anything.
On Wed, Feb 26, 2020 at 3:56 AM Denis Fateyev wrote:
> Beside the real vulnerability, what is interesting that Qualys used an
> outdated Fedora package to prepare the report:
>
> On Linux, this vulnerability is generally not exploitable because
> /proc/sys/fs/protected_har
Beside the real vulnerability, what is interesting that Qualys used an
outdated Fedora package to prepare the report:
On Linux, this vulnerability is generally not exploitable because
/proc/sys/fs/protected_hardlinks prevents attackers from creating
hardlinks to files they do not own. On Fedora
On Mon, Sep 30, 2019 at 01:55:28PM +, gil...@poolp.org wrote:
> Hello,
>
> I'd like to bring native support for SPF in OpenSMTPD in a future release,
> but for this I need a bit of help to make sure my SPF resolver works fine.
>
> I have created a repository with a standalone executable that
mtpd/ca.c" with:
- *errstr = X509_verify_cert_error_string(xsc->error);
+ *errstr = X509_verify_cert_error_string(X509_STORE_CTX_get_error(xsc));
But as for rsae-specific, it should be more complicated.
I remember an old openssl-1.1.x compat patch, where RSA methods were
explicitly defined.
---
wbr, Denis.
ly --with-linker-hash-style=gnu --enable-plugin
--enable-initfini-array --with-isl --enable-offload-targets=nvptx-none
--without-cuda-driver --enable-gnu-indirect-function --enable-cet
--with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
Thread model: posix
gcc version 9.1.1 20190503 (Red Hat 9.1.1-1) (GCC)
---
wbr, Denis.
Trying to make ppp connection using pty - pseudo terminal driver:
/usr/sbin/pppd ptyp0 noccp novj novjccomp nopcomp coaccomp noauth debug
passive updetach name -client connect 'stunnel /etc/stunnel/client.conf'
tail /var/log/messages
pppd[12698]: pppd 2.3.5 started by user, uid 0
pppd[12698]:
Still beating with real user delivery "5.2.4 error". What should I do to
have mail delivery working between real users registered on a mail server?
On 8/19/2018 12:56 AM, Denis wrote:
> Hi there,
>
> After "upgrade" OpenSMTPd to 6.4.0 (smtpd.conf syntax has b
users table? Please also let
> me know if you use a userbase table and share it as well. Also, are the
> forwards going through a .forward file?
>
> On Sep 7, 2018 2:44 PM, "Denis" <mailto:den...@mindall.org>> wrote:
>
> Since /etc/myname changed to a
9/7/2018 10:34 PM, Matt Schwartz wrote:
> Can you share your smtpd.conf and virtual users table? Please also let
> me know if you use a userbase table and share it as well. Also, are the
> forwards going through a .forward file?
>
> On Sep 7, 2018 2:44 PM, "Denis"
What is new syntax for blacklist filtering in OpenSMTPd 6.4.0 smtpd.conf?
# filter dnsbl-sorbsdnsbl "-h dnsbl.sorbs.net"
# filter dnsbl-spamcop dnsbl "-h bl.spamcop.net"
# filter dnsbl-spamhaus dnsbl "-h zen.spamhaus.org"
# filter dnsbl-all chain dnsbl-sorbs dnsbl-spamcop
s=12.34.56.78 host=12.34.56.78
command="RCPT TO:" result="524 5.2.4 Mailing list
expansion problem"
...
Outgoing mail sends well. Incoming mail receives well too.
opensmtpd works with dovecot imap together.
Any advises will be highly appreciated.
On 8/19/2018 12:57 PM, Denis
Found that "from local" doesn't match authenticated senders anymore.
match auth from any for any action "outbound"
solve the issue.
On 8/19/2018 1:12 AM, Denis wrote:
> Getting '550 Invalid recipient' every time when I try to send a message
> to misc@opensmtpd.org
Solved. The problem was with /etc/myname which has the same name as one
of virtual domains used for smtpd.
On 8/19/2018 12:56 AM, Denis wrote:
> Hi there,
>
> After "upgrade" OpenSMTPd to 6.4.0 (smtpd.conf syntax has been
> corrected) from OpenBSD -current having trouble
d.org" and try again'
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
in table static: -> found
77205978ce2bed68 smtp failed-command address=local host=domain.tld
command="RCPT TO: " result="524 5.2.4 Mailing list
expansion problem"
debug: control -> client: pipe closed
debug: clearing p=client, fd=11, pid=0
77205978ce2bed68 smtp disconnected address=local host=domain.tld
reason=disconnect
...
What can be wrong?
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
ers lease time determining). Hope this helpful information will
be returned back in additional to dhcpd server's MAC added in 6.3.
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
One minor problem with "Bonus: tool-stats script" from the tutorial.
# cat /scripts/log-stat.sh
#!/bin/sh
/usr/bin/zcat /var/log/maillog.*.gz \
| /usr/local/bin/tool-stats \
| /usr/bin/mail -s "smtpd log report" root
returns:
tool-stats: strptime failed line 1: Undefined error: 0
Hello,
Having fully working OpenSMTPd setup with PostgreSQL user auth.
While starting 'smptd -dvv' OR 'rcctl start smtpd' it starts as expected
until next reboot.
It is enabled by default in '/etc/rc.conf' by setting 'smtpd_flags=' flag.
'/etc/rc.conf.local' has no any 'smtpd_flags=' flags in
, pass FROM users WHERE user=$1 AND active='1'
query_userinfo SELECT CONCAT (user, realm) AS user, uid, gid FROM users
WHERE user=$1 AND active='1'
The database schema can be any, queries can be made by changing table
names and columns in /etc/mail/pgsql.conf according to schema.
---
Denis
On 3/27
?
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
package
replies for PGSQL database connection.
Denis
On 3/24/2018 2:56 PM, Reio Remma wrote:
>
>
> On 24 Mar 2018, at 12:42, Denis <den...@mindall.org
> <mailto:den...@mindall.org>> wrote:
>
>> I've just tried all the variants.
>>
>> user:pas
for SMTP.
Tried both ways for username: 'u...@domain.com' and 'user'. The
/etc/mail/user_password file is shared for both Dovecot and OpenSMTPd.
2. On mail server machine as user agent I set up mutt 1.9 for tests. It
works on port 25 w/o auth. Mails send successfully by mutt.
Denis
On 3/23/2018 4
f you use pigeonhole you can
add a global sieve script to copy email to another recipient.
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>
I don't think it is a good idea to add a deprecated interface. The tools should
be fixed instead of adding useless settings to opensmtpd.
I understand this move can help promote opensmtpd usage.
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscri
On Dec 24, 2015 7:31 PM, "Gilles Chehade" <gil...@poolp.org> wrote:
> On Thu, Dec 24, 2015 at 07:17:12PM +0600, Denis Fateyev wrote:
> >
> > Well, you asked what distributions packagers thought, and I presented it
> > from point of the specific distr
ore, and there are
no plans to do it now.
As you might realize, linking Libressl statically is also not an option.
In my opinion, there is no point to forcibly depend on Libressl unless big
commercial players are interested in it.
--
wbr, Denis.
ts on switching to libressl are quite logical, but I don't see a
straight way how to do it in RHEL and Fedora considering all above.
By the way, how about GnuTLS support?
--
wbr, Denis.
are there open relay when ' accept from local for any relay' is replaced .
Nope !
from local means that only the machine running OpenSMTPd or any
*authenticated* client can relay.
Moreover, if no rule is matching then OpenSMTPd rejects the mail (default
setting = secure setting)
--
You
5)boot linux's thundrbird , but thunderbird cannot recognize mail server .
What does cannot recognize mean ? Any error message ?
Can you access your smtp server from telnet ?
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to:
if this is still true.
I installed it on a low traffic mailing-list server and it seems to work
without a itch so far.
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
... no
checking db1/db.h presence... no
checking for db1/db.h... no
configure: error: *** Can't find Berkeley DB headers (see config.log for
details) ***
--
wbr, Denis.
OK. Beside that, no issues found.
Tested basic send / receive messages on RHEL 6-7 and Fedora 22.
Successfully compiles on RHEL 6-7, Fedora 20-22.
P.S. Any news on libasr update? I mean better to know its update plans to
test it with the next major opensmtpd release.
--
wbr, Denis.
On Wed
2- DNSSEC is still painful to setup, no one does it unfortunately :-/
More precisely, it is easy to setup and painful to manage :D
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Hi,
piece of my smtpd.conf
table credentials file:/etc/mail/credentials
listen on re0 port 587 tls-require pki mail.darkmail.mx auth credentials
Take a look at smtpctl update table ;)
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe
Hi Gilles,
I read : #OpenSMTPD developers can now ssh a FreeBSD or Linux system by doing
'ssh system-version@portable.opensmtpd.org'
Would you mind to document the architecture and how you did it ?
Thank you in advance,
Denis
--
You received this mail because you are subscribed to misc
Is there a repository somewhere that I could go search through before I bug
you kind folks with my silly questions?
http://dir.gmane.org/gmane.mail.opensmtpd.general
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to:
On Tue, Feb 3, 2015 at 2:08 AM, Gilles Chehade gil...@poolp.org wrote:
On Tue, Feb 03, 2015 at 02:07:25AM +0600, Denis Fateyev wrote:
On Tue, Feb 3, 2015 at 1:52 AM, Eric Faurot e...@poolp.org wrote:
On Tue, Feb 03, 2015 at 12:04:51AM +0600, Denis Fateyev wrote:
Just a small
On Tue, Feb 3, 2015 at 1:52 AM, Eric Faurot e...@poolp.org wrote:
On Tue, Feb 03, 2015 at 12:04:51AM +0600, Denis Fateyev wrote:
Just a small nit-picking. Once was a discussion about license
filename spelling.
[1]https://www.mail-archive.com/misc@opensmtpd.org/msg01513.html
Just a small nit-picking. Once was a discussion about license filename
spelling.
https://www.mail-archive.com/misc@opensmtpd.org/msg01513.html
Not a problem at all, but *might* be a small cleanup.
---
wbr, Denis.
Can you give us a peek at your smtpd.conf file ?
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
between EN_GB and EN_US was one that always irritated me.
On 12/27/2014 03:56 PM, Hugo Osvaldo Barrera wrote:
On 2014-12-28 05:01, Denis Fateyev wrote:
In English both versions are possible.
But 'license' indeed sounds better, IMO.
I'm just pointing out that different tarballs
Tested on RHEL6 and Fedora 20 with opensmtpd-5.4.4-rc2, no regressions
found.
--
wbr, Denis.
On Thu, Dec 18, 2014 at 8:00 PM, Gilles Chehade gil...@poolp.org wrote:
On Thu, Dec 18, 2014 at 02:57:52PM +0100, gilles chehade wrote:
A new libasr snapshot is available at:
http
Hello there,
Tested on RHEL6,7 and Fedora 19,20,21 with the latest libasr snapshot
(201412141738), haven't seen any errors.
Seems now it's fine.
I think, it's time to introduce libasr release numeration (0.1, 1.0, or
whatever you like.)
--
wbr, Denis.
On Sun, Dec 14, 2014 at 10:30 PM, Gilles
I saw that with 5.4.4-rc1.
Not sure in which recent snapshot it has been introduced.
I'll do some checks with previous snapshots today or tomorrow when time
permits..
--
wbr, Denis.
On Sun, Dec 14, 2014 at 6:35 PM, Gilles Chehade gil...@poolp.org wrote:
Do you experience this with snapshots
this :-/
--
wbr, Denis.
host denis.ledeuns.net
[IPv6:2001:7a8:b5ad::10:10]
lookup: check ipv6:2001:7a8:b5ad::10:10 as NETADDR in table static:anyhost
- found
lookup: check ledeuns.net as DOMAIN in table static:local_domain_list - found
lookup: lookup open...@ledeuns.net as ALIAS in table static:local_address_list
- denis
You have to use relay via instead of deliver because with deliver,
OpenSMTPD needs to convert the full email address to a local user. Also,
relay via can only communicate with LMTP via TCP, sadly UNIX sockets don't
work.
Delivery via unix socket works at least with version: OpenSMTPD
Hi Eric,
I'm running a Mail server based on Dovecot and Postfix for 2 years now
without problem and would like to try OpenSMTPD instead of Sendmail.
Where can I find an user documentation?
The best documentation you will find is man smtpd.conf. You may find
some tricks on the mailing-list
Thanks, May you give me the link for the mailing list archive?
http://marc.info/?l=opensmtpd-misc
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
(1...@fc20-amd64.svc.denode.net [local]);
etc.
Sometimes, expose that is not good for security purposes.
--
wbr, Denis.
On Thu, Oct 2, 2014 at 1:03 AM, gil...@poolp.org wrote:
A new libasr snapshot is available at:
http://www.opensmtpd.org/archives/libasr-201410012101.tar.gz
:
User binaries: /usr/bin
System binaries: /usr/sbin
Configuration files: /etc
Manual pages: /usr/share/man/manX
Manpage format: man
BSD Auth support: no
--
wbr, Denis.
On Fri, Jul
description:
http://en.wikipedia.org/wiki/Pkg-config#Synopsis
http://people.freedesktop.org/~dbn/pkg-config-guide.html
--
wbr, Denis.
not simple a neutral name like delivery, or something like that? The
same for klondike.
--
wbr, Denis.
to have configure only;
like we have in `opensmtpd`;
3) Pkgconfig support (.pc file).
--
wbr, Denis.
Hi Gilles,
Is your machine named mx2.backdom.fr ?
Your guess is perfectly right :)
The machine is not named mx2.backdom.fr.
The configuration file and logs are very important to debug this, there
is so much we can guess :-p
I will send these in private.
Thank you,
Denis
--
You
Le 15/04/2014 06:47, Martin Braun a C)crit :
And OpenSMTPD is crashed.
Is this a bug or have I messed up the configuration?
I really hope this would a misconfiguration as I have the same problem
(OpenSMTPd latest snapshot with Debian 7.0 amd64) :p
No problem with table uauth { denis
/archives/opensmtpd-portable-latest.tar.gz
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
mydomain.tld auth
accept from any for domain mydomain.tld relay via smtp://server-in-dmz.ip
accept for any relay
---8---
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
/imobD6XRaYHZFOh0OdXQYcMiBTZ/EWzgH1mJRfJUjubvC:5000:5000::/home/mail/myself:/bin/nologin
(password generated with `doveadm pw -s BLF-CRYPT`)
Denis
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
.gz' missing in alternatives with postfix packagers, because they
haven't included it there for some reasons.
---
wbr, Denis.
On Thu, Jan 9, 2014 at 8:00 PM, Michiel van Es m...@protegam.nl wrote:
How do I force an install with yum?
I am only aware of the rpm commands like --nodeps etc
to `/etc/alternatives/mta-pam'
[root@fc19-amd64 x86_64]# file /etc/alternatives/mta-pam
/etc/alternatives/mta-pam: symbolic link to `/etc/pam.d/smtp.opensmtpd'
---
wbr, Denis.
Hello Gilles,
Is that issue settled out? I mean, do you have any plans to re-work the
code related to SNI, or that quick fix is finally decided to be the
permanent solution?
Thanks,
---
wbr, Denis.
On Sun, Dec 15, 2013 at 1:57 AM, Gilles Chehade gil...@poolp.org wrote:
On Sat, Dec 14, 2013
system build.
If other maintainers change their opinion on that (Debian with putting
config into `/etc`, and Archlinux with shipping a dedicated aliases file),
it can be discussed again.
---
wbr, Denis.
. I think it should be ok.
---
wbr, Denis.
Most packager expect this behavior.
$ grep -ri sysconfdir=/etc/ /var/abs |egrep
(light|xorg|openssh|openldap|squid|quagga|pdns)
/var/abs/community/pdns/PKGBUILD:--sysconfdir=/etc/powerdns \
/var/abs/community/quagga/PKGBUILD:--sysconfdir
/opensmtpd` in %{sysconfdir} - we got `/etc/opensmtpd/aliases`
in the default config which is wrong.
---
wbr, Denis.
snapshots for test purposes, as well. All packages are
signed with my RPM gpg-key Denis Fateyev de...@fateyev.com (0x5679927F).
Feel free to grab, test and rebuild. Comments, suggestions and improvements
are welcome.
---
wbr, Denis.
now. Worked on the previous snapshot from somwhere around the
middle of August. The certs are there in /etc/opensmtpd/certs - I'm not
sure what the problem is here, can anyone give me a hint?
You should read [1] for an explanation
Denis
[1] http://article.gmane.org
spec:
%configure \
--sysconfdir=%{_sysconfdir}/opensmtpd \
--libexecdir=%{_libexecdir}/opensmtpd \
I get: `/etc/opensmtpd` as sysconfdir, and `/usr/libexec/opensmtpd/smtpd`
(instead of the expected `/usr/libexec/opensmtpd`) as libexecdir.
---
wbr, Denis.
to mbox
accept for any relay
--
If I launch smtpctl schedule all, OpenSMTPd will try to send it
remotely again.
How to tell OpenSMTPd it should deliver it locally now ?
Denis
--
You received this email because you are subscribed to the misc@opensmtpd.org
list
To unsubscribe, send mail
.
Won't a more open rule change my server into an open-relay ?
Yes, that's on purpose: the rule is first match wins
And it is in the manual and haven't seen it before :/
Denis
--
You received this email because you are subscribed to the misc@opensmtpd.org
list
To unsubscribe, send mail
:
https://poolp.org/0xc7/OpenSMTPD-mailing-list
Denis
--
You received this email because you are subscribed to the misc@opensmtpd.org
list
To unsubscribe, send mail with subject: [misc@opensmtpd.org] unregister
Hello Gilles,
Answered with two tiny issues on Github ;-)
---
wbr, Denis.
On Wed, Jul 31, 2013 at 9:19 PM, Gilles Chehade gil...@poolp.org wrote:
--- skipped ---
If you have questions, feel free to ask ;-)
these parameters can be put in different places, I used code
directly as the easiest way to show the idea itself.
The most important if it can be implemented (this or another way), you can
change the approach according project's coding standards.
---
wbr, Denis.
Hello there,
I'm working with opensmtpd on linux (centos). I haven't found any options
for opensmtpd PID file creation (like PidFile in openssh server config.) Is
this feature not supported yet?
---
wbr, Denis.
, Denis.
On Tue, Jun 11, 2013 at 5:21 PM, Gilles Chehade gil...@poolp.org wrote:
On Tue, Jun 11, 2013 at 04:45:59PM +0600, Denis Fateyev wrote:
Hello there,
Hello,
I'm working with opensmtpd on linux (centos). I haven't found any options
for opensmtpd PID file creation (like PidFile
, Denis.
f22ab30f on
session f22ab30f: from=r...@ovz1-i386.xx.com, size=279,
nrcpts=1, proto=ESMTP
Jun 11 17:08:12 ovz1-i386 p[27613]: smtp-in: Closing session
f22ab30f
---
wbr, Denis.
77 matches
Mail list logo