_buf at line 213 in arc4random.c (in opensmtpd), which calls
> _rs_random_buf at line 141, which calls _rs_stir_if_needed at line 108,
> which calls _rs_stir, line 81, which calls back to RAND_bytes, and there we
> have an infinite loop...
>
> Obviously I'm running the wrong libressl version for the wrong opensmtpd
> version, or possibly the other way around, but can anyone tell me what I
> should be running instead, or if I have done a terrible mistake somewhere
> else?
>
> Thank you!
>

This is an issue indeed and not you didn't do a terrible mistake, this
is a chicken-egg problem that needs to be solved somehow.

We'll discuss this shortly and think of a solution.

It was reported by someone else on bugs@ too.



I'll have a diff for you tomorrow if you're ok to test this

--
Gilles Chehade

https://www.poolp.org  
@poolpOrg


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-09-30 Thread Gilles Chehade 
On Tue, Sep 29, 2015 at 12:52:29PM +0200, Gilles Chehade wrote:
> On Tue, Sep 15, 2015 at 02:15:57PM +, andreas wrote:
> > Hi,
> > 
> 
> Hi,
> 
> 
> > Ok, so I compiled it all on my laptop. I'm running libressl-2.2.3 and
> > opensmtpd-5.7.1p1
> > 
> > What happens is RAND_bytes in rand_lib.c in libressl, line 90, calls
> > arc4random_buf at line 213 in arc4random.c (in opensmtpd), which calls
> > _rs_random_buf at line 141, which calls _rs_stir_if_needed at line 108,
> > which calls _rs_stir, line 81, which calls back to RAND_bytes, and there we
> > have an infinite loop...
> > 
> > Obviously I'm running the wrong libressl version for the wrong opensmtpd
> > version, or possibly the other way around, but can anyone tell me what I
> > should be running instead, or if I have done a terrible mistake somewhere
> > else?
> > 
> > Thank you!
> > 
> 
> This is an issue indeed and not you didn't do a terrible mistake, this
> is a chicken-egg problem that needs to be solved somehow.
> 
> We'll discuss this shortly and think of a solution.
> 
> It was reported by someone else on bugs@ too.
> 

I'll have a diff for you tomorrow if you're ok to test this

-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-09-29 Thread Gilles Chehade 
On Tue, Sep 15, 2015 at 02:15:57PM +, andreas wrote:
> Hi,
> 

Hi,


> Ok, so I compiled it all on my laptop. I'm running libressl-2.2.3 and
> opensmtpd-5.7.1p1
> 
> What happens is RAND_bytes in rand_lib.c in libressl, line 90, calls
> arc4random_buf at line 213 in arc4random.c (in opensmtpd), which calls
> _rs_random_buf at line 141, which calls _rs_stir_if_needed at line 108,
> which calls _rs_stir, line 81, which calls back to RAND_bytes, and there we
> have an infinite loop...
> 
> Obviously I'm running the wrong libressl version for the wrong opensmtpd
> version, or possibly the other way around, but can anyone tell me what I
> should be running instead, or if I have done a terrible mistake somewhere
> else?
> 
> Thank you!
> 

This is an issue indeed and not you didn't do a terrible mistake, this
is a chicken-egg problem that needs to be solved somehow.

We'll discuss this shortly and think of a solution.

It was reported by someone else on bugs@ too.


-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello and segfault

2015-09-15 Thread andreas 

Hi,

Ok, so I compiled it all on my laptop. I'm running libressl-2.2.3 and 
opensmtpd-5.7.1p1


What happens is RAND_bytes in rand_lib.c in libressl, line 90, calls 
arc4random_buf at line 213 in arc4random.c (in opensmtpd), which calls 
_rs_random_buf at line 141, which calls _rs_stir_if_needed at line 108, 
which calls _rs_stir, line 81, which calls back to RAND_bytes, and there 
we have an infinite loop...


Obviously I'm running the wrong libressl version for the wrong opensmtpd 
version, or possibly the other way around, but can anyone tell me what I 
should be running instead, or if I have done a terrible mistake 
somewhere else?


Thank you!

Best regards
Andreas

On 2015-09-09 16:47, andreas wrote:

Hi,

I'm new to this list - nice to be here.

I have a problem running a home compiled opensmtpd 5.7.1 deamon on a
RaspberryPi 2 under rasbian. I would have thought it is armish enough,
but it segfaults on start, specifically on line 88 of rand_lib.c where
it says the buf value is out of bounds.

Looking at the back trace makes me think this has been going in some
kind of recursive loop for quite a while and maybe it's running out of
memory, but I am way out of my depth with this kind of analysis, and
if anyone knows what might cause this, I would love to know!

BTW - what is the recommended compiler for opensmtpd?

Best regards
Andreas


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello

2015-01-18 Thread Gonzalo Rodriguez 
Hi,

Sorry the delay, my setup was OK, just in my OpenBSD 5.6 stable, the
version of OpenSTMPd have a little bug on table_passwd so that make my auth
fail.

Thanks all for the help.

2015-01-14 14:39 GMT-03:00 Jason Barbier jab...@serversave.us:

  if you read the manual page around userbase really closely you should be
 able to see how to do virtual users pretty easily. But if you still find it
 tricky
 https://blog.corrupted.io/2014/06/09/OpenSMTPD-virtual-users-with-sqlite.html 
 is
 something I wrote up on how to do it with SQLite. Please be aware It
 doesn't have the Dovecot piece in it because if you cant be bothered to do
 a couple seconds of google fu to setup virtual users with dovecot and
 sqlite you really shouldn't be running a mail server.

 --
 Jason Barbier
 jab...@serversave.us


 On Sun, Jan 11, 2015, at 07:30 PM, Gonzalo Rodriguez wrote:

 I like to add virtual users (now have system users) like:

 MTA: OpenSMTPD
  LDA: Dovecot
  IMAP: Dovecot
  USR: Virtual
  DOMAINS: Virtual

  But I didn't found the right setup yet... any help would be nice :)



 2015-01-11 0:40 GMT-03:00 Gonzalo Rodriguez gonz...@sepp0.com.ar:

 I just swtich from Postfix + Dovecot to OpenSMTPd + Dovecot

 And here is my conf:

 table domainfile:/etc/mail/domain
 table aliases   db:/etc/mail/aliases.db

 expire 4h

 pki foobar.com certificate  /etc/ssl/foobar.com/foobar.crt
 pki foobar.com key  /etc/ssl/foobar.com/foobar.key
 pki foobar.com dhparams /etc/ssl/foobar.com/dhparam.pem

 listen on lo0 port 25
 listen on egress port 25 tls pki foobar.com auth-optional
 listen on egress port 2525 tls-require pki foobar.com auth
 listen on lo0 port 10027 tag Signed

 accept for local alias aliases deliver to mda
 /usr/local/libexec/dovecot/dovecot-lda -f %{sender} 
 accept from any for domain domain alias aliases deliver to mda
 /usr/local/libexec/dovecot/dovecot-lda -f %{sender} 
 accept from any for domain domain deliver to mda
 /usr/local/libexec/dovecot/dovecot-lda -f %{sender} 
 accept from local for any relay
 accept for any relay


  I also have spamd, this is under OpenBSD 5.6 -release.

 Any hint to make it better or secure?

  Thanks.

Re: Hello

2015-01-14 Thread Gonzalo Rodriguez 
Yup.

table dominios  file:/etc/mail/dominios
table usuarios  passwd:/etc/dovecot/users.db
table aliases   db:/etc/mail/aliases.db

expire 4h

pki foobar.com.ar certificate  /etc/ssl/
foobar.com.ar/foobar.crt
pki mx.foobar.com.ar certificate   /etc/ssl/
foobar.com.ar/foobar.crt
pki foobar.com.ar key  /etc/ssl/
foobar.com.ar/foobar.key
pki mx.foobar.com.ar key   /etc/ssl/
foobar.com.ar/foobar.key
pki foobar.com.ar dhparams /etc/ssl/
foobar.com.ar/dhparam.pem
pki mx.foobar.com.ar dhparams  /etc/ssl/
foobar.com.ar/dhparam.pem

listen on lo0 port 25
listen on egress secure pki foobar.com.ar hostname foobar.com.ar
listen on egress port 2525 tls-require pki foobar.com.ar auth usuarios
hostname foobar.com.ar

accept for local alias aliases deliver to mda
/usr/local/libexec/dovecot/dovecot-lda -f %{sender}
accept from any for domain dominios alias aliases deliver to mda
/usr/local/libexec/dovecot/dovecot-lda -f %{sender}
accept from any for domain dominios deliver to mda
/usr/local/libexec/dovecot/dovecot-lda -f %{sender}
accept for any relay via smtp://127.0.0.1:10028


And dovecot conf:

# 2.2.10:
/etc/dovecot/dovecot.conf
[11/949]
# OS: OpenBSD 5.6 amd64
debug_log_path = /var/log/dovecot-debug.log
default_internal_user = vmail
first_valid_uid = 1000
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
log_path = /var/log/dovecot
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environm
ent mailbox date ihave
mbox_write_locks = fcntl
mmap_disable = yes
namespace {
  inbox = yes
  location = maildir:/var/www/datos/correos/%n:LAYOUT=fs
  prefix =
  separator = /
}
passdb {
  args = username_format=%n /etc/dovecot/users.db
  driver = passwd-file
}
plugin {
  auth_debug = yes
  auth_verbose = yes
  log_path = /var/log/dovecot.log
  mail_debug = yes
  sieve = /var/www/datos/correos/%n/%n.sieve
  sieve_global_dir = /var/sieve
  sieve_global_path = /var/sieve/global-default.sieve
}
protocols = imap sieve
service auth {
  unix_listener auth-userdb {
group = vmail
mode = 0777
user = vmail
  }
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  inet_listener sieve_deprecated {
port = 2000
  }
}
ssl_cert = /etc/ssl/dovecotcert.pem
ssl_key = /etc/ssl/private/dovecot.pem
userdb {
  args = uid=vmail gid=vmail home=/etc/dovecot
  driver = static
}
protocol lda {
  info_log_path = /var/log/dovecot-deliver.log
  log_path = /var/log/dovecot-deliver-errors.log
  mail_plugins =  sieve
  postmaster_address = gonz...@foobar.com.ar
}



2015-01-14 9:08 GMT-03:00 Denis Fondras open...@ledeuns.net:

 Can you give us a peek at your smtpd.conf file ?

 --
 You received this mail because you are subscribed to misc@opensmtpd.org
 To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello

2015-01-14 Thread Denis Fondras 
Can you give us a peek at your smtpd.conf file ?

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello

2015-01-13 Thread Gonzalo Rodriguez 
Using that, I have

Jan 13 18:17:34 foobar smtpd[8210]: smtp-in: New session d9dbd5b5c39964e0
from host xx.xx.xx.xx
Jan 13 18:17:36 foobar smtpd[8210]: smtp-in: Started TLS on session
d9dbd5b5c39964e0: version=TLSv1/SSLv3, cipher=ECDHE-RSA-AES256-SHA, bits=256
Jan 13 18:17:36 foobar smtpd[17246]: warn: user credentials lookup fail for
usuarios:gonzalo
Jan 13 18:17:36 foobar smtpd[8210]: smtp-in: Authentication temporarily
failed for user gonzalo on session d9dbd5b5c39964e0
Jan 13 18:17:36 foobar smtpd[8210]: smtp-in: Failed command on session
d9dbd5b5c39964e0: AUTH [...] = 421 4.3.0: Temporary failure

users.db
gonzalo:{MD5-CRYPT}$1$ahHwZ98sQWuQ/hO0:1000:5000::/var/www/datos/correo/gonzalo:/bin/nologin




2015-01-13 17:03 GMT-03:00 Denis Fondras open...@ledeuns.net:

  And what do you do with the perms in mail_location and maildir for users?
 

 I set the UID/GID in /etc/dovecot/users.db and accordingly on the
 directory :

 user1:$6$Nd8q5:5000:5000::/home/mail/user1:/bin/nologin
 user2:{CRAM-MD5}932d2:5001:5000::/home/mail/user2:/bin/nologin

 drwx--  5 5000 5000 4096 janv. 13 20:56 user1
 drwx--  9 5001 5000 4096 janv. 13 09:01 user2

 --
 You received this mail because you are subscribed to misc@opensmtpd.org
 To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Re. hello, and $ mail on dial-up

2015-01-11 Thread Herbert J. Skuhra 
On Sat, Jan 10, 2015 at 08:53:49PM +0100, Ulrich Grassberger wrote:
 Hello,
 
 thanks for thy answer, Charles.
 
 I now have
 accept for any relay via tls+auth:la...@smtp.versatel.de \ auth 
 secrets as grasso...@versanet.de
 
 and get error logs like
 no valid route for connector  relay:smtp.versatel.de
 network error on destination MXs
 
 I can send mail using telnet and auth login. So it seems, that smtpd on 
 my computer and the relay cannot establish an encrypted connection. And 
 i did not find an option to tell smtpd to auth over a plain connection 
 -- what is what i would sooner do anyway.

Are you sure that smtp.versatel.de supports tls?

25/587 no STARTTLS
465 closed

Not recommended, but have you tried the relay without tls?

-- 
Herbert

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Re. hello, and $ mail on dial-up

2015-01-11 Thread Herbert J. Skuhra 
On Sun, Jan 11, 2015 at 02:05:22PM +0100, Herbert J. Skuhra wrote:
 On Sat, Jan 10, 2015 at 08:53:49PM +0100, Ulrich Grassberger wrote:
  Hello,
  
  thanks for thy answer, Charles.
  
  I now have
  accept for any relay via tls+auth:la...@smtp.versatel.de \ auth 
  secrets as grasso...@versanet.de
  
  and get error logs like
  no valid route for connector  relay:smtp.versatel.de
  network error on destination MXs
  
  I can send mail using telnet and auth login. So it seems, that smtpd on 
  my computer and the relay cannot establish an encrypted connection. And 
  i did not find an option to tell smtpd to auth over a plain connection 
  -- what is what i would sooner do anyway.
 
 Are you sure that smtp.versatel.de supports tls?
 
 25/587 no STARTTLS
 465 closed
 
 Not recommended, but have you tried the relay without tls?

Sorry, according to the man page this is not possible:

In addition, credentials for authenticated relaying may be provided when
using a secure schema.

So, you need a different relay!

-- 
Herbert

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Re. hello, and $ mail on dial-up

2015-01-11 Thread Ulrich Grassberger 
Herbert, Charles and all, smtps instead of tls works neither. And using 
a different relay is probably no option, Herbert.


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello

2015-01-11 Thread Gonzalo Rodriguez 
I like to add virtual users (now have system users) like:

MTA: OpenSMTPD
LDA: Dovecot
IMAP: Dovecot
USR: Virtual
DOMAINS: Virtual

But I didn't found the right setup yet... any help would be nice :)



2015-01-11 0:40 GMT-03:00 Gonzalo Rodriguez gonz...@sepp0.com.ar:

 I just swtich from Postfix + Dovecot to OpenSMTPd + Dovecot

 And here is my conf:

 table domainfile:/etc/mail/domain
 table aliases   db:/etc/mail/aliases.db

 expire 4h

 pki foobar.com certificate  /etc/ssl/foobar.com/foobar.crt
 pki foobar.com key  /etc/ssl/foobar.com/foobar.key
 pki foobar.com dhparams /etc/ssl/foobar.com/dhparam.pem

 listen on lo0 port 25
 listen on egress port 25 tls pki foobar.com auth-optional
 listen on egress port 2525 tls-require pki foobar.com auth
 listen on lo0 port 10027 tag Signed

 accept for local alias aliases deliver to mda
 /usr/local/libexec/dovecot/dovecot-lda -f %{sender} 
 accept from any for domain domain alias aliases deliver to mda
 /usr/local/libexec/dovecot/dovecot-lda -f %{sender} 
 accept from any for domain domain deliver to mda
 /usr/local/libexec/dovecot/dovecot-lda -f %{sender} 
 accept from local for any relay
 accept for any relay


 I also have spamd, this is under OpenBSD 5.6 -release.

 Any hint to make it better or secure?

 Thanks.

Re. hello, and $ mail on dial-up

2015-01-10 Thread Ulrich Grassberger 

Hello,

thanks for thy answer, Charles.

I now have
accept for any relay via tls+auth:la...@smtp.versatel.de \ auth 
secrets as grasso...@versanet.de


and get error logs like
no valid route for connector  relay:smtp.versatel.de
network error on destination MXs

I can send mail using telnet and auth login. So it seems, that smtpd on 
my computer and the relay cannot establish an encrypted connection. And 
i did not find an option to tell smtpd to auth over a plain connection 
-- what is what i would sooner do anyway.


Uli

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: hello, and $ mail on dial-up

2015-01-05 Thread Gilles Chehade 
On Tue, Dec 30, 2014 at 10:22:12PM +0100, Ulrich Grassberger wrote:
 Hello,
 

Hello,


 i started with BASIC as a kid in the early eighties and installed OpenBSD
 5.6 on a laptop for me and my mother. Windows is elegant for many uses but
 limited (by money). I am trying to use $ mail with a dial-up internet
 connection, trying to connect with POP3 and SMTP to my and my mother's mail
 accounts at remote servers. The people at m...@openbsd.org could not help
 me.
 
 Users can send and receive mail locally.
 
 Out of the box four instances of smtpd were running, but after installing
 Thunderbird, seven instances are. Why?


I'm not sure I understand what you're saying:

$ ps auxwww |grep smtpd
root  3813  0.0  0.0  1812  2104 ??  Is23Dec140:00.13 smtpd: [priv] 
(smtpd)
_smtpd1399  0.0  0.0  1544  1852 ??  I 23Dec140:00.00 smtpd: 
klondike (smtpd)
_smtpq   12972  0.0  0.0  2160  2792 ??  I 23Dec140:03.21 smtpd: queue 
(smtpd)
_smtpd   14756  0.0  0.0  1800  2224 ??  I 23Dec140:00.29 smtpd: 
control (smtpd)
_smtpd2977  0.0  0.0  1832  2444 ??  I 23Dec140:00.51 smtpd: lookup 
(smtpd)
_smtpd   31401  0.0  0.0  1484  1984 ??  I 23Dec140:00.33 smtpd: 
scheduler (smtpd)
_smtpd9364  0.0  0.0  1832  2956 ??  I 23Dec140:00.66 smtpd: pony 
express (smtpd)
$ 

There are seven processes, and they are all created at startup, there is
never only four.


 In order to be able to use $ mail for sending mail to my remote mail accout,
 i did this:
 
 # touch /etc/mail/secrets
 # chmod 640 /etc/mail/secrets
 # chown root:_smtpd /etc/mail/secrets
 # echo label grasso...@versanet.de:password  /etc/mail/secrets
 # makemap /etc/mail/secrets

 *smtpd.conf*:
 
 listen on lo0
 table aliases db:/etc/mail/aliases.db
 table secrets db:/etc/mail/secrets.db
 accept for local alias aliases deliver to mbox
 accept for any relay via tls+auth://grasso...@versanet.de@smtp.versatel.de \
  
This is not correct, above you have declared:

label grasso...@versanet.de:password

note that your key is label, so the line should read:

accept for any relay via tls+auth://la...@smtp.versatel.de
^

   auth secrets
 
 
 When I do $ mail -s test grasso...@versanet.de, then the mail is not
 delivered:
 
 554 MX does not exist
 received: from localhost
 from: Ulrich Grassberger (u...@k8lap.my.domain)
 
 (I do not know how to insert text from the terminal into Thunderbird in
 Unix.)
 
 I figure i need masquerading in order to change u...@k8lap.my.domain to
 grasso...@versanet.de, but smtpd does not have that yet. Does anyone have an
 idea how to approach my goal?
 

you can setup an /etc/mail/mailname file, or change the machine hostname
to versanet.de, both should work

-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Hello! smtpd issues

2014-04-04 Thread Herbert J. Skuhra 

Den 03.04.2014 22:00, skrev Brent Garner:

I'm trying to install OpenSMTPD on our server here so we can just send
things to it to see how it outputs. I was able to set this up on my 
local

machine but getting it on the server has been a little bit of a hassle
because its not connected to the normal repos. I had to install a RPM 
of
opensmtpd and it got on there. I tried to set it up but I keep getting 
this

error when trying to send a message:

 send-mail: error in offline directory setup

I was just curious if you would have any idea what I could do to fix 
this.


Check if /var/spool/smtpd and /var/spool/smtpd/offline exist and the 
permissions. On FreeBSD:


# cd /var/spool/smtpd
# ls -l |grep off
drwxrwxrwt2 rootwheel2 Dec 11 15:04 offline

--
Herbert


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org