date:20181101

Re: Syntax Check Please

2018-11-01 Thread Bruno Pagani

Le 01/11/2018 à 10:19, Antonino Sidoti a écrit :
> Hi,
>
> I am planning the changeover to the new OpenSMTPD syntax and would like a 
> sanity check on the configuration below please? My current (working) 
> configuration is shown using the syntax for OpenBSD 6.3 plus my version of 
> new syntax;
>
> #
> # OpenSMTPD v6.04 config
> #
>
> pki mail.stonyrange.com certificate "/etc/ssl/stonyrange.com.fullchain.pem"
> pki mail.stonyrange.com key "/etc/ssl/private/stonyrange.com.key"
>
> table aliases file:/etc/mail/aliases
> table vdomains file:/etc/mail/vdomains
> table vusers file:/etc/mail/vusers
> table passwd passwd:/etc/mail/passwd
>
> table blackhole { "@tiscali.it" }
>
> listen on lo0
> listen on lo0 port 10028 tag DKIM_OUT
> listen on egress port smtp tls pki mail.stonyrange.com auth-optional 
> listen on egress port submission tls-require pki mail.stonyrange.com auth 
> 
>
> reject from any sender  for any
>
> accept from local for local alias  deliver to lmtp 
> "/var/dovecot/lmtp" rcpt-to
> accept from any for domain  virtual  deliver to lmtp 
> "/var/dovecot/lmtp" rcpt-to
> accept tagged DKIM_OUT for any relay
> accept from local for any relay via smtp://127.0.0.1:10027
>
> #
> # OpenSMTPD v6.4 config - *** NEW SYNTAX ***
> #
>
> pki mail.stonyrange.com cert "/etc/ssl/stonyrange.com.fullchain.pem"
> pki mail.stonyrange.com key "/etc/ssl/private/stonyrange.com.key"
>
> table aliases file:/etc/mail/aliases
> table vdomains file:/etc/mail/vdomains
> table vusers file:/etc/mail/vusers
> table passwd file:/etc/mail/passwd
>
> table blackhole { "@tiscali.it" }
>
> listen on lo0
> listen on lo0 port 10028 tag DKIM_OUT
> listen on egress port smtp tls pki mail.stonyrange.com auth-optional
> listen on egress port submission tls-require pki mail.stonyrange.com auth 
> 
>
> action a01 alias  lmtp "/var/dovecot/lmtp" rcpt-to
> action a02 virtual  lmtp "/var/dovecot/lmtp" rcpt-to
> action a03 relay host smtp://127.0.0.1:10027
>
> match from any mail-from  for any reject
>
> match from local for local action a01
> match from any for domain  action a02
> match tag DKIM_OUT for any action a03

Hum, I think you are having an issue here. If I read things correctly,
you would send to DKIM proxy mails coming from… DKIM proxy. Which are
none, since you never send any other mail to DKIM, so… And this goes
with the fact you are never relaying outside. ;)

Regards,
Bruno




signature.asc
Description: OpenPGP digital signature

Syntax Check Please

2018-11-01 Thread Antonino Sidoti

Hi,

I am planning the changeover to the new OpenSMTPD syntax and would like a 
sanity check on the configuration below please? My current (working) 
configuration is shown using the syntax for OpenBSD 6.3 plus my version of new 
syntax;

#
# OpenSMTPD v6.04 config
#

pki mail.stonyrange.com certificate "/etc/ssl/stonyrange.com.fullchain.pem"
pki mail.stonyrange.com key "/etc/ssl/private/stonyrange.com.key"

table aliases file:/etc/mail/aliases
table vdomains file:/etc/mail/vdomains
table vusers file:/etc/mail/vusers
table passwd passwd:/etc/mail/passwd

table blackhole { "@tiscali.it" }

listen on lo0
listen on lo0 port 10028 tag DKIM_OUT
listen on egress port smtp tls pki mail.stonyrange.com auth-optional 
listen on egress port submission tls-require pki mail.stonyrange.com auth 


reject from any sender  for any

accept from local for local alias  deliver to lmtp "/var/dovecot/lmtp" 
rcpt-to
accept from any for domain  virtual  deliver to lmtp 
"/var/dovecot/lmtp" rcpt-to
accept tagged DKIM_OUT for any relay
accept from local for any relay via smtp://127.0.0.1:10027

#
# OpenSMTPD v6.4 config - *** NEW SYNTAX ***
#

pki mail.stonyrange.com cert "/etc/ssl/stonyrange.com.fullchain.pem"
pki mail.stonyrange.com key "/etc/ssl/private/stonyrange.com.key"

table aliases file:/etc/mail/aliases
table vdomains file:/etc/mail/vdomains
table vusers file:/etc/mail/vusers
table passwd file:/etc/mail/passwd

table blackhole { "@tiscali.it" }

listen on lo0
listen on lo0 port 10028 tag DKIM_OUT
listen on egress port smtp tls pki mail.stonyrange.com auth-optional
listen on egress port submission tls-require pki mail.stonyrange.com auth 


action a01 alias  lmtp "/var/dovecot/lmtp" rcpt-to
action a02 virtual  lmtp "/var/dovecot/lmtp" rcpt-to
action a03 relay host smtp://127.0.0.1:10027

match from any mail-from  for any reject

match from local for local action a01
match from any for domain  action a02
match tag DKIM_OUT for any action a03

Many thanks

Nino


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Syntax Check Please

Syntax Check Please

2 matches

Site Navigation

Mail list logo

Footer information