Re: tags on the portable branch?

2019-08-24 Thread Harald Dunkel
Hi Gilles,

On 8/24/19 9:14 PM, Gilles Chehade wrote:
> 
> This is expected.
> 
> Version 6.4.x only builds with LibreSSL or OpenSSL 1.0.x
> 

do you think it would be possible to set a tag matching support
for openssl 1.1.1c as well? The version I am using right now now
is based on 772da22936c8d80f7ad3284ea7e5bdbfdbee2efb, but this
might be too experimental for production use.


Regards
Harri



Re: Service names in listen on directives

2019-08-24 Thread Martijn van Duren
On 8/24/19 9:32 PM, Darren S. wrote:
> OpenBSD 6.5 amd64
> OpenSMTPD 6.5.0
> 
> port [port]
> Listen on the given port instead of the default port 25.
> 
> I wanted to confirm if service names are intended to be supported for
> `listen on` option in smtpd.conf.
> 
> These result in syntax failure:
> 
> listen on lo port smtp
> listen on lo port smtps
> 
> These do not:
> 
> listen on lo port 25
> listen on lo port 465
> 
> This also does not:
> 
> listen on lo port submission
> 
> Found it curious that `submission` may be used in place of a port
> number but not the other service names.
> 
Thanks for the report.
This should work in the next release.

Note that you can use the quoted syntax pointed out by gilles@ now and
will remain working after upgrading to the next release.

martijn@



Re: stumped on virtual aliases

2019-08-24 Thread Gilles Chehade
On Sat, Aug 24, 2019 at 04:14:21PM +0200, Joseph A Borg wrote:
> I???m trying to match an email: nos...@domain.tld to expand to 
> webmas...@domain.tld and deliver to local mailbox.
> 
> My setup is pretty simple and works well for virtual mailboxes linked to a 
> couple of virtual domains. now I???m trying t add aliases to some accounts.
> 
> From the error, it seems like smtpd is not transforming the alias address 
> into the final address for delivery.
> Seems like I???m not understanding how smtpd transforms an recipient address 
> in an  into the actual recipient for delivery.
> 
> I must be conceptually stumped on this one.
>
> [...]
> 
> the configuration files for the domain and tables follows.
> 
>
> # file:/etc/mail/domain.tld/accounts/valiases:
> =
> > nospam webmas...@domain.tld
> ## EOF
> 
> # file:/etc/mail/domain.tld/accounts/emails
> 
> > webmas...@domain.tld::/home/domain/mail/master
> > webdus...@domain.tld::/home/domain/mail/duster
> > webbus...@domain.tld::/home/domain/mail/buster
> ## EOF
> 

Your problem lies here.

expansion resolves an e-mail address into a user-part, so ultimately
what's looked up in a userbase is the part before '@'

if you're already using a virtual account, why not do something like
this ?

valiases:
==
nospam webmaster

emails:
==
webmaster   ::/hoome/domain/mail/master


if you really want the indirection, you can even:

nospam webmas...@domain.tld
webmas...@domain.tld   webmaster



> # file:/etc/mail/domain.sub.smtpd.conf
> =
> 
> > ## =
> > ## DOMAIN CONFIGURATION:
> > ## =
> > # TABLE DECLATATIONS:
> > # ---
> > table domains   \
> > file:/etc/mail/domain.tld/domains
> > table valiases  \
> > file:/etc/mail/domain.tld/accounts/valiases
> > table e-boxes   \
> > file:/etc/mail/domain.tld/accounts/emails
> > 
> > # ACTIONS
> > # ---
> > action valiases_set \
> > expand-only \
> > virtual 
> > action deliver_virtual_set  \
> > maildir \
> > userbase 
> > 
> > # MATCHES
> > # ---
> > match from any  \
> >   for domain   \
> >   action valiases_set
> > match from any  \
> >   for domain   \
> >   action deliver_virtual_set
> > 
> > 
> 

-- 
Gilles Chehade @poolpOrg

https://www.poolp.orgpatreon: https://www.patreon.com/gilles



Re: Service names in listen on directives

2019-08-24 Thread Gilles Chehade
On Sat, Aug 24, 2019 at 10:16:26PM +0200, Martijn van Duren wrote:
> On 8/24/19 10:06 PM, Gilles Chehade wrote:
> > On Sat, Aug 24, 2019 at 12:32:05PM -0700, Darren S. wrote:
> >> OpenBSD 6.5 amd64
> >> OpenSMTPD 6.5.0
> >>
> >> port [port]
> >> Listen on the given port instead of the default port 25.
> >>
> >> I wanted to confirm if service names are intended to be supported for
> >> `listen on` option in smtpd.conf.
> >>
> >> These result in syntax failure:
> >>
> >> listen on lo port smtp
> >> listen on lo port smtps
> >>
> >> These do not:
> >>
> >> listen on lo port 25
> >> listen on lo port 465
> >>
> >> This also does not:
> >>
> >> listen on lo port submission
> >>
> >> Found it curious that `submission` may be used in place of a port
> >> number but not the other service names.
> >>
> > 
> > this is because `smtp' and `smtps` are keywords, so they must be quoted:
> > 
> > listen on lo port "smtp"
> > 
> > 
> Don't know if there's interest, but considering the port argument is
> non-optional and smtp and smtps are valid (and imho not unreasonable)
> port names I reckon we could add them explicitly so they can be used
> without quotes.
> 

You beat me to it, yes this makes sense.


> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/smtpd/parse.y,v
> retrieving revision 1.258
> diff -u -p -r1.258 parse.y
> --- parse.y   23 Aug 2019 19:05:01 -  1.258
> +++ parse.y   24 Aug 2019 20:14:40 -
> @@ -1863,6 +1863,38 @@ opt_if_listen : INET4 {
>   free($2);
>   listen_opts.port = ntohs(servent->s_port);
>   }
> + | PORT SMTP {
> + struct servent *servent;
> +
> + if (listen_opts.options & LO_PORT) {
> + yyerror("port already specified");
> + YYERROR;
> + }
> + listen_opts.options |= LO_PORT;
> +
> + servent = getservbyname("smtp", "tcp");
> + if (servent == NULL) {
> + yyerror("invalid port: smtp");
> + YYERROR;
> + }
> + listen_opts.port = ntohs(servent->s_port);
> + }
> + | PORT SMTPS{
> + struct servent *servent;
> +
> + if (listen_opts.options & LO_PORT) {
> + yyerror("port already specified");
> + YYERROR;
> + }
> + listen_opts.options |= LO_PORT;
> +
> + servent = getservbyname("smtps", "tcp");
> + if (servent == NULL) {
> + yyerror("invalid port: smtps");
> + YYERROR;
> + }
> + listen_opts.port = ntohs(servent->s_port);
> + }
>   | PORT NUMBER   {
>   if (listen_opts.options & LO_PORT) {
>   yyerror("port already specified");
> 

-- 
Gilles Chehade @poolpOrg

https://www.poolp.orgpatreon: https://www.patreon.com/gilles



Re: Service names in listen on directives

2019-08-24 Thread Gilles Chehade
On Sat, Aug 24, 2019 at 12:32:05PM -0700, Darren S. wrote:
> OpenBSD 6.5 amd64
> OpenSMTPD 6.5.0
> 
> port [port]
> Listen on the given port instead of the default port 25.
> 
> I wanted to confirm if service names are intended to be supported for
> `listen on` option in smtpd.conf.
> 
> These result in syntax failure:
> 
> listen on lo port smtp
> listen on lo port smtps
> 
> These do not:
> 
> listen on lo port 25
> listen on lo port 465
> 
> This also does not:
> 
> listen on lo port submission
> 
> Found it curious that `submission` may be used in place of a port
> number but not the other service names.
> 

this is because `smtp' and `smtps` are keywords, so they must be quoted:

listen on lo port "smtp"


-- 
Gilles Chehade @poolpOrg

https://www.poolp.orgpatreon: https://www.patreon.com/gilles



Service names in listen on directives

2019-08-24 Thread Darren S.
OpenBSD 6.5 amd64
OpenSMTPD 6.5.0

port [port]
Listen on the given port instead of the default port 25.

I wanted to confirm if service names are intended to be supported for
`listen on` option in smtpd.conf.

These result in syntax failure:

listen on lo port smtp
listen on lo port smtps

These do not:

listen on lo port 25
listen on lo port 465

This also does not:

listen on lo port submission

Found it curious that `submission` may be used in place of a port
number but not the other service names.

-- 
Darren Spruell
phatbuck...@gmail.com



Re: tags on the portable branch?

2019-08-24 Thread Gilles Chehade
On Sat, Aug 24, 2019 at 04:19:11PM +0200, Harald Dunkel wrote:
> On 8/23/19 9:55 PM, John Cox wrote:
> > Hi
> > 
> > Whilst I know it doesn't help you I just git cloned that URL and the
> > tag checkout just worked for me.  What happens if you make another new
> > (temporary) repo with clone and try again?
> > 
> > Regards
> > 
> > John Cox
> > 
> 
> Using a new clone, as suggested: The tag "opensmtpd-6.4.2p1" is available,
> but it doesn't build on Debian sid (openssl 1.1.1c). Full build.log is
> attached.
> 

This is expected.

Version 6.4.x only builds with LibreSSL or OpenSSL 1.0.x

See:

https://poolp.org/posts/2019-07-27/july-2019-report-tons-of-smtpd-work-mostly/



-- 
Gilles Chehade @poolpOrg

https://www.poolp.orgpatreon: https://www.patreon.com/gilles



Re: stumped on virtual aliases

2019-08-24 Thread Edgar Pettijohn
On Sat, Aug 24, 2019 at 06:02:55PM +0200, Joseph A Borg wrote:
> AFAIK I can do that Edgar, I???m already filtering on domain, so the domain 
> stump is not really necessary. 
> 
> this is not an urgent work situation, I???m just trying things out and spent 
> way too much time understanding this not to bother the list. If there is a 
> workaround or it???s a known issue it???s fine. Most probably I???m 
> misunderstanding things.
> 
> Correct me if I???m wrong: I???m assuming, conceptually, that once the 
> aliases in a message's [RCPT TO list] are expanded, the new addresses go 
> through the rule set again and enqueued if they match something that ends up 
> in a mailbox, forwarded. At least that???s what I remember from on elf Gilles 
> articles. If I???m imagining too much then I???ll try something else. :)
> 
> I???m trying to run smtpd -F -v -T all and not getting anything on the 
> command line.

-F logs to syslogd. If you want to see it try `smtpd -dv -T all'

Not entirely helpful, but I switched to sql tables because I couldn't figure 
out a similar situation.

Edgar

> 
> 
> regards to all on a sultry Saturday evening
> 
> 
> > On 24 Aug 2019, at 17:43, Edgar Pettijohn  wrote:
> > 
> > On Sat, Aug 24, 2019 at 04:14:21PM +0200, Joseph A Borg wrote:
> >> I???m trying to match an email: nos...@domain.tld to expand to 
> >> webmas...@domain.tld and deliver to local mailbox.
> >> 
> >> My setup is pretty simple and works well for virtual mailboxes linked to a 
> >> couple of virtual domains. now I???m trying t add aliases to some accounts.
> >> 
> >> From the error, it seems like smtpd is not transforming the alias address 
> >> into the final address for delivery.
> >> Seems like I???m not understanding how smtpd transforms an recipient 
> >> address in an  into the actual recipient for delivery.
> >> 
> >> I must be conceptually stumped on this one.
> >> 
> >> I get the following error in logs and a return mail from smtpd to sender:
> >> 
> >>> 
> >>> I'm sorry to have to inform you that your message could not
> >>> be delivered to one or more recipients.
> >>> 
> >>> 
> >>> : host mx.domain.tld[xxx.xxx.xxx.xxx] said: 550 Invalid
> >>>   recipient:  (in reply to RCPT TO command)
> >>> Reporting-MTA: dns; st43p00im-zteg10071901.me.com
> >>> X-Postfix-Queue-ID: 4E253D8138E
> >>> X-Postfix-Sender: rfc822; sen...@domain2.tld
> >>> Arrival-Date: Sat, 24 Aug 2019 10:24:30 + (UTC)
> >>> 
> >>> Final-Recipient: rfc822;nos...@domain.tld
> >>> Original-Recipient: rfc822;nos...@domain.tld
> >>> Action: failed
> >>> Status: 5.0.0
> >>> Remote-MTA: dns; mx.domain.tld
> >>> Diagnostic-Code: smtp; 550 Invalid recipient: 
> >>> 
> >>> From: 
> >>> Subject: Fwd: Undelivered Mail Returned to Sender
> >>> Date: 24 August 2019 at 12:24:27 GMT+2
> >>> To: nos...@domain.tld
> >>> 
> >> 
> >> 
> >> 
> >> the configuration files for the domain and tables follows.
> >> 
> >> 
> >> 
> >> 
> >> # file:/etc/mail/domain.tld/accounts/valiases:
> >> =
> >>> nospam webmas...@domain.tld
> >> ## EOF
> >> 
> >> # file:/etc/mail/domain.tld/accounts/emails
> >> 
> >>> webmas...@domain.tld::/home/domain/mail/master
> >>> webdus...@domain.tld::/home/domain/mail/duster
> >>> webbus...@domain.tld::/home/domain/mail/buster
> > 
> > I'm not sure this will work. I'm not sure you can map a virtual user to 
> > a single system user with multiple `homes'.
> > 
> > maybe try:
> > 
> > webmaster   ::/home/domain/mail/master
> > 
> > and see if that gets you further.
> > 
> >> ## EOF
> >> 
> >> # file:/etc/mail/domain.sub.smtpd.conf
> >> =
> >> 
> >>> ## =
> >>> ## DOMAIN CONFIGURATION:
> >>> ## =
> >>> # TABLE DECLARATIONS:
> >>> # ---
> >>> table domains   \
> >>>file:/etc/mail/domain.tld/domains
> >>> table valiases  \
> >>>file:/etc/mail/domain.tld/accounts/valiases
> >>> table e-boxes   \
> >>>file:/etc/mail/domain.tld/accounts/emails
> >>> 
> >>> # ACTIONS
> >>> # ---
> >>> action valiases_set \
> >>>expand-only \ 
> > 
> > Seems like expand-only should work with `virtual' aliases, but I'm not sure.
> > Maybe remove it and see what happens.
> > 
> >>>virtual 
> >>> action deliver_virtual_set  \
> >>>maildir \
> >>>userbase 
> >>> 
> >>> # MATCHES
> >>> # ---
> >>> match from any  \
> >>>  for domain   \
> >>>  action valiases_set
> >>> match from any  \
> >>>  for domain   \
> >>>  action deliver_virtual_set
> >>> 
> >>> 
> >> 
> > 
> > Hope this helps.
> > 
> > Edgar
> 



Re: stumped on virtual aliases

2019-08-24 Thread Joseph A Borg
AFAIK I can do that Edgar, I’m already filtering on domain, so the domain stump 
is not really necessary. 

this is not an urgent work situation, I’m just trying things out and spent way 
too much time understanding this not to bother the list. If there is a 
workaround or it’s a known issue it’s fine. Most probably I’m misunderstanding 
things.

Correct me if I’m wrong: I’m assuming, conceptually, that once the aliases in a 
message's [RCPT TO list] are expanded, the new addresses go through the rule 
set again and enqueued if they match something that ends up in a mailbox, 
forwarded. At least that’s what I remember from on elf Gilles articles. If I’m 
imagining too much then I’ll try something else. :)

I’m trying to run smtpd -F -v -T all and not getting anything on the command 
line.


regards to all on a sultry Saturday evening


> On 24 Aug 2019, at 17:43, Edgar Pettijohn  wrote:
> 
> On Sat, Aug 24, 2019 at 04:14:21PM +0200, Joseph A Borg wrote:
>> I???m trying to match an email: nos...@domain.tld to expand to 
>> webmas...@domain.tld and deliver to local mailbox.
>> 
>> My setup is pretty simple and works well for virtual mailboxes linked to a 
>> couple of virtual domains. now I???m trying t add aliases to some accounts.
>> 
>> From the error, it seems like smtpd is not transforming the alias address 
>> into the final address for delivery.
>> Seems like I???m not understanding how smtpd transforms an recipient address 
>> in an  into the actual recipient for delivery.
>> 
>> I must be conceptually stumped on this one.
>> 
>> I get the following error in logs and a return mail from smtpd to sender:
>> 
>>> 
>>> I'm sorry to have to inform you that your message could not
>>> be delivered to one or more recipients.
>>> 
>>> 
>>> : host mx.domain.tld[xxx.xxx.xxx.xxx] said: 550 Invalid
>>>   recipient:  (in reply to RCPT TO command)
>>> Reporting-MTA: dns; st43p00im-zteg10071901.me.com
>>> X-Postfix-Queue-ID: 4E253D8138E
>>> X-Postfix-Sender: rfc822; sen...@domain2.tld
>>> Arrival-Date: Sat, 24 Aug 2019 10:24:30 + (UTC)
>>> 
>>> Final-Recipient: rfc822;nos...@domain.tld
>>> Original-Recipient: rfc822;nos...@domain.tld
>>> Action: failed
>>> Status: 5.0.0
>>> Remote-MTA: dns; mx.domain.tld
>>> Diagnostic-Code: smtp; 550 Invalid recipient: 
>>> 
>>> From: 
>>> Subject: Fwd: Undelivered Mail Returned to Sender
>>> Date: 24 August 2019 at 12:24:27 GMT+2
>>> To: nos...@domain.tld
>>> 
>> 
>> 
>> 
>> the configuration files for the domain and tables follows.
>> 
>> 
>> 
>> 
>> # file:/etc/mail/domain.tld/accounts/valiases:
>> =
>>> nospam webmas...@domain.tld
>> ## EOF
>> 
>> # file:/etc/mail/domain.tld/accounts/emails
>> 
>>> webmas...@domain.tld::/home/domain/mail/master
>>> webdus...@domain.tld::/home/domain/mail/duster
>>> webbus...@domain.tld::/home/domain/mail/buster
> 
> I'm not sure this will work. I'm not sure you can map a virtual user to 
> a single system user with multiple `homes'.
> 
> maybe try:
> 
> webmaster ::/home/domain/mail/master
> 
> and see if that gets you further.
> 
>> ## EOF
>> 
>> # file:/etc/mail/domain.sub.smtpd.conf
>> =
>> 
>>> ## =
>>> ## DOMAIN CONFIGURATION:
>>> ## =
>>> # TABLE DECLARATIONS:
>>> # ---
>>> table domains   \
>>>file:/etc/mail/domain.tld/domains
>>> table valiases  \
>>>file:/etc/mail/domain.tld/accounts/valiases
>>> table e-boxes   \
>>>file:/etc/mail/domain.tld/accounts/emails
>>> 
>>> # ACTIONS
>>> # ---
>>> action valiases_set \
>>>expand-only \ 
> 
> Seems like expand-only should work with `virtual' aliases, but I'm not sure.
> Maybe remove it and see what happens.
> 
>>>virtual 
>>> action deliver_virtual_set  \
>>>maildir \
>>>userbase 
>>> 
>>> # MATCHES
>>> # ---
>>> match from any  \
>>>  for domain   \
>>>  action valiases_set
>>> match from any  \
>>>  for domain   \
>>>  action deliver_virtual_set
>>> 
>>> 
>> 
> 
> Hope this helps.
> 
> Edgar




Re: stumped on virtual aliases

2019-08-24 Thread Edgar Pettijohn
On Sat, Aug 24, 2019 at 04:14:21PM +0200, Joseph A Borg wrote:
> I???m trying to match an email: nos...@domain.tld to expand to 
> webmas...@domain.tld and deliver to local mailbox.
> 
> My setup is pretty simple and works well for virtual mailboxes linked to a 
> couple of virtual domains. now I???m trying t add aliases to some accounts.
> 
> From the error, it seems like smtpd is not transforming the alias address 
> into the final address for delivery.
> Seems like I???m not understanding how smtpd transforms an recipient address 
> in an  into the actual recipient for delivery.
> 
> I must be conceptually stumped on this one.
> 
> I get the following error in logs and a return mail from smtpd to sender:
> 
> > 
> > I'm sorry to have to inform you that your message could not
> > be delivered to one or more recipients.
> > 
> > 
> > : host mx.domain.tld[xxx.xxx.xxx.xxx] said: 550 Invalid
> >recipient:  (in reply to RCPT TO command)
> > Reporting-MTA: dns; st43p00im-zteg10071901.me.com
> > X-Postfix-Queue-ID: 4E253D8138E
> > X-Postfix-Sender: rfc822; sen...@domain2.tld
> > Arrival-Date: Sat, 24 Aug 2019 10:24:30 + (UTC)
> > 
> > Final-Recipient: rfc822;nos...@domain.tld
> > Original-Recipient: rfc822;nos...@domain.tld
> > Action: failed
> > Status: 5.0.0
> > Remote-MTA: dns; mx.domain.tld
> > Diagnostic-Code: smtp; 550 Invalid recipient: 
> > 
> > From: 
> > Subject: Fwd: Undelivered Mail Returned to Sender
> > Date: 24 August 2019 at 12:24:27 GMT+2
> > To: nos...@domain.tld
> > 
> 
> 
> 
> the configuration files for the domain and tables follows.
> 
> 
> 
> 
> # file:/etc/mail/domain.tld/accounts/valiases:
> =
> > nospam webmas...@domain.tld
> ## EOF
> 
> # file:/etc/mail/domain.tld/accounts/emails
> 
> > webmas...@domain.tld::/home/domain/mail/master
> > webdus...@domain.tld::/home/domain/mail/duster
> > webbus...@domain.tld::/home/domain/mail/buster

I'm not sure this will work. I'm not sure you can map a virtual user to 
a single system user with multiple `homes'.

maybe try:

webmaster   ::/home/domain/mail/master

and see if that gets you further.

> ## EOF
> 
> # file:/etc/mail/domain.sub.smtpd.conf
> =
> 
> > ## =
> > ## DOMAIN CONFIGURATION:
> > ## =
> > # TABLE DECLARATIONS:
> > # ---
> > table domains   \
> > file:/etc/mail/domain.tld/domains
> > table valiases  \
> > file:/etc/mail/domain.tld/accounts/valiases
> > table e-boxes   \
> > file:/etc/mail/domain.tld/accounts/emails
> > 
> > # ACTIONS
> > # ---
> > action valiases_set \
> > expand-only \ 

Seems like expand-only should work with `virtual' aliases, but I'm not sure.
Maybe remove it and see what happens.

> > virtual 
> > action deliver_virtual_set  \
> > maildir \
> > userbase 
> > 
> > # MATCHES
> > # ---
> > match from any  \
> >   for domain   \
> >   action valiases_set
> > match from any  \
> >   for domain   \
> >   action deliver_virtual_set
> > 
> > 
> 

Hope this helps.

Edgar



Re: tags on the portable branch?

2019-08-24 Thread Harald Dunkel
On 8/23/19 9:55 PM, John Cox wrote:
> Hi
> 
> Whilst I know it doesn't help you I just git cloned that URL and the
> tag checkout just worked for me.  What happens if you make another new
> (temporary) repo with clone and try again?
> 
> Regards
> 
> John Cox
> 

Using a new clone, as suggested: The tag "opensmtpd-6.4.2p1" is available,
but it doesn't build on Debian sid (openssl 1.1.1c). Full build.log is
attached.

:
:
gcc -DHAVE_CONFIG_H -I. -I../..  -I../../smtpd -I../../openbsd-compat 
-I../../openbsd-compat/err_h -I../../openbsd-compat/paths_h -I. -I/usr/include  
-DSMTPD_CONFDIR=\"/usr/local/etc\" -DPATH_CHROOT=\"/var/empty\" 
-DPATH_SMTPCTL=\"/usr/local/sbin/smtpctl\"
-DPATH_MAILLOCAL=\"/usr/local/libexec/opensmtpd/mail.local\" 
-DPATH_LIBEXEC=\"/usr/local/libexec/opensmtpd\" -DHAVE_CONFIG_H -DIO_SSL 
-DCA_FILE=\"/etc/ssl/cert.pem\" -g -O2  -fPIC -DPIC -Wall -Wpointer-arith 
-Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess
-Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -fno-builtin-memset 
-D_BSD_SOURCE -D_DEFAULT_SOURCE  -D_GNU_SOURCE -DNEED_EVENT_ASR_RUN -c -o 
../../smtpd/smtpd-ca.o `test -f '../../smtpd/ca.c' || echo './'`../../smtpd/ca.c
../../smtpd/ca.c: In function 'ca_X509_verify':
../../smtpd/ca.c:204:47: error: dereferencing pointer to incomplete type 
'X509_STORE_CTX' {aka 'struct x509_store_ctx_s'}
  204 |*errstr = X509_verify_cert_error_string(xsc->error);
  |   ^~
../../smtpd/ca.c: At top level:
../../smtpd/ca.c:307:1: error: variable 'rsae_method' has initializer but 
incomplete type
  307 | static RSA_METHOD rsae_method = {
  | ^~
../../smtpd/ca.c:308:2: warning: excess elements in struct initializer
  308 |  "RSA privsep engine",
  |  ^~~~
../../smtpd/ca.c:308:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:309:2: warning: excess elements in struct initializer
  309 |  rsae_pub_enc,
  |  ^~~~
../../smtpd/ca.c:309:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:310:2: warning: excess elements in struct initializer
  310 |  rsae_pub_dec,
  |  ^~~~
../../smtpd/ca.c:310:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:311:2: warning: excess elements in struct initializer
  311 |  rsae_priv_enc,
  |  ^
../../smtpd/ca.c:311:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:312:2: warning: excess elements in struct initializer
  312 |  rsae_priv_dec,
  |  ^
../../smtpd/ca.c:312:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:313:2: warning: excess elements in struct initializer
  313 |  rsae_mod_exp,
  |  ^~~~
../../smtpd/ca.c:313:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:314:2: warning: excess elements in struct initializer
  314 |  rsae_bn_mod_exp,
  |  ^~~
../../smtpd/ca.c:314:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:315:2: warning: excess elements in struct initializer
  315 |  rsae_init,
  |  ^
../../smtpd/ca.c:315:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:316:2: warning: excess elements in struct initializer
  316 |  rsae_finish,
  |  ^~~
../../smtpd/ca.c:316:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:317:2: warning: excess elements in struct initializer
  317 |  0,
  |  ^
../../smtpd/ca.c:317:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:318:2: warning: excess elements in struct initializer
  318 |  NULL,
  |  ^~~~
../../smtpd/ca.c:318:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:319:2: warning: excess elements in struct initializer
  319 |  NULL,
  |  ^~~~
../../smtpd/ca.c:319:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:320:2: warning: excess elements in struct initializer
  320 |  NULL,
  |  ^~~~
../../smtpd/ca.c:320:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c:321:2: warning: excess elements in struct initializer
  321 |  rsae_keygen
  |  ^~~
../../smtpd/ca.c:321:2: note: (near initialization for 'rsae_method')
../../smtpd/ca.c: In function 'rsae_pub_enc':
../../smtpd/ca.c:407:21: error: dereferencing pointer to incomplete type 
'RSA_METHOD' {aka 'const struct rsa_meth_st'}
  407 |  return (rsa_default->rsa_pub_enc(flen, from, to, rsa, padding));
  | ^~
../../smtpd/ca.c: In function 'ca_engine_init':
../../smtpd/ca.c:493:38: error: invalid use of incomplete typedef 'RSA_METHOD' 
{aka 'struct rsa_meth_st'}
  493 |   if (!ENGINE_set_name(e, rsae_method.name)) {
  |  ^
../../smtpd/ca.c:511:27: error: 'RSA_FLAG_SIGN_VER' undeclared (first use in 
this function)
  511 |  if (rsa_default->flags & RSA_FLAG_SIGN_VER)
  |   ^
../../smtpd/ca.c:511:27: note: each 

stumped on virtual aliases

2019-08-24 Thread Joseph A Borg
I’m trying to match an email: nos...@domain.tld to expand to 
webmas...@domain.tld and deliver to local mailbox.

My setup is pretty simple and works well for virtual mailboxes linked to a 
couple of virtual domains. now I’m trying t add aliases to some accounts.

From the error, it seems like smtpd is not transforming the alias address into 
the final address for delivery.
Seems like I’m not understanding how smtpd transforms an recipient address in 
an  into the actual recipient for delivery.

I must be conceptually stumped on this one.

I get the following error in logs and a return mail from smtpd to sender:

> 
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients.
> 
> 
> : host mx.domain.tld[xxx.xxx.xxx.xxx] said: 550 Invalid
>recipient:  (in reply to RCPT TO command)
> Reporting-MTA: dns; st43p00im-zteg10071901.me.com
> X-Postfix-Queue-ID: 4E253D8138E
> X-Postfix-Sender: rfc822; sen...@domain2.tld
> Arrival-Date: Sat, 24 Aug 2019 10:24:30 + (UTC)
> 
> Final-Recipient: rfc822;nos...@domain.tld
> Original-Recipient: rfc822;nos...@domain.tld
> Action: failed
> Status: 5.0.0
> Remote-MTA: dns; mx.domain.tld
> Diagnostic-Code: smtp; 550 Invalid recipient: 
> 
> From: 
> Subject: Fwd: Undelivered Mail Returned to Sender
> Date: 24 August 2019 at 12:24:27 GMT+2
> To: nos...@domain.tld
> 



the configuration files for the domain and tables follows.




# file:/etc/mail/domain.tld/accounts/valiases:
=
> nospam webmas...@domain.tld
## EOF

# file:/etc/mail/domain.tld/accounts/emails

> webmas...@domain.tld::/home/domain/mail/master
> webdus...@domain.tld::/home/domain/mail/duster
> webbus...@domain.tld::/home/domain/mail/buster
## EOF

# file:/etc/mail/domain.sub.smtpd.conf
=

> ## =
> ## DOMAIN CONFIGURATION:
> ## =
> # TABLE DECLATATIONS:
> # ---
> table domains   \
> file:/etc/mail/domain.tld/domains
> table valiases  \
> file:/etc/mail/domain.tld/accounts/valiases
> table e-boxes   \
> file:/etc/mail/domain.tld/accounts/emails
> 
> # ACTIONS
> # ---
> action valiases_set \
> expand-only \
> virtual 
> action deliver_virtual_set  \
> maildir \
> userbase 
> 
> # MATCHES
> # ---
> match from any  \
>   for domain   \
>   action valiases_set
> match from any  \
>   for domain   \
>   action deliver_virtual_set
> 
> 



Re: table api question

2019-08-24 Thread Edgar Pettijohn
On Sat, Aug 24, 2019 at 08:19:00AM +, gil...@poolp.org wrote:
> 24 ao??t 2019 02:59 "Edgar Pettijohn"  a ??crit:
> 
> > I am writing a table-lua, however the table_lua_update function doesn't 
> > appear to be called.
> > Here are relevant pieces of the code.
> > 
> > The lookup function works. However, it would be more ideal to have the 
> > update() called early
> > to fill in the tables for the other functions. As is the lookup() has to do 
> > the work of both.
> > 
> > Any help is appreciated.
> > 
> 
> update is called when you issue an `smtpctl table update ` command.

Makes sense. However, the smtpctl manual says its for tables using the "file" 
backend.

> 
> On a side note, I had this discussion with someone a few days ago but can't 
> remember
> who, so if it was you and you already know, disregard:
>
> I have a plan for the next two releases to switch the implementation of 
> tables to an
> API similar to that of filters, so we can have tables become scripts that 
> read lines
> from stdin, write answers to stdout, be written in any language, etc..
> 

Not me but sounds interesting.
 
> Not discouraging you from writing something using the current API, it is not 
> so much
> work anyways, but just letting you know that in a relatively short term your 
> code is
> going to need a rewrite.

I was using table-passwd as a bit of a go by. Armed with this new knowledge. I 
see that 
table_passwd_update is called from main.  I think that is what I need to do.

Thanks,

Edgar



Re: table api question

2019-08-24 Thread gilles
24 août 2019 02:59 "Edgar Pettijohn"  a écrit:

> I am writing a table-lua, however the table_lua_update function doesn't 
> appear to be called.
> Here are relevant pieces of the code.
> 
> The lookup function works. However, it would be more ideal to have the 
> update() called early
> to fill in the tables for the other functions. As is the lookup() has to do 
> the work of both.
> 
> Any help is appreciated.
> 

update is called when you issue an `smtpctl table update ` command.

On a side note, I had this discussion with someone a few days ago but can't 
remember
who, so if it was you and you already know, disregard:

I have a plan for the next two releases to switch the implementation of tables 
to an
API similar to that of filters, so we can have tables become scripts that read 
lines
from stdin, write answers to stdout, be written in any language, etc..

Not discouraging you from writing something using the current API, it is not so 
much
work anyways, but just letting you know that in a relatively short term your 
code is
going to need a rewrite.