relay via: No MX found for domain
Hello, after upgrading opensmtpd 5.4.2 to 5.4.4 on FreeBSD 10.1, I have an issue with relaying mail. My setup is: - 1 jail ("mail") which handles all mails for the domain and relay mails from other jails - all other jails (for example www) relay via the "mail" jail When I send a mail from www jail, it fails with this message in logs: smtp-out: Failed to resolve MX for [relay:mail,port=587,starttls,auth=jailcred:jailcred,mx]: No MX found for domain smtpd.conf on www jail is: table jailcred file:/usr/local/etc/mail/jailcred accept from local for any relay via "tls+auth://jailcred@mail:587" auth Is there something wrong with my configuration (or not compatible with 5.4.4)? Thanks. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: YAB - Yet Another Blog with posts about OpenSMTPD, clamsmtp, spampd, lmtp, etc.on OpenBSD
On 2015-02-10 08:33, Amar Cosic wrote: On Tue, Feb 10, 2015 at 3:00 PM, Chess Griffin wrote: Hello list- For the past couple of weeks, I have been documenting to myself the steps I took to configure a mail server on OpenBSD 5.6 using OpenSMTPD, ClamAV, ClamSMTP, SpamAssassin, SpamPD, DKIMproxy, dovecot, lmtp, and roundcube. I thought it might help someone else out if I posted my notes somewhere. I know others have recently put up some very helpful OpenSMTPD posts so my little effort is probably redundant but just in case someone finds something helpful or useful, here is the link: http://technoquarter.blogspot.com/ [1] Please feel free to hit me with a cluestick if I've done something stupid, which is entirely possible. :-) Thanks to the OpenBSD and OpenSMTPD developers for creating great software and making it freely available to us general users. If there is anything useful in what I posted, it's because of their great work and clear documentation. -- Chess Griffin -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org Great, thank you. Wish someone integrates virtual users/domains in some kind of database. Having local user just to have email is mess IMO. A. -- Links: -- [1] http://technoquarter.blogspot.com/ Excellent guide. Wish you would have posted this a while back :). -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: OpenSMTPD on OpenBSD 5.6 backend MySQL
On 02/10/15 16:20, Ultramedia Libertad wrote: > Greetings friends, > > I read that OpenSMTPD already have the option of mysql backend, > I would like to have an example of how to do it, > As that previously used postfix with 3 virtual domains and 10 virtual users > in total. > by the time my mail server is stopped and l people without post until I learn > how to work OpenSMTD with mysql backend. > > thank you for advance. > > OpenBSD 5.6 > > OpenSMTPD 5.4.3 > > Thank you for advance > > -- > editor de sueños To be able to connect with MySQL you should install opensmtpd-extras port. It is available on current, I do not know if the current port will compile on 5.6 due to netdb.h change. Attached a couple of config files to start with, in mysql.conf you have to write your own sql queries. Cheers Giovanni # # Sample MySQL configuration file # hostlocalhost usernameuser passwordpass databasedb # Alias lookup query # # rows >= 0 # fields == 1 (user varchar) # query_alias select destination from mail_valias where source=? # Domain lookup query # # rows == 1 # fields == 1 (domain varchar) # query_domainselect domain from mail_domain where domain=?; # User lookup query # # rows == 1 # fields == 3 (uid int, gid int, directory varchar) # query_userinfoselect uid,gid,maildir from mail_user where login=? # Credentials lookup query # # rows == 1 # fields == 2 (username varchar, password varchar) # query_credentialsselect login, password from mail_user where login=?; # Netaddr lookup query # # rows == 1 # fields == 1 (netaddr varchar) # #query_netaddrselect value from netaddr where value=$1; # $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all # listen on lo0 table vusers mysql:/tmp/mysql.conf table vdomains mysql:/tmp/mysql.conf table aliases mysql:/tmp/mysql.conf accept for domain userbase virtual deliver to maildir accept from local for any relay
OpenSMTPD on OpenBSD 5.6 backend MySQL
Greetings friends, I read that OpenSMTPD already have the option of mysql backend, I would like to have an example of how to do it, As that previously used postfix with 3 virtual domains and 10 virtual users in total. by the time my mail server is stopped and l people without post until I learn how to work OpenSMTD with mysql backend. thank you for advance. OpenBSD 5.6 OpenSMTPD 5.4.3 Thank you for advance -- editor de sueños
Re: Lavabit like encryption with OpenSMTPD
On Tue, 10 Feb 2015 04:47:38 -0800, Gilles Chehade wrote: People actually open an account at Gmail/Yahoo/Microsoft because they do not give the slightest shit about these privacy concerns. They want mail that gets sent when pressing a button, and they want it so bad that even when most ISP provide an email address you can fetch with POP/IMAP, they go for Gmail/Yahoo/Microsoft because the webmail is simpler than dealing with the configuration of Outlook / Thunderbird. Get real, these people do not care about your concerns, they will go for the simplest solution and you will never convince them that they have to setup PGP, remember yet another passphrase for a keypair they need to be careful with, just so they can send an email... when the alternative can just be pressing a button. I think Gilles observations are borne out by reality. PGP is without question a powerful tool but it's a terrible tool IMO for anyone but the technically minded and OpSec disciplined. Clay Shirky wrote a great article that I always circle back to when I see these debates: The RIAA Succeeds Where the Cypherpunks Failed http://www.shirky.com/writings/riaa_encryption.html Long story short the 'Eat your peas' approach has been and continues to be a miserable failure. Gilles is right, the vast majority of the email using population does not give two shits about security or surveillance. This is no longer debatable two years after the Snowden leaks began. How many non-technical people do you know that have dropped their PRISM-approved email provider since then? Crikey, half the people on the mailing lists I subscribe to are still using gmail accounts, it's pathetic. If we want to live in a world where people have some semblance of computer security and protection from surveillance, the people writing the software must build these features into software products so that they are baked in, impossible to disable, fail closed, and completely transparent to the end user. Any other approach is doomed to failure as far as I can tell. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: YAB - Yet Another Blog with posts about OpenSMTPD, clamsmtp, spampd, lmtp, etc.on OpenBSD
On Tue, Feb 10, 2015 at 3:00 PM, Chess Griffin wrote: > Hello list- > > For the past couple of weeks, I have been documenting to myself the > steps I took to configure a mail server on OpenBSD 5.6 using OpenSMTPD, > ClamAV, ClamSMTP, SpamAssassin, SpamPD, DKIMproxy, dovecot, lmtp, and > roundcube. I thought it might help someone else out if I posted my > notes somewhere. I know others have recently put up some very helpful > OpenSMTPD posts so my little effort is probably redundant but just in > case someone finds something helpful or useful, here is the link: > > http://technoquarter.blogspot.com/ > > Please feel free to hit me with a cluestick if I've done something > stupid, which is entirely possible. :-) > > Thanks to the OpenBSD and OpenSMTPD developers for creating great > software and making it freely available to us general users. If there > is anything useful in what I posted, it's because of their great work > and clear documentation. > > -- > Chess Griffin > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > > Great, thank you. Wish someone integrates virtual users/domains in some kind of database. Having local user just to have email is mess IMO. A. --
YAB - Yet Another Blog with posts about OpenSMTPD, clamsmtp, spampd, lmtp, etc.on OpenBSD
Hello list- For the past couple of weeks, I have been documenting to myself the steps I took to configure a mail server on OpenBSD 5.6 using OpenSMTPD, ClamAV, ClamSMTP, SpamAssassin, SpamPD, DKIMproxy, dovecot, lmtp, and roundcube. I thought it might help someone else out if I posted my notes somewhere. I know others have recently put up some very helpful OpenSMTPD posts so my little effort is probably redundant but just in case someone finds something helpful or useful, here is the link: http://technoquarter.blogspot.com/ Please feel free to hit me with a cluestick if I've done something stupid, which is entirely possible. :-) Thanks to the OpenBSD and OpenSMTPD developers for creating great software and making it freely available to us general users. If there is anything useful in what I posted, it's because of their great work and clear documentation. -- Chess Griffin -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Lavabit like encryption with OpenSMTPD
On Tue, Feb 10, 2015 at 12:23:08PM +, Craig Skinner wrote: > On 2015-02-09 Mon 13:19 PM |, Gilles Chehade wrote: > > > > My grandma, like a lot of non-technical people, just wants to send mail, > > she doesn't want to be trained, she wants to write a message and press a > > button and the message being sent. If it doesn't work that way, she will > > just not use mail. > > > > I could say my teenage children all want the keys to my cars, without > wanting to learn how to drive, or be old enough to take a test. > This has got to be the most irrelevant analogy ever... > > She's like most internet users, she doesn't care or want to care how the > > message will be emitted, if you provide two ways and a simpler one, then > > she will pick up the simpler one. > > My girlfriends want to go to sea with me on a warship and fire torpedos. > They don't care how the weapon is emitted, they just want a way to make > a big splash, without doing the dicipline of military training. Meh > ... oh nope, you've surpassed it. > > If the user doesn't use PGP, with what public key do you encrypt his > > message ? or do you simply not write to him anymore ? > > > > For some things (legal, financial, medical), I've had to arrange offline > communications, because others wouldn't encrypt *some* emails. > Good for you. I'm sure this is what people will do... oh no wait... People actually open an account at Gmail/Yahoo/Microsoft because they do not give the slightest shit about these privacy concerns. They want mail that gets sent when pressing a button, and they want it so bad that even when most ISP provide an email address you can fetch with POP/IMAP, they go for Gmail/Yahoo/Microsoft because the webmail is simpler than dealing with the configuration of Outlook / Thunderbird. Get real, these people do not care about your concerns, they will go for the simplest solution and you will never convince them that they have to setup PGP, remember yet another passphrase for a keypair they need to be careful with, just so they can send an email... when the alternative can just be pressing a button. Trying to convince them to NOT SEND A MAIL and find an offline channel ? You're funny :-) > > Yes, PGP offers end-to-end and it's great. > > Most people don't use it. > > > > Yep. Usually, (social) mail does not need to be encrypted. > > Othertimes, some (e.g banking, business) emails need to encrypted > throughout their entire route & life. > > One hop on one machine isn't enough in these situations. > Yes. Yet PGP is marginal, inter-nodes encryption provides a layer of security where there would be none. It's better than nothing when the alternative is, well, nothing. Anyways, you have your opinions on this, we disagree, my aim is still to allow my grandma to send mail so I won't debate further. -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Lavabit like encryption with OpenSMTPD
On 2015-02-09 Mon 13:19 PM |, Gilles Chehade wrote: > > My grandma, like a lot of non-technical people, just wants to send mail, > she doesn't want to be trained, she wants to write a message and press a > button and the message being sent. If it doesn't work that way, she will > just not use mail. > I could say my teenage children all want the keys to my cars, without wanting to learn how to drive, or be old enough to take a test. > She's like most internet users, she doesn't care or want to care how the > message will be emitted, if you provide two ways and a simpler one, then > she will pick up the simpler one. My girlfriends want to go to sea with me on a warship and fire torpedos. They don't care how the weapon is emitted, they just want a way to make a big splash, without doing the dicipline of military training. Meh > > If the user doesn't use PGP, with what public key do you encrypt his > message ? or do you simply not write to him anymore ? > For some things (legal, financial, medical), I've had to arrange offline communications, because others wouldn't encrypt *some* emails. Consider these increasingly more common situations: Canadian Dads on the Run (to Nice, France): http://www.youtube.com/watch?v=Xn_GzdkWpg0&feature=related Men must make a DNA Getaway: http://youtu.be/6Acp23ERkks?list=RDmpI3y4Nqt4Y&feature=related http://youtu.be/-V9BtDpYg4A?list=PLHLREeMe4S0OmV_BYAfWNWi0qQzu2FWzK > > Yes, PGP offers end-to-end and it's great. > Most people don't use it. > Yep. Usually, (social) mail does not need to be encrypted. Othertimes, some (e.g banking, business) emails need to encrypted throughout their entire route & life. One hop on one machine isn't enough in these situations. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org