Re: Setting personal mailserver
Thanks for the link. They don't require it though, according to the doc, they don't even enforce it for gmail when using it with own domains. It's certainly a good practice, though, that's true. On Sat, Sep 09, 2023 at 01:54:48PM +0900, Pontus Stenetorp wrote: On Sat 09 Sep 2023, Stuart Longland wrote: On 9/9/23 01:28, Tassilo Philipp wrote: [...] I didn't bother with DKIM until Google started mandating it for example [...[ Hm... do you have a reference for that? I don't have that experience with gmail servers. Also I don't find info about that being mandatory, online. https://support.google.com/a/answer/174124?hl=en#hcfe-content Sadly, I don't have any log messages to show, because I last had the problem in May 2021, and my log retention does not go back that far. At least from my experience and from reading Google's documentation, Google does not *require* both DKIM and SPF, but has since late 2022 or early 2023 started to randomly reject e-mails that has *neither*: 550-5.7.26 This mail is unauthenticated, which poses a security risk to the sender and Gmail users, and has been blocked. The sender must authenticate with at least one of SPF or DKIM. For this message, DKIM checks did not pass and SPF check for [example.com] did not pass with ip: [127.0.0.1]. The sender should visit https://support.google.com/mail/answer/81126#authentication for instructions on setting up authentication. I doubt that DKIM ever hurts though if you have it set up.
Re: Setting personal mailserver
On Sat 09 Sep 2023, Stuart Longland wrote: > On 9/9/23 01:28, Tassilo Philipp wrote: > > > [...] I didn't bother with DKIM until Google started mandating > > > it for example [...[ > > > > Hm... do you have a reference for that? I don't have that > > experience with gmail servers. Also I don't find info about that > > being mandatory, online. > > https://support.google.com/a/answer/174124?hl=en#hcfe-content > > Sadly, I don't have any log messages to show, because I last had the > problem in May 2021, and my log retention does not go back that far. At least from my experience and from reading Google's documentation, Google does not *require* both DKIM and SPF, but has since late 2022 or early 2023 started to randomly reject e-mails that has *neither*: 550-5.7.26 This mail is unauthenticated, which poses a security risk to the sender and Gmail users, and has been blocked. The sender must authenticate with at least one of SPF or DKIM. For this message, DKIM checks did not pass and SPF check for [example.com] did not pass with ip: [127.0.0.1]. The sender should visit https://support.google.com/mail/answer/81126#authentication for instructions on setting up authentication. I doubt that DKIM ever hurts though if you have it set up.
Re: Setting personal mailserver
On Thu, 7 Sep 2023, Sagar Acharya wrote: In today's times of mature NLP, you will not be able to differentiate human mail from bot mail or spam. Only in person verification is trustworthy. No. Are you saying that only people who control the network should send mails? Well DNS exactly is for that. If you find I send spams, you can easily easily block mails from my domain humaaraartha.in but it is not wise nor ethical to by default not allow people to mail. Acckshully ... when using centralized DNS root zone, ICANN, they can cancel/spoof domains. And TLS is worse, as the shadowy TLS global cabal decides the list of CAs full trusted. (And browsers do not support CA veto out of the box.) This lets the cabal MITM your TLS connections. DNS was designed to be federated - so you can lessen your dependence on ICANN by running your own root zone, or using a community root zone like https://www.opennic.org That issue lies because hardware is not mapped to people. There is no technological solution for trust hopping between machines. ssh should be discouraged and each machine, denoted by single IP address should be mapped to a human. So humaaraartha.in is run by Sagar Acharya. Yes, see https://github.com/cjdelisle/cjdns and https://github.com/yggdrasil-network/yggdrasil-go both of which create crypto unique authenticated IPv6 addresses. Use the raw IPv6 to send emails and make phone calls. Well, what action should be implemented for sending emails. I don't The scheme I use for fully decentralized opensmtpd and SIP is described at https://fedoramagazine.org/decentralize-common-fedora-apps-cjdns/ (Older version of opensmptpd for that article.) I even have a few people that will talk to me that way. And no spam. I do get connects from various spiders looking for mail server listening, but so far no spam. It is a hard sell ...
Re: Setting personal mailserver
On 9/9/23 01:28, Tassilo Philipp wrote: [...] I didn't bother with DKIM until Google started mandating it for example [...[ Hm... do you have a reference for that? I don't have that experience with gmail servers. Also I don't find info about that being mandatory, online. https://support.google.com/a/answer/174124?hl=en#hcfe-content Sadly, I don't have any log messages to show, because I last had the problem in May 2021, and my log retention does not go back that far. -- Stuart Longland (aka Redhatter, VK4MSL) I haven't lost my mind... ...it's backed up on a tape somewhere.
Re: Setting personal mailserver
[...] I didn't bother with DKIM until Google started mandating it for example [...[ Hm... do you have a reference for that? I don't have that experience with gmail servers. Also I don't find info about that being mandatory, online. On Fri, Sep 08, 2023 at 08:24:38AM +1000, Stuart Longland wrote: On 7/9/23 20:44, Sagar Acharya wrote: Let the mail providers have their setups. Is it possible to have a configuration where I have 2 servers, example.com example2.com where I can send and receive emails on ports say, 777 on plaintext, starttls optional and port 778 with smtps? Give me a configuration for such a thing. humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" humaaraartha.in. TXT "resports:777,778" humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. humaaraartha.in. A {myipv4address} That is all you have, nothing more for both servers. Can you help me send and recieve mails on ports 777,778 with just above DNS and smtpd? I can add SRV records for detection of ports 777, 778 if you want. Okay, not quite sure what the "resports" TXT record is achieving (a quick search on the topic didn't reveal any documentation on how it was supposed to work or correct syntax). I won't labour the point about outgoing port 25 traffic since others have covered this already. You can of course use different ports between servers on an agreed-upon manner. e.g. say we have a server, bnemx.vk4msl.com, running OpenSMTPD: vk4msl-bne# cat /etc/mail/smtpd.conf # $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. #table aliases file:/etc/mail/aliases table virtualdomains file:/etc/mail/virtualdomains table virtualusers file:/etc/mail/virtualusers pki bnemx cert "/etc/ssl/bnemx.vk4msl.com.fullchain.pem" pki bnemx key "/etc/ssl/private/bnemx.vk4msl.com.key" pki bnemx dhe auto listen on socket listen on all tls pki bnemx … etc, I won't post the full config. Those `listen` lines are the key, from smtpd.conf manpage: listen on interface [family] [options] Listen on the interface for incoming connections, using the same syntax as ifconfig(8). The interface parameter may also be an interface group, an IP address, or a domain name. Listening can optionally be restricted to a specific address family, which can be either inet4 or inet6. In amongst the options: port [port] Listen on the given port instead of the default port 25. So if I chose to, I could add: listen on all port 777 and then re-start smtpd, I'd now be listening on port 777. You could then tell your SMTP server to send to port 777 when sending to my domain. But doing so would be useless: - no one else would bother using port 777/tcp: they would most likely use port 25 - you wouldn't be able to send to any other server, unless they too, chose to use port 777/tcp. If you have a good proposal for how such alternative ports could be advertised (maybe via DNS TXT record), perhaps you could propose that as a Request For Comment to the Internet Engineering Task Force… and maybe if enough people thought it was a good idea, it would be adopted with its own official RFC number (like RFC-821, later replaced by RFC-2821 and RFC-5321). That though, won't mean instant ability to pick your own port number. The "alternate port number" feature would then need to be added to the various SMTP servers out there. Then sysadmins would need to install that version. This may take years, or even never happen in some cases. (Qmail is still IPv4-only because the author believes IPv6 is unnecessary.) Regardless of what you think of spam or how to fight it, the truth is the small fish don't make the rules in this game. You and I are small fish. I've been mucking around with mail servers pretty much this whole century so far. I started with trialling something over dial-up (ever seen a 56kbps modem screaming under the strain of an outbound mail queue stuffed with spam? I have!)… moved to using Sendmail on an old Slackware server hosted on ADSL with 2GB SCSI disks and a self-signed HTTPS certificate for webmail in 2001. Been running my own server ever since. It's not impossible to do it yourself, and dealing with spam is a constant cat-and-mouse game. Things have become more complex out of necessity (I didn't bother with DKIM until Google started mandating it for example), but even then, not overly difficult. The minimum standard however has changed over the years as requirements changed. That includes: - outbound SMTP unblocked -- pretty much since forever since that's how TCP/IP works - static IPv4 -- dynamic IPv4 has not been possible since ~2004 or so - SPF DNS records -- since ~2010 or so - DKIM signing and DMARC policies --
Re: Setting personal mailserver
On 08.09.2023 09:42, Stuart Longland wrote: Your options are: 1. set up a server outside your ISPs network that can transmit the message for you (e.g. if Internode decide to block port 25 or withdraw my public IP, I might use my secondary MX as the outbound mail server relay.) 2. use your ISPs mail server as a relay (after adding it to your SPF records along with any DKIM keys needed) 3. move to an ISP that lets you do this stuff I'd suggest (3) is your best option… as trying to circumvent firewall rules will likely get you disconnected for violating their Terms of Service anyway. (I note humaaraartha.in appears to be hosted by MTNL India, but their website is not responding for me at this time.) You can get a virtual server for 5€/m with a static IP and configurable reverse DNS - the same price as getting a mere static IP from my ISP. Good luck Reio
Re: Setting personal mailserver
On 8/9/23 15:51, Sagar Acharya wrote: SRV records would get port, like https://xmpp.org/extensions/xep-0368.html The logic would be like, say there is opensmtpd on the other server too. dig _mail._smtp.humaaraartha.in. SRV get_port_from_SRV() if found_different_port() try_port() else try_25() Sounds okay… but you'd have to get that supported by: - sendmail - postfix - netqmail - opensmtpd - exim - Microsoft Exchange - Google's mail server (whatever they call it) … and umpteen other possible mail servers. It isn't yet as far as I know. Another is for the MX record to support `hostname:port`, although one could argue MX could be readily replaced by SRV. Also, this does not solve your outbound SMTP issue: it'd only advertise to others that "I listen on a different port". It doesn't tell my server to start listening on a different port. Nor does it tell any firewalls in between to suddenly allow this out-of-the-ordinary connection. Caching can also be done for future requests. Yeah well, DNS will do that anyway. That's what the TTL field is for. You and I are small fish. I've been mucking around with mail servers pretty much this whole century so far. OpenBSD and suckless are moving forward and providing solutions. Which mailserver do you use? Postfix on AlpineLinux is my primary MX. Simply out of familiarity, I started with sendmail then later Qmail, but migrated to Postfix some time around 2006 or so. OpenSMTPD (and spamd) on OpenBSD is my secondary MX. I have some custom scripts that then store the email OpenPGP-encrypted for later collection by the primary MX in case there's downtime. The vast majority of my email traffic is direct to the primary MX (probably because of spamd's greylisting). If we can establish that any software be run on any port, then blocking ports won't make sense. Besides, they can block any domains and they already do if they find spam there. SPAM is just an excuse. Moving ports won't solve the problem. Yes it'd be nice to say, "ohh, by the way my SMTP is listening on port 2225", but that won't help you. You're expecting the world to move off 25/tcp for SMTP so you can hit it behind your ISP's firewall. That won't happen. Your options are: 1. set up a server outside your ISPs network that can transmit the message for you (e.g. if Internode decide to block port 25 or withdraw my public IP, I might use my secondary MX as the outbound mail server relay.) 2. use your ISPs mail server as a relay (after adding it to your SPF records along with any DKIM keys needed) 3. move to an ISP that lets you do this stuff I'd suggest (3) is your best option… as trying to circumvent firewall rules will likely get you disconnected for violating their Terms of Service anyway. (I note humaaraartha.in appears to be hosted by MTNL India, but their website is not responding for me at this time.) -- Stuart Longland (aka Redhatter, VK4MSL) I haven't lost my mind... ...it's backed up on a tape somewhere.
Re: Setting personal mailserver
Thank you Stuart. That is very helpful. SRV records would get port, like https://xmpp.org/extensions/xep-0368.html The logic would be like, say there is opensmtpd on the other server too. dig _mail._smtp.humaaraartha.in. SRV get_port_from_SRV() if found_different_port() try_port() else try_25() Caching can also be done for future requests. > You and I are small fish. I've been mucking around with mail servers pretty > much this whole century so far. OpenBSD and suckless are moving forward and providing solutions. Which mailserver do you use? If we can establish that any software be run on any port, then blocking ports won't make sense. Besides, they can block any domains and they already do if they find spam there. SPAM is just an excuse. Thanking you Sagar Acharya https://humaaraartha.in 8 Sept 2023, 03:55 by stua...@longlandclan.id.au: > On 7/9/23 20:44, Sagar Acharya wrote: > >> Let the mail providers have their setups. Is it possible to have a >> configuration where I have 2 servers, example.com example2.com where I can >> send and receive emails on ports say, 777 on plaintext, starttls optional >> and port 778 with smtps? >> >> Give me a configuration for such a thing. >> >> humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" >> humaaraartha.in. TXT "resports:777,778" >> > humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. > >> humaaraartha.in. A {myipv4address} >> That is all you have, nothing more for both servers. Can you help me send >> and recieve mails on ports 777,778 with just above DNS and smtpd? I can add >> SRV records for detection of ports 777, 778 if you want. >> > > Okay, not quite sure what the "resports" TXT record is achieving (a quick > search on the topic didn't reveal any documentation on how it was supposed to > work or correct syntax). I won't labour the point about outgoing port 25 > traffic since others have covered this already. > > You can of course use different ports between servers on an agreed-upon > manner. e.g. say we have a server, bnemx.vk4msl.com, running OpenSMTPD: > >> vk4msl-bne# cat /etc/mail/smtpd.conf >> # $OpenBSD: >> smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $ >> >> # This is the smtpd server system-wide configuration file. >> # See smtpd.conf(5) for more information. >> >> #table aliases file:/etc/mail/aliases >> table virtualdomains file:/etc/mail/virtualdomains >> table virtualusers file:/etc/mail/virtualusers >> >> pki bnemx cert "/etc/ssl/bnemx.vk4msl.com.fullchain.pem" >> pki bnemx key "/etc/ssl/private/bnemx.vk4msl.com.key" >> pki bnemx dhe auto >> >> listen on socket >> listen on all tls pki bnemx >> > … etc, I won't post the full config. > > Those `listen` lines are the key, from smtpd.conf manpage: > >> listen on interface [family] [options] >> Listen on the interface for incoming connections, using the same >> syntax as ifconfig(8). The interface parameter may also be an >> interface group, an IP address, or a domain name. Listening can >> optionally be restricted to a specific address family, which can >> be either inet4 or inet6. >> > > In amongst the options: > >> port [port] >> Listen on the given port instead of the default port 25. >> > > So if I chose to, I could add: > > listen on all port 777 > > and then re-start smtpd, I'd now be listening on port 777. > > You could then tell your SMTP server to send to port 777 when sending to my > domain. > > But doing so would be useless: > - no one else would bother using port 777/tcp: they would most likely use > port 25 > - you wouldn't be able to send to any other server, unless they too, chose to > use port 777/tcp. > > If you have a good proposal for how such alternative ports could be > advertised (maybe via DNS TXT record), perhaps you could propose that as a > Request For Comment to the Internet Engineering Task Force… and maybe if > enough people thought it was a good idea, it would be adopted with its own > official RFC number (like RFC-821, later replaced by RFC-2821 and RFC-5321). > > That though, won't mean instant ability to pick your own port number. The > "alternate port number" feature would then need to be added to the various > SMTP servers out there. Then sysadmins would need to install that version. > > This may take years, or even never happen in some cases. (Qmail is still > IPv4-only because the author believes IPv6 is unnecessary.) > > Regardless of what you think of spam or how to fight it, the truth is the > small fish don't make the rules in this game. You and I are small fish. > I've been mucking around with mail servers pretty much this whole century so > far. > > I started with trialling something over dial-up (ever seen a 56kbps modem > screaming under the strain of an outbound mail queue stuffed with spam? I > have!)… moved to using
Re: Setting personal mailserver
On 7/9/23 20:44, Sagar Acharya wrote: Let the mail providers have their setups. Is it possible to have a configuration where I have 2 servers, example.com example2.com where I can send and receive emails on ports say, 777 on plaintext, starttls optional and port 778 with smtps? Give me a configuration for such a thing. humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" humaaraartha.in. TXT "resports:777,778" humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. humaaraartha.in. A {myipv4address} That is all you have, nothing more for both servers. Can you help me send and recieve mails on ports 777,778 with just above DNS and smtpd? I can add SRV records for detection of ports 777, 778 if you want. Okay, not quite sure what the "resports" TXT record is achieving (a quick search on the topic didn't reveal any documentation on how it was supposed to work or correct syntax). I won't labour the point about outgoing port 25 traffic since others have covered this already. You can of course use different ports between servers on an agreed-upon manner. e.g. say we have a server, bnemx.vk4msl.com, running OpenSMTPD: vk4msl-bne# cat /etc/mail/smtpd.conf # $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. #table aliases file:/etc/mail/aliases table virtualdomains file:/etc/mail/virtualdomains table virtualusers file:/etc/mail/virtualusers pki bnemx cert "/etc/ssl/bnemx.vk4msl.com.fullchain.pem" pki bnemx key "/etc/ssl/private/bnemx.vk4msl.com.key" pki bnemx dhe auto listen on socket listen on all tls pki bnemx … etc, I won't post the full config. Those `listen` lines are the key, from smtpd.conf manpage: listen on interface [family] [options] Listen on the interface for incoming connections, using the same syntax as ifconfig(8). The interface parameter may also be an interface group, an IP address, or a domain name. Listening can optionally be restricted to a specific address family, which can be either inet4 or inet6. In amongst the options: port [port] Listen on the given port instead of the default port 25. So if I chose to, I could add: listen on all port 777 and then re-start smtpd, I'd now be listening on port 777. You could then tell your SMTP server to send to port 777 when sending to my domain. But doing so would be useless: - no one else would bother using port 777/tcp: they would most likely use port 25 - you wouldn't be able to send to any other server, unless they too, chose to use port 777/tcp. If you have a good proposal for how such alternative ports could be advertised (maybe via DNS TXT record), perhaps you could propose that as a Request For Comment to the Internet Engineering Task Force… and maybe if enough people thought it was a good idea, it would be adopted with its own official RFC number (like RFC-821, later replaced by RFC-2821 and RFC-5321). That though, won't mean instant ability to pick your own port number. The "alternate port number" feature would then need to be added to the various SMTP servers out there. Then sysadmins would need to install that version. This may take years, or even never happen in some cases. (Qmail is still IPv4-only because the author believes IPv6 is unnecessary.) Regardless of what you think of spam or how to fight it, the truth is the small fish don't make the rules in this game. You and I are small fish. I've been mucking around with mail servers pretty much this whole century so far. I started with trialling something over dial-up (ever seen a 56kbps modem screaming under the strain of an outbound mail queue stuffed with spam? I have!)… moved to using Sendmail on an old Slackware server hosted on ADSL with 2GB SCSI disks and a self-signed HTTPS certificate for webmail in 2001. Been running my own server ever since. It's not impossible to do it yourself, and dealing with spam is a constant cat-and-mouse game. Things have become more complex out of necessity (I didn't bother with DKIM until Google started mandating it for example), but even then, not overly difficult. The minimum standard however has changed over the years as requirements changed. That includes: - outbound SMTP unblocked -- pretty much since forever since that's how TCP/IP works - static IPv4 -- dynamic IPv4 has not been possible since ~2004 or so - SPF DNS records -- since ~2010 or so - DKIM signing and DMARC policies -- since ~2020 Some day, IPv6 may be a requirement as the IPv4 address space dries up. It's no good "wishing" it to be different. In the future it may become impossible for me to run my own server on the
Re: Setting personal mailserver
On Thu 07 Sep 2023, Tassilo Philipp wrote: > > > > Give me a configuration for such a thing. > > I think several people mentioned by now reading the doc and getting > familiar with email. This is not trying to be mean, I think you really > would set it up faster by learning and using it, then also > understanding it b/c you have to maintain it, than asking over and > over for some config lines on here. Seconding this and adding that there is excellent documentation out there that will take you all the way there if you bother to read it: https://github.com/poolpOrg/OpenSMTPD-book https://man.openbsd.org/smtpd https://man.openbsd.org/smtpd.conf https://man.openbsd.org/smtpctl https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/#installing-and-configuring-dovecot I would recommend reading them in that specific order, but I have a strong bottom up bias.
Re: Setting personal mailserver
Give me a configuration for such a thing. I think several people mentioned by now reading the doc and getting familiar with email. This is not trying to be mean, I think you really would set it up faster by learning and using it, then also understanding it b/c you have to maintain it, than asking over and over for some config lines on here. On Thu, Sep 07, 2023 at 12:44:07PM +0200, Sagar Acharya wrote: I get you, I get you. Let the mail providers have their setups. Is it possible to have a configuration where I have 2 servers, example.com example2.com where I can send and receive emails on ports say, 777 on plaintext, starttls optional and port 778 with smtps? Give me a configuration for such a thing. humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" humaaraartha.in. TXT "resports:777,778"humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. humaaraartha.in. A {myipv4address} That is all you have, nothing more for both servers. Can you help me send and recieve mails on ports 777,778 with just above DNS and smtpd? I can add SRV records for detection of ports 777, 778 if you want. Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 15:33 by gil...@poolp.org: September 7, 2023 11:44 AM, "Sagar Acharya" wrote: In today's times of mature NLP, you will not be able to differentiate human mail from bot mail or spam. Only in person verification is trustworthy. No. Are you saying that only people who control the network should send mails? Well DNS exactly is for that. If you find I send spams, you can easily easily block mails from my domain humaaraartha.in but it is not wise nor ethical to by default not allow people to mail. That issue lies because hardware is not mapped to people. There is no technological solution for trust hopping between machines. ssh should be discouraged and each machine, denoted by single IP address should be mapped to a human. So humaaraartha.in is run by Sagar Acharya. My configuration of whitelisting does exactly that. In today's world where each grain can potentially have an IPv6, I accept requests only from whitelist or at the very least accept from everyone and prioritize the whitelist. Well, what action should be implemented for sending emails. I don't get a sending action. I have changed conf to action "send" relay helo humaaraartha.inmatch from any for any action "send" Thanking you Sagar Acharya https://humaaraartha.in As many people told you, domestic connections are no longer suitable for sending mail, wether you like it or not this is the actual state of the SMTP network and will remain like this because the big mailer corps control most of the e-mail address space and have decided so. If you ignore this then you'll be blocked from most recipients, you decide if it's acceptable for you. Then, if you're domestic connection has outgoing port 25 filtered, you can't work around this and need a relay host somewhere else that can accept mail on a different port with unfiltered port 25 for outgoing trafic. You can't just switch to a different port and expect it to work this shows a misunderstanding of how networking, internet and SMTP works. There's nothing that can be changed in your config that will fix this because the problem isn't a configuration issue but an issue with understanding both what you're allowed and trying to do.
Re: Setting personal mailserver
I get you, I get you. Let the mail providers have their setups. Is it possible to have a configuration where I have 2 servers, example.com example2.com where I can send and receive emails on ports say, 777 on plaintext, starttls optional and port 778 with smtps? Give me a configuration for such a thing. humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" humaaraartha.in. TXT "resports:777,778"humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. humaaraartha.in. A {myipv4address} That is all you have, nothing more for both servers. Can you help me send and recieve mails on ports 777,778 with just above DNS and smtpd? I can add SRV records for detection of ports 777, 778 if you want. Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 15:33 by gil...@poolp.org: > September 7, 2023 11:44 AM, "Sagar Acharya" wrote: > >> In today's times of mature NLP, you will not be able to differentiate human >> mail from bot mail or >> spam. Only in person verification is trustworthy. >> No. Are you saying that only people who control the network should send >> mails? Well DNS exactly is >> for that. If you find I send spams, you can easily easily block mails from >> my domain >> humaaraartha.in but it is not wise nor ethical to by default not allow >> people to mail. >> >> That issue lies because hardware is not mapped to people. There is no >> technological solution for >> trust hopping between machines. ssh should be discouraged and each machine, >> denoted by single IP >> address should be mapped to a human. So humaaraartha.in is run by Sagar >> Acharya. >> >> My configuration of whitelisting does exactly that. In today's world where >> each grain can >> potentially have an IPv6, I accept requests only from whitelist or at the >> very least accept from >> everyone and prioritize the whitelist. >> >> Well, what action should be implemented for sending emails. I don't get a >> sending action. I have >> changed conf to >> >> action "send" relay helo humaaraartha.inmatch from any for any action "send" >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> > > As many people told you, domestic connections are no longer suitable for > sending mail, wether you > like it or not this is the actual state of the SMTP network and will remain > like this because the > big mailer corps control most of the e-mail address space and have decided > so. If you ignore this > then you'll be blocked from most recipients, you decide if it's acceptable > for you. > > > Then, if you're domestic connection has outgoing port 25 filtered, you can't > work around this and > need a relay host somewhere else that can accept mail on a different port > with unfiltered port 25 > for outgoing trafic. You can't just switch to a different port and expect it > to work this shows a > misunderstanding of how networking, internet and SMTP works. > > There's nothing that can be changed in your config that will fix this because > the problem isn't a > configuration issue but an issue with understanding both what you're allowed > and trying to do. >
Re: Setting personal mailserver
September 7, 2023 11:44 AM, "Sagar Acharya" wrote: > In today's times of mature NLP, you will not be able to differentiate human > mail from bot mail or > spam. Only in person verification is trustworthy. > No. Are you saying that only people who control the network should send > mails? Well DNS exactly is > for that. If you find I send spams, you can easily easily block mails from my > domain > humaaraartha.in but it is not wise nor ethical to by default not allow people > to mail. > > That issue lies because hardware is not mapped to people. There is no > technological solution for > trust hopping between machines. ssh should be discouraged and each machine, > denoted by single IP > address should be mapped to a human. So humaaraartha.in is run by Sagar > Acharya. > > My configuration of whitelisting does exactly that. In today's world where > each grain can > potentially have an IPv6, I accept requests only from whitelist or at the > very least accept from > everyone and prioritize the whitelist. > > Well, what action should be implemented for sending emails. I don't get a > sending action. I have > changed conf to > > action "send" relay helo humaaraartha.inmatch from any for any action "send" > Thanking you > Sagar Acharya > https://humaaraartha.in > As many people told you, domestic connections are no longer suitable for sending mail, wether you like it or not this is the actual state of the SMTP network and will remain like this because the big mailer corps control most of the e-mail address space and have decided so. If you ignore this then you'll be blocked from most recipients, you decide if it's acceptable for you. Then, if you're domestic connection has outgoing port 25 filtered, you can't work around this and need a relay host somewhere else that can accept mail on a different port with unfiltered port 25 for outgoing trafic. You can't just switch to a different port and expect it to work this shows a misunderstanding of how networking, internet and SMTP works. There's nothing that can be changed in your config that will fix this because the problem isn't a configuration issue but an issue with understanding both what you're allowed and trying to do.
RE: Setting personal mailserver
Dear Sagar, What you mentioned is like, “Just because the grapevine is high on the tree, then it must be sour”. Hope you will learn some lessons and not put the blame on softwares or standards which is empowering critical part, communication. Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows From: Sagar Acharya<mailto:sagaracha...@tutanota.com> Sent: Thursday, September 7, 2023 5:45 PM To: Archange<mailto:archa...@activis.me> Cc: Misc<mailto:misc@opensmtpd.org> Subject: Re: Setting personal mailserver In today's times of mature NLP, you will not be able to differentiate human mail from bot mail or spam. Only in person verification is trustworthy. No. Are you saying that only people who control the network should send mails? Well DNS exactly is for that. If you find I send spams, you can easily easily block mails from my domain humaaraartha.in but it is not wise nor ethical to by default not allow people to mail. That issue lies because hardware is not mapped to people. There is no technological solution for trust hopping between machines. ssh should be discouraged and each machine, denoted by single IP address should be mapped to a human. So humaaraartha.in is run by Sagar Acharya. My configuration of whitelisting does exactly that. In today's world where each grain can potentially have an IPv6, I accept requests only from whitelist or at the very least accept from everyone and prioritize the whitelist. Well, what action should be implemented for sending emails. I don't get a sending action. I have changed conf to action "send" relay helo humaaraartha.inmatch from any for any action "send" Thanking you Sagar Acharya https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhumaaraartha.in%2F=05%7C01%7C%7Cd42530dd62fe4c9bf80d08dbaf87238e%7C84df9e7fe9f640afb435%7C1%7C0%7C638296767187028509%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=WMsP99lk%2BM%2FNu2%2BRluBbGYw6yC%2BnT%2Fz6ACk907tgWwY%3D=0<https://humaaraartha.in/> 7 Sept 2023, 14:53 by archa...@activis.me: > This is not the 80–90’s anymore. Internet is not a friendly place, and the > bulk of emails sent today are spams. So most actors are leveraging everything > they can to reduce that, and a high entrance barrier to email sending is > definitively part of this plan. > > That’s why we have (fc)rDNS, SPF, DKIM… And regarding residential IPs, they > are hosts of the biggest botnets in the world, so residential ISP tend to > block port 25 outgoing by default to limit spam. Some provide you the option > to disable the port blocking, but very rare are those that allow you setting > the reverse. > > On my receiving ends (plural, I handle multiple email servers of various > sizes including some with thousands of users), cutting down non (fc)rDNS > compliant senders kills 99+% of spam attempts and I’ve never been reached by > someone having a false positive on that policy. I don’t see why anyone would > want to not have this amazing first layer fence. > > Regards. > > Le 07/09/2023 à 13:12, Sagar Acharya a écrit : > >> Or maybe we can simplify mail systems more. If mail, a system used to send >> messages across computers cannot work on "residential" IPs, then we can make >> it work on "residential" network since most nodes are "residential". You can >> look at. >> >> humaaraartha.in. TXT >> >> And you'll find spf records there. Maybe it's just time to say, reduce the >> requirements of mail hosting to just static ip and DNS in a world where most >> don't even have a static ip! >> Thanking you >> Sagar Acharya >> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhumaaraartha.in%2F=05%7C01%7C%7Cd42530dd62fe4c9bf80d08dbaf87238e%7C84df9e7fe9f640afb435%7C1%7C0%7C638296767187028509%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=WMsP99lk%2BM%2FNu2%2BRluBbGYw6yC%2BnT%2Fz6ACk907tgWwY%3D=0<https://humaaraartha.in/> >> >> P.S. I see that you're talking substance and truth to some extent but >> discarding residential IPs and this need for reverse dns is outrageous! What >> is the point of reverse DNS in today's world? >> 7 Sept 2023, 14:25 by archa...@activis.me: >> >>> Learn the basics. Unfortunately, you do not seem to understand MTA/SMTP. >>> >>> So read maybe >>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FpoolpOrg%2FOpenSMTPD-book=05%7C01%7C%7Cd42530dd62fe4c9bf80d08dbaf87238e%7C84df9e7fe9f640afb435%7C1%7C0%7C638296767187028509%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIi
Re: Setting personal mailserver
In today's times of mature NLP, you will not be able to differentiate human mail from bot mail or spam. Only in person verification is trustworthy. No. Are you saying that only people who control the network should send mails? Well DNS exactly is for that. If you find I send spams, you can easily easily block mails from my domain humaaraartha.in but it is not wise nor ethical to by default not allow people to mail. That issue lies because hardware is not mapped to people. There is no technological solution for trust hopping between machines. ssh should be discouraged and each machine, denoted by single IP address should be mapped to a human. So humaaraartha.in is run by Sagar Acharya. My configuration of whitelisting does exactly that. In today's world where each grain can potentially have an IPv6, I accept requests only from whitelist or at the very least accept from everyone and prioritize the whitelist. Well, what action should be implemented for sending emails. I don't get a sending action. I have changed conf to action "send" relay helo humaaraartha.inmatch from any for any action "send" Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 14:53 by archa...@activis.me: > This is not the 80–90’s anymore. Internet is not a friendly place, and the > bulk of emails sent today are spams. So most actors are leveraging everything > they can to reduce that, and a high entrance barrier to email sending is > definitively part of this plan. > > That’s why we have (fc)rDNS, SPF, DKIM… And regarding residential IPs, they > are hosts of the biggest botnets in the world, so residential ISP tend to > block port 25 outgoing by default to limit spam. Some provide you the option > to disable the port blocking, but very rare are those that allow you setting > the reverse. > > On my receiving ends (plural, I handle multiple email servers of various > sizes including some with thousands of users), cutting down non (fc)rDNS > compliant senders kills 99+% of spam attempts and I’ve never been reached by > someone having a false positive on that policy. I don’t see why anyone would > want to not have this amazing first layer fence. > > Regards. > > Le 07/09/2023 à 13:12, Sagar Acharya a écrit : > >> Or maybe we can simplify mail systems more. If mail, a system used to send >> messages across computers cannot work on "residential" IPs, then we can make >> it work on "residential" network since most nodes are "residential". You can >> look at. >> >> humaaraartha.in. TXT >> >> And you'll find spf records there. Maybe it's just time to say, reduce the >> requirements of mail hosting to just static ip and DNS in a world where most >> don't even have a static ip! >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> P.S. I see that you're talking substance and truth to some extent but >> discarding residential IPs and this need for reverse dns is outrageous! What >> is the point of reverse DNS in today's world? >> 7 Sept 2023, 14:25 by archa...@activis.me: >> >>> Learn the basics. Unfortunately, you do not seem to understand MTA/SMTP. >>> >>> So read maybe https://github.com/poolpOrg/OpenSMTPD-book, also >>> https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/, >>> and get a better understanding of SMTP/MTA requirements. >>> >>> A public IP is not enough, it has to be not residential or at least you of >>> course need port 25 to be open towards the world, which is not your case, >>> and you also need to be able to set the reverse for it, while currently >>> >>> humaaraartha.in. IN A 182.59.136.243 >>> >>> but >>> >>> 243.136.59.182.in-addr.arpa. IN PTR >>> static-mum-182.59.136.243.mtnl.net.in. >>> >>> And I do not expect “Mahanagar Telephone Nigam Limited” to let you set that >>> reverse. >>> >>> So back to our options : either get a VPS or dedicated server somewhere >>> that allow port 25 and setting reverse, or use an email service provider >>> that would allow you to relay emails. >>> >>> Actually I’m not even sure that your available SMTP options >>> (Tutanota/GMail) would allow sending with an arbitrary MAIL FROM (i.e. one >>> that is not @tutanota.tld or @gmail.com), and as I don’t have an account on >>> either I cannot test that. So you would have to look into >>> https://man.openbsd.org/smtpd.conf#host and >>> https://man.openbsd.org/smtpd.conf#auth, and check whether any of your >>> email providers allow you to send email as @humaaraartha.in (and then you >>> might want to provide SPF records allowing them to do so). >>> >>> Regards. >>> >>> Le 06/09/2023 à 23:40, Sagar Acharya a écrit : >>> So what's the solution? I have a public ip. Can you suggest an edit? Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 00:43 by archa...@activis.me: > Hi, > > Le 06/09/2023 à 22:40, Sagar Acharya a écrit : > >> I
Re: Setting personal mailserver
This is not the 80–90’s anymore. Internet is not a friendly place, and the bulk of emails sent today are spams. So most actors are leveraging everything they can to reduce that, and a high entrance barrier to email sending is definitively part of this plan. That’s why we have (fc)rDNS, SPF, DKIM… And regarding residential IPs, they are hosts of the biggest botnets in the world, so residential ISP tend to block port 25 outgoing by default to limit spam. Some provide you the option to disable the port blocking, but very rare are those that allow you setting the reverse. On my receiving ends (plural, I handle multiple email servers of various sizes including some with thousands of users), cutting down non (fc)rDNS compliant senders kills 99+% of spam attempts and I’ve never been reached by someone having a false positive on that policy. I don’t see why anyone would want to not have this amazing first layer fence. Regards. Le 07/09/2023 à 13:12, Sagar Acharya a écrit : Or maybe we can simplify mail systems more. If mail, a system used to send messages across computers cannot work on "residential" IPs, then we can make it work on "residential" network since most nodes are "residential". You can look at. humaaraartha.in. TXT And you'll find spf records there. Maybe it's just time to say, reduce the requirements of mail hosting to just static ip and DNS in a world where most don't even have a static ip! Thanking you Sagar Acharya https://humaaraartha.in P.S. I see that you're talking substance and truth to some extent but discarding residential IPs and this need for reverse dns is outrageous! What is the point of reverse DNS in today's world? 7 Sept 2023, 14:25 by archa...@activis.me: Learn the basics. Unfortunately, you do not seem to understand MTA/SMTP. So read maybe https://github.com/poolpOrg/OpenSMTPD-book, also https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/, and get a better understanding of SMTP/MTA requirements. A public IP is not enough, it has to be not residential or at least you of course need port 25 to be open towards the world, which is not your case, and you also need to be able to set the reverse for it, while currently humaaraartha.in. IN A 182.59.136.243 but 243.136.59.182.in-addr.arpa. IN PTR static-mum-182.59.136.243.mtnl.net.in. And I do not expect “Mahanagar Telephone Nigam Limited” to let you set that reverse. So back to our options : either get a VPS or dedicated server somewhere that allow port 25 and setting reverse, or use an email service provider that would allow you to relay emails. Actually I’m not even sure that your available SMTP options (Tutanota/GMail) would allow sending with an arbitrary MAIL FROM (i.e. one that is not @tutanota.tld or @gmail.com), and as I don’t have an account on either I cannot test that. So you would have to look into https://man.openbsd.org/smtpd.conf#host and https://man.openbsd.org/smtpd.conf#auth, and check whether any of your email providers allow you to send email as @humaaraartha.in (and then you might want to provide SPF records allowing them to do so). Regards. Le 06/09/2023 à 23:40, Sagar Acharya a écrit : So what's the solution? I have a public ip. Can you suggest an edit? Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 00:43 by archa...@activis.me: Hi, Le 06/09/2023 à 22:40, Sagar Acharya a écrit : I checked all network settings. They are perfect. Here is my conf below exactly. There's some issue with it. == smtpd.conf == table aliases file:/etc/smtpd/aliases table whitelist file:/etc/smtpd/whitelist pki humaaraartha.in cert "path_to_fullchain" pki humaaraartha.in key "path_to_privkey" listen on 0.0.0.0 tls pki humaaraartha.in listen on 0.0.0.0 smtps pki humaaraartha.in action "local" maildir alias action "relay" relay host "smtps://humaaraartha.in" mail-from "@humaaraartha.in" This line cannot work. You are asking to relay outgoing emails to your own server (host is the destination host — Jarod just linked the doc while I was writing). They won’t go anywhere. You cannot workaround port 25 being blocked by using another port, else port 25 would not be blocked anywhere. You have to use an external relay that will accept submission from you on port 465 (smtps) or 587 (submission) and then relay on port 25 to the world. That will likely have to be one you have an account on (gmail or tutatnota). Regards.
Re: Setting personal mailserver
Or maybe we can simplify mail systems more. If mail, a system used to send messages across computers cannot work on "residential" IPs, then we can make it work on "residential" network since most nodes are "residential". You can look at. humaaraartha.in. TXT And you'll find spf records there. Maybe it's just time to say, reduce the requirements of mail hosting to just static ip and DNS in a world where most don't even have a static ip! Thanking you Sagar Acharya https://humaaraartha.in P.S. I see that you're talking substance and truth to some extent but discarding residential IPs and this need for reverse dns is outrageous! What is the point of reverse DNS in today's world? 7 Sept 2023, 14:25 by archa...@activis.me: > Learn the basics. Unfortunately, you do not seem to understand MTA/SMTP. > > So read maybe https://github.com/poolpOrg/OpenSMTPD-book, also > https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/, > and get a better understanding of SMTP/MTA requirements. > > A public IP is not enough, it has to be not residential or at least you of > course need port 25 to be open towards the world, which is not your case, and > you also need to be able to set the reverse for it, while currently > > humaaraartha.in. IN A 182.59.136.243 > > but > > 243.136.59.182.in-addr.arpa. IN PTR > static-mum-182.59.136.243.mtnl.net.in. > > And I do not expect “Mahanagar Telephone Nigam Limited” to let you set that > reverse. > > So back to our options : either get a VPS or dedicated server somewhere that > allow port 25 and setting reverse, or use an email service provider that > would allow you to relay emails. > > Actually I’m not even sure that your available SMTP options (Tutanota/GMail) > would allow sending with an arbitrary MAIL FROM (i.e. one that is not > @tutanota.tld or @gmail.com), and as I don’t have an account on either I > cannot test that. So you would have to look into > https://man.openbsd.org/smtpd.conf#host and > https://man.openbsd.org/smtpd.conf#auth, and check whether any of your email > providers allow you to send email as @humaaraartha.in (and then you might > want to provide SPF records allowing them to do so). > > Regards. > > Le 06/09/2023 à 23:40, Sagar Acharya a écrit : > >> So what's the solution? I have a public ip. Can you suggest an edit? >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 7 Sept 2023, 00:43 by archa...@activis.me: >> >>> Hi, >>> >>> Le 06/09/2023 à 22:40, Sagar Acharya a écrit : >>> I checked all network settings. They are perfect. Here is my conf below exactly. There's some issue with it. == smtpd.conf == table aliases file:/etc/smtpd/aliases table whitelist file:/etc/smtpd/whitelist pki humaaraartha.in cert "path_to_fullchain" pki humaaraartha.in key "path_to_privkey" listen on 0.0.0.0 tls pki humaaraartha.in listen on 0.0.0.0 smtps pki humaaraartha.in action "local" maildir alias action "relay" relay host "smtps://humaaraartha.in" mail-from "@humaaraartha.in" >>> This line cannot work. You are asking to relay outgoing emails to your own >>> server (host is the destination host — Jarod just linked the doc while I >>> was writing). They won’t go anywhere. You cannot workaround port 25 being >>> blocked by using another port, else port 25 would not be blocked anywhere. >>> You have to use an external relay that will accept submission from you on >>> port 465 (smtps) or 587 (submission) and then relay on port 25 to the >>> world. That will likely have to be one you have an account on (gmail or >>> tutatnota). >>> >>> Regards. >>>
Re: Setting personal mailserver
Learn the basics. Unfortunately, you do not seem to understand MTA/SMTP. So read maybe https://github.com/poolpOrg/OpenSMTPD-book, also https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/, and get a better understanding of SMTP/MTA requirements. A public IP is not enough, it has to be not residential or at least you of course need port 25 to be open towards the world, which is not your case, and you also need to be able to set the reverse for it, while currently humaaraartha.in. IN A 182.59.136.243 but 243.136.59.182.in-addr.arpa. IN PTR static-mum-182.59.136.243.mtnl.net.in. And I do not expect “Mahanagar Telephone Nigam Limited” to let you set that reverse. So back to our options : either get a VPS or dedicated server somewhere that allow port 25 and setting reverse, or use an email service provider that would allow you to relay emails. Actually I’m not even sure that your available SMTP options (Tutanota/GMail) would allow sending with an arbitrary MAIL FROM (i.e. one that is not @tutanota.tld or @gmail.com), and as I don’t have an account on either I cannot test that. So you would have to look into https://man.openbsd.org/smtpd.conf#host and https://man.openbsd.org/smtpd.conf#auth, and check whether any of your email providers allow you to send email as @humaaraartha.in (and then you might want to provide SPF records allowing them to do so). Regards. Le 06/09/2023 à 23:40, Sagar Acharya a écrit : So what's the solution? I have a public ip. Can you suggest an edit? Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 00:43 by archa...@activis.me: Hi, Le 06/09/2023 à 22:40, Sagar Acharya a écrit : I checked all network settings. They are perfect. Here is my conf below exactly. There's some issue with it. == smtpd.conf == table aliases file:/etc/smtpd/aliases table whitelist file:/etc/smtpd/whitelist pki humaaraartha.in cert "path_to_fullchain" pki humaaraartha.in key "path_to_privkey" listen on 0.0.0.0 tls pki humaaraartha.in listen on 0.0.0.0 smtps pki humaaraartha.in action "local" maildir alias action "relay" relay host "smtps://humaaraartha.in" mail-from "@humaaraartha.in" This line cannot work. You are asking to relay outgoing emails to your own server (host is the destination host — Jarod just linked the doc while I was writing). They won’t go anywhere. You cannot workaround port 25 being blocked by using another port, else port 25 would not be blocked anywhere. You have to use an external relay that will accept submission from you on port 465 (smtps) or 587 (submission) and then relay on port 25 to the world. That will likely have to be one you have an account on (gmail or tutatnota). Regards.
Re: Setting personal mailserver
So what's the solution? I have a public ip. Can you suggest an edit? Thanking you Sagar Acharya https://humaaraartha.in 7 Sept 2023, 00:43 by archa...@activis.me: > Hi, > > Le 06/09/2023 à 22:40, Sagar Acharya a écrit : > >> I checked all network settings. They are perfect. Here is my conf below >> exactly. There's some issue with it. >> >> == smtpd.conf == >> table aliases file:/etc/smtpd/aliases >> table whitelist file:/etc/smtpd/whitelist >> >> pki humaaraartha.in cert "path_to_fullchain" >> pki humaaraartha.in key "path_to_privkey" >> >> listen on 0.0.0.0 tls pki humaaraartha.in >> listen on 0.0.0.0 smtps pki humaaraartha.in >> >> action "local" maildir alias >> action "relay" relay host "smtps://humaaraartha.in" mail-from >> "@humaaraartha.in" >> > > This line cannot work. You are asking to relay outgoing emails to your own > server (host is the destination host — Jarod just linked the doc while I was > writing). They won’t go anywhere. You cannot workaround port 25 being blocked > by using another port, else port 25 would not be blocked anywhere. You have > to use an external relay that will accept submission from you on port 465 > (smtps) or 587 (submission) and then relay on port 25 to the world. That will > likely have to be one you have an account on (gmail or tutatnota). > > Regards. >
Re: Setting personal mailserver
Hi, Le 06/09/2023 à 22:40, Sagar Acharya a écrit : I checked all network settings. They are perfect. Here is my conf below exactly. There's some issue with it. == smtpd.conf == table aliases file:/etc/smtpd/aliases table whitelist file:/etc/smtpd/whitelist pki humaaraartha.in cert "path_to_fullchain" pki humaaraartha.in key "path_to_privkey" listen on 0.0.0.0 tls pki humaaraartha.in listen on 0.0.0.0 smtps pki humaaraartha.in action "local" maildir alias action "relay" relay host "smtps://humaaraartha.in" mail-from "@humaaraartha.in" This line cannot work. You are asking to relay outgoing emails to your own server (host is the destination host — Jarod just linked the doc while I was writing). They won’t go anywhere. You cannot workaround port 25 being blocked by using another port, else port 25 would not be blocked anywhere. You have to use an external relay that will accept submission from you on port 465 (smtps) or 587 (submission) and then relay on port 25 to the world. That will likely have to be one you have an account on (gmail or tutatnota). Regards.
Re: Setting personal mailserver
Hello, in your configuration, you're relaying your emails to yourself. action "relay" relay host"smtps://humaaraartha.in" mail-from "@humaaraartha.in" from smtpd.conf(5) : host _relay-url_ Do not perform MX lookups but relay messages to the relay host described by relay-url. Since you're on a residential IP, i would suggest you to find a machine with a public v4/v6 address to use as a SMTP relay for both incoming and outcoming e-mails. (or you could use it directly to host your main opensmtpd instance) Jarod G. Le 06/09/2023 à 20:40, Sagar Acharya a écrit : I checked all network settings. They are perfect. Here is my conf below exactly. There's some issue with it. == smtpd.conf == table aliasesfile:/etc/smtpd/aliases table whitelistfile:/etc/smtpd/whitelist pki humaaraartha.in cert "path_to_fullchain" pki humaaraartha.in key "path_to_privkey" listen on 0.0.0.0 tls pki humaaraartha.in listen on 0.0.0.0 smtps pki humaaraartha.in action "local" maildir alias action "relay" relay host"smtps://humaaraartha.in" mail-from "@humaaraartha.in" match from mail-from for domain "humaaraartha.in" action "local" match for any action "relay" match for local action local #match from any reject = == whitelist = sagaracha...@tutanota.com anotherm...@gmail.com=== Network error on destination MXs. I cannot send mails. I can receive them. Thanking you Sagar Acharya https://humaaraartha.in 3 Sept 2023, 22:26 byalex.misc...@web.de: Hello Sagar, is the port reachable from your system? Check with netcat: nc -v mydomain.com 465 Is the certificate chain complete and are you trusting the root CA? Verify with openssl: openssl s_client -connect mydomain.com:465 (I assume "mydomain.com" is the anonymized form of your actual domain) Also, as has been requested before: If people here offer their help you should at least be posting your smtpd.conf file Kind regards, Alex On 03.09.23 16:00, Sagar Acharya wrote: I have set spf records, TXT as follows: "v=spf1 ipv4:{myipv4address} -all" You can dig them at humaaraartha.in Everything looks spick and span and the error of smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] still remains. Thanking you Sagar Acharya https://humaaraartha.in 3 Sept 2023, 16:45 bys...@gamindustri.fr: Hello, Port 465 with implicit TLS for Submissions isn't outdated since RFC 8314, it's even the recommended way to use Submissions as STARTTLS (mostly used on tcp/587) is a security nightmare. More details in this PR i made two months ago : https://github.com/stalwartlabs/website/pull/1#issue-1812289068 Jarod G. Le 03/09/2023 à 00:26, Reio Remma a écrit : Port 465 is the deprecated SMTPS submission port, you can't send mail to that. If you're trying to send out e-mail from a residential IP (even with an unblocked outoing port 25), you'll find more problems e.g. receiving servers not accepting your e-mails because of your IP having no FCrDNS etc. Good luck Reio On 02.09.2023 21:56, Sagar Acharya wrote: Port 25 outgoing is blocked. You were correct. I swotched to port 465 with config action "relay" relay hostsmtps://mydomain.com Such is the error message: Again there is "Network error on destination MXs" mta connecting address=smtps://{ipv4}:465 host={xyz} mta error reason=IO Error: Connection refused smtp-out: Disabling route [] <-> {ipv4} for 15s smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] DNS mydomain.com MX 10 mydomain.com Port 465 is perfectly open from ISP. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 19:58 bytphil...@potion-studios.com: I tested all of the IPs from your output, and all of them listen on port 25 and a smtp server is answering. So if you are relaying to those via port 25, and you get a network error (I guess a timeout), then I guess your outgoing port 25 is blocked. This is relatively common with residential uplinks, ask your ISP to open port 25 for you. That said... I'm only guessing here. On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: I made some progress. I am able to receive mails now but when I send mail fromu...@mydomain.com tosagaracha...@tutanota.com using mutt , I get, result="TempFail" stat="Network error on destination MXs" smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) mta error reason=Connection timeout DNS mydomain.com. 86400 IN MX 10 mail.mydomain.com. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 05:45 bybub...@live.de: Hello, pls show your config file. Mit freundlichen Grüßen, V.Bubnov 01.09.2023, в 21:43, Sagar Acharya написал(а): To enable being able to send
Re: Setting personal mailserver
I checked all network settings. They are perfect. Here is my conf below exactly. There's some issue with it. == smtpd.conf == table aliases file:/etc/smtpd/aliases table whitelist file:/etc/smtpd/whitelist pki humaaraartha.in cert "path_to_fullchain" pki humaaraartha.in key "path_to_privkey" listen on 0.0.0.0 tls pki humaaraartha.in listen on 0.0.0.0 smtps pki humaaraartha.in action "local" maildir alias action "relay" relay host "smtps://humaaraartha.in" mail-from "@humaaraartha.in" match from mail-from for domain "humaaraartha.in" action "local" match for any action "relay" match for local action local #match from any reject = == whitelist = sagaracha...@tutanota.com anotherm...@gmail.com=== Network error on destination MXs. I cannot send mails. I can receive them. Thanking you Sagar Acharya https://humaaraartha.in 3 Sept 2023, 22:26 by alex.misc...@web.de: > Hello Sagar, > > > is the port reachable from your system? Check with netcat: > > > nc -v mydomain.com 465 > > > > Is the certificate chain complete and are you trusting the root CA? > Verify with openssl: > > > openssl s_client -connect mydomain.com:465 > > > > (I assume "mydomain.com" is the anonymized form of your actual domain) > > > > > Also, as has been requested before: If people here offer their help you > should at least be posting your smtpd.conf file > > > > Kind regards, > > > Alex > > > > > On 03.09.23 16:00, Sagar Acharya wrote: > >> I have set spf records, TXT as follows: >> >> "v=spf1 ipv4:{myipv4address} -all" >> >> You can dig them at humaaraartha.in >> >> Everything looks spick and span and the error of >> >> smtp-out: No valid route for >> [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] >> >> still remains. >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 3 Sept 2023, 16:45 by s...@gamindustri.fr: >> >>> Hello, >>> >>> Port 465 with implicit TLS for Submissions isn't outdated since RFC 8314, >>> it's even the recommended way to use Submissions as STARTTLS (mostly used >>> on tcp/587) is a security nightmare. >>> >>> More details in this PR i made two months ago : >>> https://github.com/stalwartlabs/website/pull/1#issue-1812289068 >>> >>> Jarod G. >>> >>> Le 03/09/2023 à 00:26, Reio Remma a écrit : >>> Port 465 is the deprecated SMTPS submission port, you can't send mail to that. If you're trying to send out e-mail from a residential IP (even with an unblocked outoing port 25), you'll find more problems e.g. receiving servers not accepting your e-mails because of your IP having no FCrDNS etc. Good luck Reio On 02.09.2023 21:56, Sagar Acharya wrote: > Port 25 outgoing is blocked. You were correct. I swotched to port 465 > with config > > action "relay" relay host smtps://mydomain.com > > Such is the error message: > Again there is "Network error on destination MXs" > > mta connecting address=smtps://{ipv4}:465 host={xyz} > mta error reason=IO Error: Connection refused > smtp-out: Disabling route [] <-> {ipv4} for 15s > smtp-out: No valid route for > [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] > > DNS > > mydomain.com MX 10 mydomain.com > Port 465 is perfectly open from ISP. > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > 2 Sept 2023, 19:58 by tphil...@potion-studios.com: > >> I tested all of the IPs from your output, and all of them listen on port >> 25 and a smtp server is answering. So if you are relaying to those via >> port 25, and you get a network error (I guess a timeout), then I guess >> your outgoing port 25 is blocked. This is relatively common with >> residential uplinks, ask your ISP to open port 25 for you. >> >> That said... I'm only guessing here. >> >> >> On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: >> >>> I made some progress. I am able to receive mails now but when I send >>> mail from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I >>> get, >>> >>> result="TempFail" stat="Network error on destination MXs" >>> smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: >>> Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: >>> Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) >>> mta error reason=Connection timeout >>> >>> >>> DNS >>> >>> mydomain.com. 86400 IN MX 10 mail.mydomain.com. >>> >>> Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 2 Sept 2023, 05:45 by bub...@live.de: >>> Hello, pls show your config file. Mit freundlichen Grüßen, V.Bubnov > 01.09.2023, в 21:43, Sagar Acharya > написал(а):
Re: Setting personal mailserver
Hello Sagar, is the port reachable from your system? Check with netcat: nc -v mydomain.com 465 Is the certificate chain complete and are you trusting the root CA? Verify with openssl: openssl s_client -connect mydomain.com:465 (I assume "mydomain.com" is the anonymized form of your actual domain) Also, as has been requested before: If people here offer their help you should at least be posting your smtpd.conf file Kind regards, Alex On 03.09.23 16:00, Sagar Acharya wrote: I have set spf records, TXT as follows: "v=spf1 ipv4:{myipv4address} -all" You can dig them at humaaraartha.in Everything looks spick and span and the error of smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] still remains. Thanking you Sagar Acharya https://humaaraartha.in 3 Sept 2023, 16:45 by s...@gamindustri.fr: Hello, Port 465 with implicit TLS for Submissions isn't outdated since RFC 8314, it's even the recommended way to use Submissions as STARTTLS (mostly used on tcp/587) is a security nightmare. More details in this PR i made two months ago : https://github.com/stalwartlabs/website/pull/1#issue-1812289068 Jarod G. Le 03/09/2023 à 00:26, Reio Remma a écrit : Port 465 is the deprecated SMTPS submission port, you can't send mail to that. If you're trying to send out e-mail from a residential IP (even with an unblocked outoing port 25), you'll find more problems e.g. receiving servers not accepting your e-mails because of your IP having no FCrDNS etc. Good luck Reio On 02.09.2023 21:56, Sagar Acharya wrote: Port 25 outgoing is blocked. You were correct. I swotched to port 465 with config action "relay" relay host smtps://mydomain.com Such is the error message: Again there is "Network error on destination MXs" mta connecting address=smtps://{ipv4}:465 host={xyz} mta error reason=IO Error: Connection refused smtp-out: Disabling route [] <-> {ipv4} for 15s smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] DNS mydomain.com MX 10 mydomain.com Port 465 is perfectly open from ISP. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 19:58 by tphil...@potion-studios.com: I tested all of the IPs from your output, and all of them listen on port 25 and a smtp server is answering. So if you are relaying to those via port 25, and you get a network error (I guess a timeout), then I guess your outgoing port 25 is blocked. This is relatively common with residential uplinks, ask your ISP to open port 25 for you. That said... I'm only guessing here. On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: I made some progress. I am able to receive mails now but when I send mail from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, result="TempFail" stat="Network error on destination MXs" smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) mta error reason=Connection timeout DNS mydomain.com. 86400 IN MX 10 mail.mydomain.com. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 05:45 by bub...@live.de: Hello, pls show your config file. Mit freundlichen Grüßen, V.Bubnov 01.09.2023, в 21:43, Sagar Acharya написал(а): To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say,
Re: Setting personal mailserver
I have set spf records, TXT as follows: "v=spf1 ipv4:{myipv4address} -all" You can dig them at humaaraartha.in Everything looks spick and span and the error of smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] still remains. Thanking you Sagar Acharya https://humaaraartha.in 3 Sept 2023, 16:45 by s...@gamindustri.fr: > Hello, > > Port 465 with implicit TLS for Submissions isn't outdated since RFC 8314, > it's even the recommended way to use Submissions as STARTTLS (mostly used on > tcp/587) is a security nightmare. > > More details in this PR i made two months ago : > https://github.com/stalwartlabs/website/pull/1#issue-1812289068 > > Jarod G. > > Le 03/09/2023 à 00:26, Reio Remma a écrit : > >> Port 465 is the deprecated SMTPS submission port, you can't send mail to >> that. >> >> If you're trying to send out e-mail from a residential IP (even with an >> unblocked outoing port 25), you'll find more problems e.g. receiving servers >> not accepting your e-mails because of your IP having no FCrDNS etc. >> >> Good luck >> Reio >> >> On 02.09.2023 21:56, Sagar Acharya wrote: >> >>> Port 25 outgoing is blocked. You were correct. I swotched to port 465 with >>> config >>> >>> action "relay" relay host smtps://mydomain.com >>> >>> Such is the error message: >>> Again there is "Network error on destination MXs" >>> >>> mta connecting address=smtps://{ipv4}:465 host={xyz} >>> mta error reason=IO Error: Connection refused >>> smtp-out: Disabling route [] <-> {ipv4} for 15s >>> smtp-out: No valid route for >>> [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] >>> >>> DNS >>> >>> mydomain.com MX 10 mydomain.com >>> Port 465 is perfectly open from ISP. >>> Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 2 Sept 2023, 19:58 by tphil...@potion-studios.com: >>> I tested all of the IPs from your output, and all of them listen on port 25 and a smtp server is answering. So if you are relaying to those via port 25, and you get a network error (I guess a timeout), then I guess your outgoing port 25 is blocked. This is relatively common with residential uplinks, ask your ISP to open port 25 for you. That said... I'm only guessing here. On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: > I made some progress. I am able to receive mails now but when I send mail > from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, > > result="TempFail" stat="Network error on destination MXs" > smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: > Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling > route [] <-> 81.3.6.165 (w4.tutanota.de) > mta error reason=Connection timeout > > > DNS > > mydomain.com. 86400 IN MX 10 mail.mydomain.com. > > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > 2 Sept 2023, 05:45 by bub...@live.de: > >> Hello, pls show your config file. >> >> Mit freundlichen Grüßen, V.Bubnov >> >>> 01.09.2023, в 21:43, Sagar Acharya >>> написал(а): >>> >>> To enable being able to send mails from my server, I added tls certs. >>> >>> Now when I send from this email id to u...@mydomain.com , I get the >>> error below. >>> >>> 530 >>> 5.5.1 Invalid command: Must issue an AUTH command first (in reply to >>> MAIL FROM command) >>> >>> Since STARTTLS is working on 25, I think things should go smoothly but >>> it isn't so. Please help. Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: >>> I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: > From the doc (smtpd.conf(5)): > > maildir [pathname [junk]] > Deliver the message to the maildir in pathname if > specified, or by default to ~/Maildir. > > So given your config, you seem to get exactly what you configured. > > For your "whitelist", create the match rules for your domains, and > for everything else use a reject rule at the end. > > > > >>
Re: Setting personal mailserver
Hello, Port 465 with implicit TLS for Submissions isn't outdated since RFC 8314, it's even the recommended way to use Submissions as STARTTLS (mostly used on tcp/587) is a security nightmare. More details in this PR i made two months ago : https://github.com/stalwartlabs/website/pull/1#issue-1812289068 Jarod G. Le 03/09/2023 à 00:26, Reio Remma a écrit : Port 465 is the deprecated SMTPS submission port, you can't send mail to that. If you're trying to send out e-mail from a residential IP (even with an unblocked outoing port 25), you'll find more problems e.g. receiving servers not accepting your e-mails because of your IP having no FCrDNS etc. Good luck Reio On 02.09.2023 21:56, Sagar Acharya wrote: Port 25 outgoing is blocked. You were correct. I swotched to port 465 with config action "relay" relay host smtps://mydomain.com Such is the error message: Again there is "Network error on destination MXs" mta connecting address=smtps://{ipv4}:465 host={xyz} mta error reason=IO Error: Connection refused smtp-out: Disabling route [] <-> {ipv4} for 15s smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] DNS mydomain.com MX 10 mydomain.com Port 465 is perfectly open from ISP. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 19:58 by tphil...@potion-studios.com: I tested all of the IPs from your output, and all of them listen on port 25 and a smtp server is answering. So if you are relaying to those via port 25, and you get a network error (I guess a timeout), then I guess your outgoing port 25 is blocked. This is relatively common with residential uplinks, ask your ISP to open port 25 for you. That said... I'm only guessing here. On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: I made some progress. I am able to receive mails now but when I send mail from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, result="TempFail" stat="Network error on destination MXs" smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) mta error reason=Connection timeout DNS mydomain.com. 86400 IN MX 10 mail.mydomain.com. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 05:45 by bub...@live.de: Hello, pls show your config file. Mit freundlichen Grüßen, V.Bubnov 01.09.2023, в 21:43, Sagar Acharya написал(а): To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail
Re: Setting personal mailserver
Port 465 is the deprecated SMTPS submission port, you can't send mail to that. If you're trying to send out e-mail from a residential IP (even with an unblocked outoing port 25), you'll find more problems e.g. receiving servers not accepting your e-mails because of your IP having no FCrDNS etc. Good luck Reio On 02.09.2023 21:56, Sagar Acharya wrote: Port 25 outgoing is blocked. You were correct. I swotched to port 465 with config action "relay" relay host smtps://mydomain.com Such is the error message: Again there is "Network error on destination MXs" mta connecting address=smtps://{ipv4}:465 host={xyz} mta error reason=IO Error: Connection refused smtp-out: Disabling route [] <-> {ipv4} for 15s smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] DNS mydomain.com MX 10 mydomain.com Port 465 is perfectly open from ISP. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 19:58 by tphil...@potion-studios.com: I tested all of the IPs from your output, and all of them listen on port 25 and a smtp server is answering. So if you are relaying to those via port 25, and you get a network error (I guess a timeout), then I guess your outgoing port 25 is blocked. This is relatively common with residential uplinks, ask your ISP to open port 25 for you. That said... I'm only guessing here. On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: I made some progress. I am able to receive mails now but when I send mail from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, result="TempFail" stat="Network error on destination MXs" smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) mta error reason=Connection timeout DNS mydomain.com. 86400 IN MX 10 mail.mydomain.com. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 05:45 by bub...@live.de: Hello, pls show your config file. Mit freundlichen Grüßen, V.Bubnov 01.09.2023, в 21:43, Sagar Acharya написал(а): To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Re: Setting personal mailserver
Port 25 outgoing is blocked. You were correct. I swotched to port 465 with config action "relay" relay host smtps://mydomain.com Such is the error message: Again there is "Network error on destination MXs" mta connecting address=smtps://{ipv4}:465 host={xyz} mta error reason=IO Error: Connection refused smtp-out: Disabling route [] <-> {ipv4} for 15s smtp-out: No valid route for [connector:[]->[relay:mydomain.com,port=465,smtps,mx],0x0] DNS mydomain.com MX 10 mydomain.com Port 465 is perfectly open from ISP. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 19:58 by tphil...@potion-studios.com: > I tested all of the IPs from your output, and all of them listen on port 25 > and a smtp server is answering. So if you are relaying to those via port 25, > and you get a network error (I guess a timeout), then I guess your outgoing > port 25 is blocked. This is relatively common with residential uplinks, ask > your ISP to open port 25 for you. > > That said... I'm only guessing here. > > > On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: > >> I made some progress. I am able to receive mails now but when I send mail >> from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, >> >> result="TempFail" stat="Network error on destination MXs" >> smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: >> Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling >> route [] <-> 81.3.6.165 (w4.tutanota.de) >> mta error reason=Connection timeout >> >> >> DNS >> >> mydomain.com. 86400 IN MX 10 mail.mydomain.com. >> >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 2 Sept 2023, 05:45 by bub...@live.de: >> >>> Hello, pls show your config file. >>> >>> Mit freundlichen Grüßen, V.Bubnov >>> 01.09.2023, в 21:43, Sagar Acharya написал(а): To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: > I used mutt for accessing mail. I still am unable to send mail using my > server. I can receive mails. > > I also completed the whitelist. How can I do this? > > I want to allow access only upto 25MB attachments from whitelisted emails > and allow only 1email (only text based) per day from non-whitelisted > emails. How do I do that? > > How do I limit overall size of mailbox and auto-delete old mails? > > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > 1 Sept 2023, 14:04 by tphil...@potion-studios.com: > >> From the doc (smtpd.conf(5)): >> >> maildir [pathname [junk]] >> Deliver the message to the maildir in pathname if >> specified, or by default to ~/Maildir. >> >> So given your config, you seem to get exactly what you configured. >> >> For your "whitelist", create the match rules for your domains, and for >> everything else use a reject rule at the end. >> >> >> >> >>> On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: >>> >>> I got a mail, which lies in Maildir, however no mailbox is configured. >>> Is there a default mailbox in alpine and how do I access the mail >>> contents in >>> >>> ~/Maildir >>> >>> My mails are under >>> >>> ~/Maildir/new/ >>> >>> Also, how do I whitelist email ids, say, I want mails only from >>> >>> f...@bar.com >>> f...@bar2.com >>> f...@bar3.com >>> >>> That's it, no other mails. >>> Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: >>> How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: > > > On Wed, 30 Aug 2023, Sagar Acharya wrote: > >> I'm facing an issue similar to a person a while ago available on >> archive. I use alpine, and the conf is as below >> >> There is nothing in the mailbox. >> > > Are you looking with alpine, or with CLI tools like ls? Use CLI
Re: Setting personal mailserver
I tested all of the IPs from your output, and all of them listen on port 25 and a smtp server is answering. So if you are relaying to those via port 25, and you get a network error (I guess a timeout), then I guess your outgoing port 25 is blocked. This is relatively common with residential uplinks, ask your ISP to open port 25 for you. That said... I'm only guessing here. On Sat, Sep 02, 2023 at 03:52:37PM +0200, Sagar Acharya wrote: I made some progress. I am able to receive mails now but when I send mail from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, result="TempFail" stat="Network error on destination MXs" smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) mta error reason=Connection timeout DNS mydomain.com. 86400 IN MX 10 mail.mydomain.com. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 05:45 by bub...@live.de: Hello, pls show your config file. Mit freundlichen Grüßen, V.Bubnov 01.09.2023, в 21:43, Sagar Acharya написал(а): To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Re: Setting personal mailserver
I made some progress. I am able to receive mails now but when I send mail from u...@mydomain.com to sagaracha...@tutanota.com using mutt , I get, result="TempFail" stat="Network error on destination MXs" smtp-out: Enabling route [] <-> 81.3.6.162 (w1.tutanota.de) smtp-out: Enabling route [] <-> 185.205.69.211 (185.205.69.211) smtp-out: Enabling route [] <-> 81.3.6.165 (w4.tutanota.de) mta error reason=Connection timeout DNS mydomain.com. 86400 IN MX 10 mail.mydomain.com. Thanking you Sagar Acharya https://humaaraartha.in 2 Sept 2023, 05:45 by bub...@live.de: > Hello, pls show your config file. > > Mit freundlichen Grüßen, V.Bubnov > >> 01.09.2023, в 21:43, Sagar Acharya написал(а): >> >> To enable being able to send mails from my server, I added tls certs. >> >> Now when I send from this email id to u...@mydomain.com , I get the error >> below. >> >> 530 >> 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL >> FROM command) >> >> Since STARTTLS is working on 25, I think things should go smoothly but it >> isn't so. Please help. >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: >> >>> I used mutt for accessing mail. I still am unable to send mail using my >>> server. I can receive mails. >>> >>> I also completed the whitelist. How can I do this? >>> >>> I want to allow access only upto 25MB attachments from whitelisted emails >>> and allow only 1email (only text based) per day from non-whitelisted >>> emails. How do I do that? >>> >>> How do I limit overall size of mailbox and auto-delete old mails? >>> >>> Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 1 Sept 2023, 14:04 by tphil...@potion-studios.com: >>> From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. > On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: > > I got a mail, which lies in Maildir, however no mailbox is configured. Is > there a default mailbox in alpine and how do I access the mail contents in > > ~/Maildir > > My mails are under > > ~/Maildir/new/ > > Also, how do I whitelist email ids, say, I want mails only from > > f...@bar.com > f...@bar2.com > f...@bar3.com > > That's it, no other mails. > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: > >> How do I do that? What CLI tool do I use? >> >> While starting the daemon, the configuration is OK as given in prompt. >> >> With the DNS configuration I have, where can I send a mail, at >> u...@mydomain.com or at u...@mail.mydomain.com ? >> >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 31 Aug 2023, 01:06 by stu...@gathman.org: >> >>> >>> >>> On Wed, 30 Aug 2023, Sagar Acharya wrote: >>> I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. >>> >>> Are you looking with alpine, or with CLI tools like ls? Use CLI tools >>> to check that you've configured smtpd to store incoming mail where you >>> think you have. >>> >>> I go so far as to use raw IPv6 for personal mailbox on various overlay >>> mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated >>> IPs independent of any ISP). I just caught up with an online friend >>> that moved from Hawaii to New York. Still works despite changes in ISP >>> and ICANN domains. >>>
Re: Setting personal mailserver
If you want to apply the logic you are asking for to emails that are transmitted, I think you need to work with custom filters for specific logic (e.g. looking only at attachment size, per day limits, etc.). There is no "here you go" answer to that, or simple smtpd.conf statements that would do what you want. For overall message size you can use max-message-size (see smtpd.conf(5)), but this doesn't sound like it fits your requirement. That said: I also think you need to dig deeper into how email works, in general, and read the docs, thoroughly. Your questions here are either very broad, or they simply don't apply to this mailing list. For example you are asking here how to limit the overall size of the mailbox and auto-delete old mails: the answer to that is, that it's simply not the SMTP server's job to do any of that, as SMTP is about email transmission, not about mailboxes. In your case (from your original config example), your mailbox is a maildir on disk, which you could limit with file system tools, but you could use other message delivery agents (MDA) to have finer control of what ends up where. Read up on them. Either way, this is the wrong mailing list for that. On Fri, Sep 01, 2023 at 05:22:20PM +0200, Sagar Acharya wrote: I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Re: Setting personal mailserver
The error is clear: whatever you connect to requires authentification, before submitting the mail. So, provide that info. Authentication is not TLS encryption, so no idea what you mean by you added TLS certs and that STARTTLS should make it work: it's simply not authentication. On Fri, Sep 01, 2023 at 09:42:17PM +0200, Sagar Acharya wrote: To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Re: Setting personal mailserver
To enable being able to send mails from my server, I added tls certs. Now when I send from this email id to u...@mydomain.com , I get the error below. 530 5.5.1 Invalid command: Must issue an AUTH command first (in reply to MAIL FROM command) Since STARTTLS is working on 25, I think things should go smoothly but it isn't so. Please help. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 20:52 by sagaracha...@tutanota.com: > I used mutt for accessing mail. I still am unable to send mail using my > server. I can receive mails. > > I also completed the whitelist. How can I do this? > > I want to allow access only upto 25MB attachments from whitelisted emails and > allow only 1email (only text based) per day from non-whitelisted emails. How > do I do that? > > How do I limit overall size of mailbox and auto-delete old mails? > > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > 1 Sept 2023, 14:04 by tphil...@potion-studios.com: > >> From the doc (smtpd.conf(5)): >> >> maildir [pathname [junk]] >> Deliver the message to the maildir in pathname if >> specified, or by default to ~/Maildir. >> >> So given your config, you seem to get exactly what you configured. >> >> For your "whitelist", create the match rules for your domains, and for >> everything else use a reject rule at the end. >> >> >> >> >> On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: >> >>> I got a mail, which lies in Maildir, however no mailbox is configured. Is >>> there a default mailbox in alpine and how do I access the mail contents in >>> >>> ~/Maildir >>> >>> My mails are under >>> >>> ~/Maildir/new/ >>> >>> Also, how do I whitelist email ids, say, I want mails only from >>> >>> f...@bar.com >>> f...@bar2.com >>> f...@bar3.com >>> >>> That's it, no other mails. >>> Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: >>> How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: > > > On Wed, 30 Aug 2023, Sagar Acharya wrote: > >> I'm facing an issue similar to a person a while ago available on >> archive. I use alpine, and the conf is as below >> >> There is nothing in the mailbox. >> > > Are you looking with alpine, or with CLI tools like ls? Use CLI tools to > check that you've configured smtpd to store incoming mail where you think > you have. > > I go so far as to use raw IPv6 for personal mailbox on various overlay > mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs > independent of any ISP). I just caught up with an online friend that > moved from Hawaii to New York. Still works despite changes in ISP and > ICANN domains. >
Re: Setting personal mailserver
I used mutt for accessing mail. I still am unable to send mail using my server. I can receive mails. I also completed the whitelist. How can I do this? I want to allow access only upto 25MB attachments from whitelisted emails and allow only 1email (only text based) per day from non-whitelisted emails. How do I do that? How do I limit overall size of mailbox and auto-delete old mails? Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 14:04 by tphil...@potion-studios.com: > From the doc (smtpd.conf(5)): > > maildir [pathname [junk]] > Deliver the message to the maildir in pathname if > specified, or by default to ~/Maildir. > > So given your config, you seem to get exactly what you configured. > > For your "whitelist", create the match rules for your domains, and for > everything else use a reject rule at the end. > > > > > On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: > >> I got a mail, which lies in Maildir, however no mailbox is configured. Is >> there a default mailbox in alpine and how do I access the mail contents in >> >> ~/Maildir >> >> My mails are under >> >> ~/Maildir/new/ >> >> Also, how do I whitelist email ids, say, I want mails only from >> >> f...@bar.com >> f...@bar2.com >> f...@bar3.com >> >> That's it, no other mails. >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: >> >>> How do I do that? What CLI tool do I use? >>> >>> While starting the daemon, the configuration is OK as given in prompt. >>> >>> With the DNS configuration I have, where can I send a mail, at >>> u...@mydomain.com or at u...@mail.mydomain.com ? >>> >>> Thanking you >>> Sagar Acharya >>> https://humaaraartha.in >>> >>> >>> >>> 31 Aug 2023, 01:06 by stu...@gathman.org: >>> On Wed, 30 Aug 2023, Sagar Acharya wrote: > I'm facing an issue similar to a person a while ago available on archive. > I use alpine, and the conf is as below > > There is nothing in the mailbox. > Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Re: Setting personal mailserver
From the doc (smtpd.conf(5)): maildir [pathname [junk]] Deliver the message to the maildir in pathname if specified, or by default to ~/Maildir. So given your config, you seem to get exactly what you configured. For your "whitelist", create the match rules for your domains, and for everything else use a reject rule at the end. On Fri, Sep 01, 2023 at 09:59:31AM +0200, Sagar Acharya wrote: I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Re: Setting personal mailserver
I got a mail, which lies in Maildir, however no mailbox is configured. Is there a default mailbox in alpine and how do I access the mail contents in ~/Maildir My mails are under ~/Maildir/new/ Also, how do I whitelist email ids, say, I want mails only from f...@bar.com f...@bar2.com f...@bar3.com That's it, no other mails. Thanking you Sagar Acharya https://humaaraartha.in 1 Sept 2023, 12:42 by sagaracha...@tutanota.com: > How do I do that? What CLI tool do I use? > > While starting the daemon, the configuration is OK as given in prompt. > > With the DNS configuration I have, where can I send a mail, at > u...@mydomain.com or at u...@mail.mydomain.com ? > > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > 31 Aug 2023, 01:06 by stu...@gathman.org: > >> >> >> On Wed, 30 Aug 2023, Sagar Acharya wrote: >> >>> I'm facing an issue similar to a person a while ago available on >>> archive. I use alpine, and the conf is as below >>> >>> There is nothing in the mailbox. >>> >> >> Are you looking with alpine, or with CLI tools like ls? Use CLI tools >> to check that you've configured smtpd to store incoming mail where you >> think you have. >> >> I go so far as to use raw IPv6 for personal mailbox on various overlay >> mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated >> IPs independent of any ISP). I just caught up with an online >> friend that moved from Hawaii to New York. Still works despite changes >> in ISP and ICANN domains. >>
Re: Setting personal mailserver
How do I do that? What CLI tool do I use? While starting the daemon, the configuration is OK as given in prompt. With the DNS configuration I have, where can I send a mail, at u...@mydomain.com or at u...@mail.mydomain.com ? Thanking you Sagar Acharya https://humaaraartha.in 31 Aug 2023, 01:06 by stu...@gathman.org: > > > On Wed, 30 Aug 2023, Sagar Acharya wrote: > >> I'm facing an issue similar to a person a while ago available on >> archive. I use alpine, and the conf is as below >> >> There is nothing in the mailbox. >> > > Are you looking with alpine, or with CLI tools like ls? Use CLI tools > to check that you've configured smtpd to store incoming mail where you > think you have. > > I go so far as to use raw IPv6 for personal mailbox on various overlay > mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated > IPs independent of any ISP). I just caught up with an online > friend that moved from Hawaii to New York. Still works despite changes > in ISP and ICANN domains. >
Re: Setting personal mailserver
On Wed, 30 Aug 2023, Sagar Acharya wrote: I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below There is nothing in the mailbox. Are you looking with alpine, or with CLI tools like ls? Use CLI tools to check that you've configured smtpd to store incoming mail where you think you have. I go so far as to use raw IPv6 for personal mailbox on various overlay mesh vpns like Cjdns and Yggdrasil (giving you personal authenticated IPs independent of any ISP). I just caught up with an online friend that moved from Hawaii to New York. Still works despite changes in ISP and ICANN domains.
Setting personal mailserver
I'm facing an issue similar to a person a while ago available on archive. I use alpine, and the conf is as below table aliases file:/etc/smtpd/aliases listen on eth0 action "local" maildir alias action "relay" relay match from any for domain "mydomain.com" action "local" match for local action "local" match from local for any action "relay" DNS -- mail.mydomain.com. MX 10 mydomain.com.-- smtpd is running and when I send a mail to u...@mydomain.com or u...@mail.mydomain.com There is nothing in the mailbox. Thanking you Sagar Acharya https://humaaraartha.in