Re: Tables syntax in new config

2018-11-27 Thread Chris Bennett
Thanks!

This was a good thread. And of course I didn't notice man table.
I'm getting really important emails right now, but I want to upgrade to
6.4 from 6.3, so I'm being really cautious about making a mess.

Server company is using IPMI with Java, so that's been a problem since I
can't get OpenBSD's version to work. Which was really hard to get to
even work with someone's old windows version when I first installed.

Chris Bennett

Thanks for the great work!



-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: Tables syntax in new config

2018-11-27 Thread lvdd


Hi Gille,

thanks for taking the time to answer personally.


On Tue, 27 Nov 2018 17:01:07 +0100
Gilles Chehade  wrote:

> 
> I don't know what's in your tables but file tables but see man table(5),
> it is very likely that you're not using the proper format, smtpd detects
> that the table is not of the proper type and warns you that it can't use
> them.
> 
> Can you show the content of table vdomains for instance ?
> 

How is a facepalm working in ascii? Of course it was the tables! I just
created emtpy files while the originals were lying in a subfolder -
I forgot to copy them in place :-(
Now everything is fine

> 
> I genuinely don't understand this.
> 
> The logic is essentially the same except that where you used to have the
> action part of the rule, you know have the action declared and the rules
> refer to them:
> 
> accept [...] deliver to mbox
> 
> action bleh mbox
> match [...] action bleh
> 
> You write your rules the same way, they are evaluated in the same order,
> there are a few minor keyword changes but quite frankly I don't see what
> is so complex.
> 
> Anyways, the change was mandatory to move forward so there's not much we
> can do about it and there will be changes in the future again, hopefully
> not too soon, because we want to continue moving forward.
> 

I probably didn't make it clear enough. I understand and support that
the project is moving on and adjustments need to be made because of
technical difficulties or because otheriwse filters would be entirely
impossible with the existing codebase.
It is also possible that I will be embarrassed in a year from now to
have written this mail because it might just click in my brain and
everything will fall into place in there. 
Maybe it is just the reason that right now I don't have the time to put
my head into this but have to, and it is not going quickly enough - who
knows.

Please don't read too much into. I just wanted to let you know that
right now I find the new way more difficult. If this new mailserver is
just running and behaving like the old one, I am going to be happy
again :-)

Peace
Lars



-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: Tables syntax in new config

2018-11-27 Thread Gilles Chehade
On Tue, Nov 27, 2018 at 04:35:41PM +0100, lvdd wrote:
> Hi,
> 
> I am trying to convert an existing smtpd configuration to the new syntax
> in 6.4 snapshot from last week or so and have a question about that.
> 
> The configuration has been converted but not actively tested yet. All I
> do right now is 'smtpd -f /etc/mail/newconfig -n' and I am getting the
> following reply back:
> 
> /etc/mail/smtpd.conf_new:30: table "unwantedsenders" may not be used for 
> mail-from lookups
> /etc/mail/smtpd.conf_new:32: table "vdomains" may not be used for 'for' 
> lookups
> /etc/mail/smtpd.conf_new:34: table "vdomains" may not be used for 'for' 
> lookups
> 

[...]
>
> table aliases file:/etc/mail/aliases
> table vusers file:/etc/mail/vusers
> table vdomains file:/etc/mail/vdomains
> table unwantedsenders file:/etc/mail/unwantedsenders
> table recipients file:/etc/mail/recipients
> 

I don't know what's in your tables but file tables but see man table(5),
it is very likely that you're not using the proper format, smtpd detects
that the table is not of the proper type and warns you that it can't use
them.

Can you show the content of table vdomains for instance ?


> 
> So, why do I get a message that the tables 'may' not be used? I assume
> they will be used, but why the message? Are they deprecated? Another
> change coming?
> 

I may be wrong but very likely your tables are incorrect.


>
> On a general note I am having trouble getting my head around the new
> config style. It was possible for me using the method outlined by Gille
> in his blog post. But if I had to start from scratch - I would likely give up.
>
> The problem for me is that I am not constantly working on the
> smtpd config. So I forget things and have to work hard to get my head
> back how this is supposed to work. This new config style doesn't make it
> easier in my opinion. I will stick with opensmtpd for now and probably
> see the things differently in a year. Let's see...
> 

I genuinely don't understand this.

The logic is essentially the same except that where you used to have the
action part of the rule, you know have the action declared and the rules
refer to them:

accept [...] deliver to mbox

action bleh mbox
match [...] action bleh

You write your rules the same way, they are evaluated in the same order,
there are a few minor keyword changes but quite frankly I don't see what
is so complex.

Anyways, the change was mandatory to move forward so there's not much we
can do about it and there will be changes in the future again, hopefully
not too soon, because we want to continue moving forward.


-- 
Gilles Chehade @poolpOrg

https://www.poolp.org tip me: https://paypal.me/poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Tables syntax in new config

2018-11-27 Thread lvdd
Hi,

I am trying to convert an existing smtpd configuration to the new syntax
in 6.4 snapshot from last week or so and have a question about that.

The configuration has been converted but not actively tested yet. All I
do right now is 'smtpd -f /etc/mail/newconfig -n' and I am getting the
following reply back:

/etc/mail/smtpd.conf_new:30: table "unwantedsenders" may not be used for 
mail-from lookups
/etc/mail/smtpd.conf_new:32: table "vdomains" may not be used for 'for' lookups
/etc/mail/smtpd.conf_new:34: table "vdomains" may not be used for 'for' lookups


The config looks as follows:

'a few pki lines for certs'
.
.
.
table aliases file:/etc/mail/aliases
table vusers file:/etc/mail/vusers
table vdomains file:/etc/mail/vdomains
table unwantedsenders file:/etc/mail/unwantedsenders
table recipients file:/etc/mail/recipients

listen on lo0
listen on lo0 port 10026 tag SPAM_CHECKED mask-src #after spamassassin check
listen on lo0 port 10028 tag DKIM_POST mask-src  #for outbound emails after 
DKIM signing
listen on egress tls pki domain1 auth-optional
listen on egress port submission tls-require pki domain1 auth mask-src

action "lmtp" lmtp "/var/dovecot/lmtp"
action "lmtp-vusers" lmtp "/var/dovecot/lmtp" virtual 
action "lmtp-alias" lmtp "/var/dovecot/lmtp" alias 
action "relay_dkim" relay host smtp://127.0.0.1:10027 #send to dkim for signing
action "check_spam" relay host smtp://127.0.0.1:10025 #send to spamassassin
action "relay" relay


match from any mail-from  for any reject
match from local for local action "lmtp"
match tag SPAM_CHECKED for domain  action "lmtp-vusers"
match tag SPAM_CHECKED for local action "lmtp-alias"
match from any for domain  rcpt-to  action "check_spam"

match tag DKIM_POST for any action "relay"
match auth from any for any action "relay_dkim"


The man pages state for the mail-from option of a match rule:

[!] mail-from sender | 
Specify that transactions's MAIL FROM should match the string or list table 
sender.

or similarily the 'for domain' part:
  
[!] for domain domain | 
Specify that session may address the string or list table domain.

Also Gille is using the same rules in his example config on
https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/

So, why do I get a message that the tables 'may' not be used? I assume
they will be used, but why the message? Are they deprecated? Another
change coming?

On a general note I am having trouble getting my head around the new
config style. It was possible for me using the method outlined by Gille
in his blog post. But if I had to start from scratch - I would likely give up.
The problem for me is that I am not constantly working on the
smtpd config. So I forget things and have to work hard to get my head
back how this is supposed to work. This new config style doesn't make it
easier in my opinion. I will stick with opensmtpd for now and probably
see the things differently in a year. Let's see...

regards
Lars

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org