match rule seems to be failing in -current

[Mischa]

Hi All,

I am currently running OpenSMTPD on OpenBSD 6.4 GENERIC#588

What I am trying to achieve is the following.  As soon as email is
send from a webserver with a specific sender I allow relay through
opensmtpd.  When it's coming from that same webserver without the
approved sender it's rejected.

This was all running fine before the syntax change but I haven't been
able to get this working with the next syntax.

The IP address of the webserver is in: www-relays
The approved sender is in: www-sender

### smtpd.conf
pki mx1.domain1.nl cert "/etc/ssl/mx1.domain1.nl.fullchain.pem"
pki mx1.domain1.nl key "/etc/ssl/private/mx1.domain1.nl.key"

table names file:/etc/mail/hostnames
table aliases file:/etc/mail/aliases
table www-relays file:/etc/mail/www-relays
table www-senders file:/etc/mail/www-senders
table relay-domains file:/etc/mail/relay-domains
table reject-email file:/etc/mail/reject-email

table domains sqlite:/etc/mail/sqlite.conf
table virtuals sqlite:/etc/mail/sqlite.conf
table credentials sqlite:/etc/mail/sqlite.conf

filter check-fcrdns builtin connect fcrdns disconnect "550 fc-rDNS"

listen on mx1.domain1.nl port 25 tls pki mx1.domain1.nl hostnames <names> 
filter check-fcrdns

action "local" mbox alias <aliases>
action "maildir" maildir "/var/mail/virtual/%{dest:lowercase}/" virtual 
<virtuals>
action "relay" relay
action "smartrelay" relay host smtp://mail.domain1.nl

match from any rcpt-to <reject-email> for any reject
match from src <www-relays> !mail-from <www-senders> for any reject
match from src <www-relays> mail-from <www-senders> action "relay"
match from any for domain <relay-domains> action "smartrelay"
match from any for domain <domains> action "maildir"
match from local action "smartrelay"
match for any action "relay"
###

# cat www-relays 
46.23.xx.yy

# cat www-senders 
w...@www.domain2.nl

As soon as an email is send from one of the www-relays with the
sender that is in www-senders I am getting the following error on
the sending mail server (FreeBSD w/ dma):

Jan 18 15:56:12 www dma[2eb801]: new mail from user=www uid=80 
envelope_from=<w...@www.domain2.nl>
Jan 18 15:56:12 www dma[2eb801]: mail to=<user.n...@domain2.nl> queued as 
2eb801.801a2d0a0
Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying delivery
Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: using smarthost (mx1.domain1.nl:25)
Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying remote delivery to 
mx1.domain1.nl [46.23.xx.zz] pref 0
Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: remote delivery to mx1.domain1.nl 
[46.23.xx.zz] failed after RCPT TO: 550 Invalid recipient
Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: delivery failed, bouncing as 2eb803


OpenSMTPD is saying (grep "00a1b263550db3c7" /var/log/maillog):

Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected 
address=46.23.xx.yy host=46-23-xx-yy.domain1.nl
Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command 
command="RCPT TO:<user.n...@domain2.nl>" result="550 Invalid recipient"
Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp disconnected 
reason=disconnect

Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected 
address=46.23.xx.xx host=www.domain2.nl
Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command 
command="RCPT TO:<i...@domain2.nl>" result="550 Invalid recipient"


Anybody have an idea?

Mischa


-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org