Just intalled...

2019-03-19 Thread Duncan Patton a Campbell


I've just upgraded my mailserver to OpenBSD 6.4 and perforce upgrade to 
OpenSMTP,
which is now working just fine (so far).  Seems like a fairly solid piece of SW,
if a little deficient on install and documentation... what had bunged me up was
that the installation of dkim doesn't correctly set the perms on /var/dkimproxy
to _dkimproxy:_dkimproxy and this was only visible in /var/maillog

Dhu

-- 
 Je suis Canadien. Ce n'est pas Francais ou Anglaise.  
 C'est une esp`ece de sauvage: ne obliviscaris, vix ea nostra voco;-) 

http://babayaga.neotext.ca/PublicKeys/Duncan_Patton_a_Campbell_pubkey.txt

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-19 Thread Gabriele Tofano
On Mar 19, 2019, at 8:58 AM, Gabriele Tofano  wrote:
> 
> On Mar 19, 2019, at 12:16 AM, Thomas Bohl  
> wrote:
>> 
 Which leads to the question: Does user1 exist?
 
>>> But I do not understand why osmtpd is looking at the /etc/passwd file when 
>>> I have always used my table files (defined in smtp.conf) with a working 
>>> environment, 
>> 
>> My understanding is, according to the configuration you presented, that it 
>> has to lookup /etc/passwd. (I'm only unsure about the role of rcpt-to in 
>> this.)
>> 
>> https://man.openbsd.org/OpenBSD-6.3/table#Aliasing_tables
>> "Aliasing tables are mappings that associate a recipient to one or many 
>> destinations.
>> ...
>> accept for domain example.org virtual  deliver to mbox
>> ...
>> In a virtual domain context, the key is either a user part, a full email 
>> address or a catch all ... and the value is one or many recipients as 
>> described in aliases(5):"
>> 
>> https://man.openbsd.org/OpenBSD-6.3/aliases.5
>> "...The file consists of key/value mappings of the form:
>> 
>> key: value1, value2, value3, ...
>> ...The key is expanded to the corresponding values, which consist of one or 
>> more of the following:
>> 
>> user
>> A user on the host machine. The user must have a valid entry in the 
>> passwd(5) database file. ..."
>> 
>> 
>>> and user1 has never been a system user.
>> 
>> What is user1 then? A virtual Dovecot user?
> 
> User1 is listed in the /usr/local/etc/mail/passwd file for smtpd 
> authentication and in /usr/local/etc/mail/aliases and 
> /usr/local/etc/mail/virtuals for local user mapping and standard mailbox 
> redirect.
> 
> Dovecot is looking at /usr/local/etc/mail/passwd for its virtual users.
> 
> I never had user1 and user2 as a system users and smtpd has always worked 
> correctly on my production and lab servers.
> 
>> Can you maybe post your virtuals?
> 
> Here my /usr/local/etc/mail/virtuals:
> 
> ab...@domain.com  us...@domain.com
> postmas...@domain.com us...@domain.com
> webmas...@domain.com  us...@domain.com
> 
> 
> And here my /usr/local/etc/aliases:
> 
> vmail:/dev/null
> 
> root: user1
> user1:us...@domain.com
> 
>> 
>> You could experiment with the "as user" parameter.
>> https://man.openbsd.org/OpenBSD-6.3/smtpd.conf.5#deliver_to_lmtp
>> 
>> P.S.
>> Like in your first message you again wrote "smtp.conf". I'm sure you meant 
>> "smtpd.conf", right?
> 
> That was an autocorrect and I confirm my config file is named smtpd.conf.
> 
> 
>> -- 
>> You received this mail because you are subscribed to misc@opensmtpd.org
>> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>> 
> 
> 
> 
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

I found the issue. The original /usr/local/etc/mail/virtuals file was the 
following:

ab...@domain.comus...@domain.com
postmas...@domain.com   us...@domain.com
webmas...@domain.comus...@domain.com
us...@domain.comvmail
us...@domain.comvmail

Basically all the virtual users were mapped to the system vmail user which is 
in charge of handling deliveries, and for some reasons they were not listed in 
the file anymore. Adding them has resolved the issue and users are able to 
receive email again. I am going to investigate why those mappings were not 
present anymore but I would like to thank all of you for the precious support 
and time dedicated to help me out on this!

PS. It is not good when your mail server stop working on your wedding week :)  



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-19 Thread Thomas Bohl

Can you maybe post your virtuals?


Here my /usr/local/etc/mail/virtuals:

ab...@domain.comus...@domain.com
postmas...@domain.com   us...@domain.com
webmas...@domain.comus...@domain.com


The line for us...@domain.com is missing.
The debug output shows that you are trying to send to us...@domain.com 
and no entry is found. Can you mail to ab...@domain.com?


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-19 Thread Gabriele Tofano
On Mar 19, 2019, at 2:56 AM, Reio Remma  wrote:
> 
>> smtpd -dv -Tlookup

Here the whole debug:

# smtpd -dv -Tlookup
debug: init ssl-tree
info: loading pki information for mail.domain.com
debug: init ca-tree
debug: init ssl-tree
info: loading pki keys for mail.domain.com
info: OpenSMTPD 5.9.2p1 starting
debug: bounce warning after 4h
debug: using "fs" queue backend
debug: using "ramqueue" scheduler backend
debug: using "ram" stat backend
queue: queue compression enabled
queue: queue encryption enabled
debug: queue: done loading queue into scheduler
filter: building simple chains...
filter: building complex chains...
filter: done building complex chains
debug: ca_engine_init: using RSA privsep engine
debug: parent_send_config_ruleset: reloading
debug: parent_send_config: configuring pony process
debug: parent_send_config: configuring ca process
debug: smtp: listen on x.x.x.x port 587 flags 0x569 pki "mail.domain.com" ca ""
debug: smtp: listen on x.x.x.x port 25 flags 0x401 pki "mail.domain.com" ca ""
debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:x::1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:::1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on 127.0.0.1 port 25 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:x::1 port 25 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:::1 port 25 flags 0x400 pki "" ca ""
debug: pony: rsae_init
debug: pony: rsae_init
debug: smtp: will accept at most 6866 clients
debug: init private ssl-tree
debug: smtpd: scanning offline queue...
debug: smtpd: offline scanning done
debug: smtp: new client on listener: 0x802851000
smtp-in: New session edbec85d0fe88133 from host st43p00im-zteg10062001.me.com 
[17.58.63.166]
debug: smtp: SIZE in MAIL FROM command
lookup: check "17.58.63.166" as NETADDR in table static: -> 0
lookup: check "17.58.63.166" as NETADDR in table static: -> found
lookup: check “domain.com" as DOMAIN in table static:domains -> found
lookup: lookup “us...@domain.com" as ALIAS in table static:virtuals -> 0
lookup: lookup “user1" as ALIAS in table static:virtuals -> 0
lookup: lookup “@domain.com" as ALIAS in table static:virtuals -> 0
lookup: lookup "@" as ALIAS in table static:virtuals -> 0
smtp-in: Failed command on session edbec85d0fe88133: "RCPT 
TO: ORCPT=rfc822;us...@.domain.com" => 550 Invalid recipient
smtp-in: Closing session edbec85d0fe88133
debug: smtp: 0x802962c00: deleting session: done




Re: 550 invalid recipient issue

2019-03-19 Thread Gabriele Tofano
On Mar 19, 2019, at 12:16 AM, Thomas Bohl  wrote:
> 
>>> Which leads to the question: Does user1 exist?
>>> 
>> But I do not understand why osmtpd is looking at the /etc/passwd file when I 
>> have always used my table files (defined in smtp.conf) with a working 
>> environment, 
> 
> My understanding is, according to the configuration you presented, that it 
> has to lookup /etc/passwd. (I'm only unsure about the role of rcpt-to in 
> this.)
> 
> https://man.openbsd.org/OpenBSD-6.3/table#Aliasing_tables
> "Aliasing tables are mappings that associate a recipient to one or many 
> destinations.
> ...
> accept for domain example.org virtual  deliver to mbox
> ...
> In a virtual domain context, the key is either a user part, a full email 
> address or a catch all ... and the value is one or many recipients as 
> described in aliases(5):"
> 
> https://man.openbsd.org/OpenBSD-6.3/aliases.5
> "...The file consists of key/value mappings of the form:
> 
> key: value1, value2, value3, ...
> ...The key is expanded to the corresponding values, which consist of one or 
> more of the following:
> 
> user
> A user on the host machine. The user must have a valid entry in the passwd(5) 
> database file. ..."
> 
> 
> > and user1 has never been a system user.
> 
> What is user1 then? A virtual Dovecot user?

User1 is listed in the /usr/local/etc/mail/passwd file for smtpd authentication 
and in /usr/local/etc/mail/aliases and /usr/local/etc/mail/virtuals for local 
user mapping and standard mailbox redirect.

Dovecot is looking at /usr/local/etc/mail/passwd for its virtual users.

I never had user1 and user2 as a system users and smtpd has always worked 
correctly on my production and lab servers.

> Can you maybe post your virtuals?

Here my /usr/local/etc/mail/virtuals:

ab...@domain.comus...@domain.com
postmas...@domain.com   us...@domain.com
webmas...@domain.comus...@domain.com


And here my /usr/local/etc/aliases:

vmail:  /dev/null

root:   user1
user1:  us...@domain.com

> 
> You could experiment with the "as user" parameter.
> https://man.openbsd.org/OpenBSD-6.3/smtpd.conf.5#deliver_to_lmtp
> 
> P.S.
> Like in your first message you again wrote "smtp.conf". I'm sure you meant 
> "smtpd.conf", right?

That was an autocorrect and I confirm my config file is named smtpd.conf.


> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-19 Thread Reio Remma

On 19/03/2019 04:53, Gabriele Tofano wrote:

I discovered the below after running a smtpd -dv -Tlookup:

lookup: check "17.58.63.178" as NETADDR in table static: -> 0
lookup: check "17.58.63.178" as NETADDR in table static: -> found
lookup: check “domain.com" as DOMAIN in table static: -> found
lookup: lookup “user1" as USERINFO in table getpwnam: -> 0

Why osmtpd is looking for user1 in table getpwnam? What table is that?


Maybe share your whole lookup debug log.

I see it's looking up user1 instead of us...@domain.com, which it means 
it's matching the action with alias rule, not the action with virtuals rule.


Good luck,
Reio

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org