Is my server relaying or sending spam?

2015-03-14 Thread Clint Pachl 
I found the following message sitting in my queue. I didn't personally 
send it or expect it. Am I compromised? Or have I misconfigured 
something? What's happening?


# smtpctl show queue
a75cffe88aefb624|local|mta|auth|@|israel.5...@cantv.net|israel.5...@cantv.net|1426254563|1426600163|0|18|pending|2029|Network 
error on destination MXs




# smtpctl show envelope a75cffe88aefb624
version: 2
tag: local
type: mta
smtpname: localhost
helo: mail.targetmeister.com
hostname: localhost
errorline: Network error on destination MXs
sockaddr: local
sender: @
rcpt: israel.5...@cantv.net
dest: israel.5...@cantv.net
ctime: 1426254563
last-try: 0
last-bounce: 1426268963
expire: 345600
retry: 18
flags: authenticated
dsn-notify: 0
esc-class: 4
esc-code: 0



# smtpctl show message a75cffe88aefb624
Received: from mail.targetmeister.com (localhost [local]);
by localhost (OpenSMTPD) with ESMTPA id a75cffe8;
for ;
Fri, 13 Mar 2015 06:49:23 -0700 (MST)
Subject: Delivery status notification: error
From: Mailer Daemon 
To: israel.5...@cantv.net
Date: Fri, 13 Mar 2015 06:49:23 -0700 (MST)

Hi!

This is the MAILER-DAEMON, please DO NOT REPLY to this e-mail.

An error has occurred while attempting to deliver a message for
the following list of recipients:

pa...@ecentryx.com: Loop detected

Below is a copy of the original message:

Received: from dbec7fb95.dslam-172-17-49-245-0758-337.dsl.cantv.net 
(190-199-251-149.dyn.dsl.cantv.net [190.199.251.149]);

by mail.targetmeister.com (OpenSMTPD) with ESMTP id 83ff3847;
for ;
Fri, 13 Mar 2015 06:49:19 -0700 (MST)
MIME-Version: 1.0
Date: Fri, 13 Mar 2015 09:19:15 -0430
Delivered-To: pa...@ecentryx.com
Message-ID: 
Subject: Invoice (13\03\2015) for payment to SOPHEON
From: Mitchell Holmes 
To: pachl 
Content-Type: multipart/mixed; boundary=001a348494BE3C1D8277EDA51815

--001a348494BE3C1D8277EDA51815
Content-Type: multipart/alternative; boundary=001a348494BE3C122577EDA51813

--001a348494BE3C122577EDA51813
Content-Type: text/plain; charset=UTF-8



--001a348494BE3C122577EDA51813
Content-Type: text/html; charset=UTF-8



--001a348494BE3C122577EDA51813--
--001a348494BE3C1D8277EDA51815
Content-Type: application/msword; name="7530AAH.doc"
Content-Disposition: attachment; filename="7530AAH.doc"
Content-Transfer-Encoding: base64

==TRIMMED (PROBABLY A VIRUS)==
--001a348494BE3C1D8277EDA51815--



# cat /etc/mail/smtpd.conf
table users "/etc/mail/users"
table passwd"/etc/mail/passwd"
table aliases   "/etc/mail/aliases"
table domains   "/etc/mail/domains"

pki mail.targetmeister.com certificate "/etc/ssl/mail.targetmeister.com.crt"
pki mail.targetmeister.com key "/etc/ssl/private/mail.targetmeister.com.key"

listen on localhost
listen on mail port smtp   tls auth-optional 
listen on mail port submission tls-require auth 

accept from local for local alias  deliver to mbox
accept from any for domain  virtual  deliver to maildir \
"/var/spool/vmail/%{dest.domain:lowercase}/%{dest.user:lowercase|strip}"
accept from local for any relay



# cat /etc/mail/domains
ecentryx.com
mokaz.com
targetmeister.com



# cat /etc/mail/mailname
mail.targetmeister.com


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

potential makemap man page improvements

2015-03-14 Thread Kevin Chadwick 
Assuming it's correct I wonder if something along the lines of the
following would improve the makemap man page virtual domains section.
I tried a few different things to get majordomo and the power
of virtual domains working, including a second deliver to mda before
noticing the 'extension' keyword. Admittedly I should have realised but
sometimes your concentration can run thin. Virtual domains being a
complete map is also mentioned on the github wiki but I am not sure it
is in the man pages yet?

"Virtual domains represent a complete map of accepted addresses
resulting in a ``550 Invalid Recipient'' message being returned for any
non existing mapping. As an extension to aliases(5) everything that can
be done with aliases(5) including piping to commands can also be done
with virtual domains. The flexibility of virtual domains means that
only a single accept rule within smtpd.conf(5) may match per domain."


--- /usr/share/man/man8/makemap.8   Mon Jan 19 02:54:26 2015
+++ /tmp/man/man8/makemap.8 Sat Mar 14 15:58:41 2015
@@ -108,6 +108,20 @@
 .Xr smtpd 8
 will perform the lookups in that specific order.
 .Pp
+Virtual domains represent a complete map of accepted addresses
+resulting in a 
+.Dq 550 Invalid Recipient
+message being returned for any non existing mapping. As an
+extension to 
+.Xr aliases 5 
+everything that can be done with 
+.Xr aliases 5
+including piping to commands can also be done with virtual 
+domains. The flexibility of virtual domains means that only a 
+single accept rule within
+.Xr smtpd.conf 5 
+may match per domain.
+.Pp
 To create single virtual address, add
 .Dq u...@example.com user
 to the users map.

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Virtual domains

2015-03-14 Thread Gonzalo 
Yes, sorry the delay.

The problem was a permission in users files.

Now is working.

Thank you so much.
El mar 12, 2015 9:42 PM, "Edgar Pettijohn" 
escribió:

>
> On 03/12/15 18:37, Gonzalo wrote:
>
>   Ok, but now I have no email:
>
> debug: mda: all done for user ":vmail"
> debug: scheduler: evp:4bb1b8d779458d6b scheduled (mda)
> mda: new user 1f4c8dcc1b038c63 for ":vmail"
> debug: lka: userinfo :vmail
> lookup: lookup "vmail" as USERINFO in table getpwnam: ->
> "vmail:5001:5001:/home/vmail"
> debug: mda: new session 1f4c8dcdae55d45d for user ":vmail" evpid
> 4bb1b8d779458d6b
> debug: mda: no more envelope for ":vmail"
> debug: mda: got message fd 4 for session 1f4c8dcdae55d45d evpid
> 4bb1b8d779458d6b
> debug: mda: querying mda fd for session 1f4c8dcdae55d45d evpid
> 4bb1b8d779458d6b
> debug: smtpd: forking mda for session 1f4c8dcdae55d45d:
> "/usr/local/libexec/dovecot/dovecot-lda -f tengoandr...@gmail.com -d blo"
> as vmail
> debug: mda: got mda fd 5 for session 1f4c8dcdae55d45d evpid
> 4bb1b8d779458d6b
> debug: mda: end-of-file for session 1f4c8dcdae55d45d evpid 4bb1b8d779458d6b
> debug: mda: all data sent for session 1f4c8dcdae55d45d evpid
> 4bb1b8d779458d6b
> debug: smtpd: mda process done for session 1f4c8dcdae55d45d: exited
> abnormally
> delivery: TempFail for 4bb1b8d779458d6b: from=,
> to=, user=vmail, method=mda, delay=1m30s, stat=Error
> (exited abnormally)
> debug: mda: session 1f4c8dcdae55d45d done
> debug: mda: user "vmail" becomes runnable
> debug: mda: all done for user ":vmail"
>
>
>  usuariosv
>  @foobar.com.ar vmail
>
>  usuarios
>
> foo:$2b$06$aHet9bLmm.bkoK4A6tueb.eb0j2vivzV1pH7PrZoixwzBROTr0Gd6:5001:5001:/var/www/mail/%n
>
>
>
> 2015-03-12 19:07 GMT-03:00 Edgar Pettijohn III :
>
>> one system user will take care of it all. you could do:
>>
>>  @domain.tld user
>>
>>  and map all to one user.
>>
>>  On Mar 12, 2015, at 5:05 PM, Gonzalo wrote:
>>
>>  I mean, I don't want to create a system user per email account.
>>  El mar 12, 2015 6:55 PM, "Edgar Pettijohn III" 
>> escribiC3:
>>
>>> smtpd.conf(5)
>>> *for*B [*!*]B *domain*B *domain*B *virtual*B <*users*>This rule applies
>>> to mail destined for the specified virtual*domain*. This parameter
>>> supports the b wildcard, so that a single rule for all sub-domains can be
>>> used, for example:
>>>
>>> accept for domain "*.example.com" \
>>>virtual  deliver to mbox
>>>
>>> The tableB *users*B *holds a key-value mapping of virtual to **system*
>>> users. For an example of how to configure theB *users*B table, see
>>> makemap(8) .
>>>
>>>  Also look in makemap(8) for some more details.
>>>
>>>  For it to work you will have to have a system user to handle all of
>>> the mail.B You would have to do the same with postfix and probably other
>>> mta.
>>>
>>
>>
>
>
> --
>  Enviado desde mi tostadora de mano...
>
> Did you actually add the vmail user to the system with /usr/sbin/adduser?
>