date:20150728

Re: SSL/TLS

2015-07-28 Thread SSL



thanks for advices .

i rewite smtpd.conf

pki mail.aoiyuma.mydns.jp certificate /etc/ssl/mail.aoiyuma.mydns.jp.crt
pki mail.aoiyuma.mydns.jp key /etc/ssl/private/mail.aoiyuma.mydns.jp.key
listen on lo0
listen on em0 port 25  tls pki mail.aoiyuma.mydns.jp auth
listen on em0 port 465 tls pki mail.aoiyuma.mydns.jp auth
listen on em0 port 587 tls pki mail.aoiyuma.mydns.jp auth
table aliases db:/etc/mail/aliases.db
accept from any for domain aoiyuma.mydns.jp   alias aliases 
deliver to maildir
accept from any for domain aoiyuma.mydns.jp   
deliver to maildir
accept for localalias aliases 
deliver to maildir
accept for local
deliver to maildir

mynetwork1 = 6.2.6.2/32
mynetwork2 = 114.22.25.247/32
accept from source $mynetwork1 for any relay
accept from source $mynetwork2 for any relay
reject from any for any

thunderbird automativally detects mail server .
about smtp
---
authentification nethod : passeword , transmitted insecurely
conectio security:none

perhaps TLS does not run .

so
--
accept for local alias aliases deliver to mda /usr/local/bin/maildrop 
-f -

accept from any for domain aoiyuma.mydns.jp \
deliver to mda /usr/local/bin/maildrop -f -
or like is needed ?

-
regards




--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: SSL/TLS

2015-07-28 Thread Mariano Baragiola

In my experience, Thunderbird auto-configuration is not good.

Configure it manually, choosing STARTTLS as the encryption method.

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: SSL/TLS

2015-07-28 Thread SSL




On 2015e9407f28f% 19:18, Mariano Baragiola wrote:

In my experience, Thunderbird auto-configuration is not good.

Configure it manually, choosing STARTTLS as the encryption method.


thanks lot .

i rewrite smtpd.conf


pki mail.aoiyuma.mydns.jp certificate /etc/ssl/mail.aoiyuma.mydns.jp.crt
pki mail.aoiyuma.mydns.jp key /etc/ssl/private/mail.aoiyuma.mydns.jp.key

listen on lo0
listen on em0 port 25  tls pki mail.aoiyuma.mydns.jp auth
listen on em0 port 465 tls pki mail.aoiyuma.mydns.jp auth
listen on em0 port 587 tls pki mail.aoiyuma.mydns.jp auth

table aliases db:/etc/mail/aliases.db
accept from any for domain aoiyuma.mydns.jp   alias aliases 
deliver to maildir
accept from any for domain aoiyuma.mydns.jp   
deliver to maildir
accept for localalias aliases 
deliver to maildir
accept for local
deliver to maildir

mynetwork1 = 61.214.236.211/32
mynetwork2 = 114.22.25.247/32
accept from source $mynetwork1 for any relay
accept from source $mynetwork2 for any relay

#reject from any for any
accept from local for any relay  - this line
accept from local for any relay
---
then i send mail y...@gmail.com .


my failure was 'reject from any for any' .
are there open relay when ' accept from local for any relay' is replaced .







--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

OpenSMTPD big deployments

2015-07-28 Thread Giovanni Bechis

Hi,
in October I will give a talk at Linuxcon about OpenSMTPD, does anybody have 
some statistics about some big deployments ?
Atm I have statistics only for my servers.
 Cheers  Thanks
  Giovanni  

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: SSL/TLS

2015-07-28 Thread Denis Fondras

 are there open relay when ' accept from local for any relay' is replaced .
 

Nope !
from local means that only the machine running OpenSMTPd or any
*authenticated* client can relay.

Moreover, if no rule is matching then OpenSMTPd rejects the mail (default
setting = secure setting)

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: SSL/TLS

2015-07-28 Thread Herbert J. Skuhra

On Tue, Jul 28, 2015 at 09:05:24PM +0900, tuyosi wrote:
 
 
 On 2015e9407f28f% 20:50, Denis Fondras wrote:
 are there open relay when ' accept from local for any relay' is replaced .
 
 Nope !
 from local means that only the machine running OpenSMTPd or any
 *authenticated* client can relay.
 
 Moreover, if no rule is matching then OpenSMTPd rejects the mail (default
 setting = secure setting)
 
 kind advice .
 
 surely   i can send mail from x...@aoiyuma.mydns.jp to y...@gmail.com 
 .
 
 
 strangely  i cannot send mail from Y@gmailto
 x...@aoiyuma.mydns.jp .
 -
 
 Delivery to the following recipient failed permanently:
 
  tuy...@aoiyuma.mydns.jp
 
 Technical details of permanent failure:
 Google tried to deliver your message, but it was rejected by the server for 
 the recipient domain aoiyuma.mydns.jp by mail.aoiyuma.mydns.jp. 
 [157.7.208.141].
 
 The error that the other server returned was:
 530 5.5.1 Invalid command: Must issue an AUTH command first

You have:

listen on em0 port 25  tls pki mail.aoiyuma.mydns.jp auth

From smtpd.conf(5):

If the auth parameter is used, then a client may only start an SMTP transaction
after a successful authentication. Any remote sender that passed SMTPAUTH is
treated as if it was the server's local user that was sending the mail. This
means that filter rules using from local will be matched. If auth-optional is
specified, then SMTPAUTH is not required to establish an SMTP transaction. This
is only useful to let a listener accept incoming mail from untrusted senders
and outgoing mail from authenticated users in situations where it is not
possible to listen on the submission port.

And I think you want smtps on port 465 not tls!

-- 
Herbert

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: SSL/TLS

2015-07-28 Thread SSL


i rewrite  smtpd.conf by auth-optional
this one allow to mail to  from gmail.com .

-by https://www.opensmtpd.org/smtpd.conf.5.html
If *auth-optional* is specified, then SMTPAUTH is not required to 
establish an SMTP transaction. This is only useful to let a listener 
accept incoming mail from untrusted senders and outgoing mail from 
authenticated users in situations where it is not possible to listen on 
the submission port.
Both *auth* and *auth-optional* accept an optional table as a parameter. 
When provided, credentials are looked up in this table. Credentials 
format is described in table(5).

---

how about this ?

pki mail.aoiyuma.mydns.jp certificate /etc/ssl/mail.aoiyuma.mydns.jp.crt
pki mail.aoiyuma.mydns.jp key /etc/ssl/private/mail.aoiyuma.mydns.jp.key
listen on lo0
listen on em0 port 25  tls pki mail.aoiyuma.mydns.jp auth-optional
listen on em0 port 465 tls pki mail.aoiyuma.mydns.jp auth-optional
listen on em0 port 587 tls pki mail.aoiyuma.mydns.jp auth-optional
table aliases db:/etc/mail/aliases.db
accept from any for domain aoiyuma.mydns.jp   alias aliases 
deliver to maildir
accept from any for domain aoiyuma.mydns.jp   
deliver to maildir
accept for localalias aliases 
deliver to maildir
accept for local
deliver to maildir

mynetwork1 = 6.2.6.2/32
mynetwork2 = 114.22.25.247/32
accept from source $mynetwork1 for any relay
accept from source $mynetwork2 for any relay
accept from local for any relay

Re: SSL/TLS

2015-07-28 Thread SSL


Hi all .
following the advices that I received in the past ,  Itry to put together .

I think that there aremistakes.
Please point out at that time.

In addition, please use the translation site because this is written in 
Japanese.


For example,
https://translate.google.co.jp/?hl=ja
--
tuyosi takesima

Re: SSL/TLS

Re: SSL/TLS

Re: SSL/TLS

OpenSMTPD big deployments

Re: SSL/TLS

Re: SSL/TLS

Re: SSL/TLS

Re: SSL/TLS

8 matches

Site Navigation

Mail list logo

Footer information