Re: "bouncing messages from ..." (was: request (privately) for maillog)

2020-02-25 Thread gilles
February 26, 2020 8:30 AM, gil...@poolp.org wrote:

> February 24, 2020 9:08 PM, gil...@poolp.org wrote:
> 
>> February 24, 2020 6:54 PM, ml+opensmtpd_m...@esmtp.org wrote:
>> 
>>> On Mon, Feb 24, 2020, Peter J. Philipp wrote:
>> 
>> I got another "bouncing messages from misc@opensmtpd.org" message. The
>>> Me too... and it's the second time I cannot find any error log
>>> about such a failed delivery (I asked for more info the previous
>>> time it happened but so far nobody replied) so together with this
>>> report it seems the problem might be on the server side?
>> 
>> I'm investigating but I suspect it is an issue with mlmmj,
>> I get the same bounces ... and I'm local.
> 
> I can confirm it is an issue with mlmmj, there's no failed SMTP attempt
> for any of you who reported getting this message.
> 

found out.

upon restart of the MX @ opensmtpd.org, the list goes through greylisting
and the first session gets bounced once. I sometimes restart several time
to test diffs which explains why at times people get more of these, and I
obviously did a restart when the errata was published.

I changed the config so it doesn't go through greylisting again.



Re: "bouncing messages from ..." (was: request (privately) for maillog)

2020-02-25 Thread gilles
February 24, 2020 9:08 PM, gil...@poolp.org wrote:

> February 24, 2020 6:54 PM, ml+opensmtpd_m...@esmtp.org wrote:
> 
>> On Mon, Feb 24, 2020, Peter J. Philipp wrote:
>> 
>>> I got another "bouncing messages from misc@opensmtpd.org" message. The
>> 
>> Me too... and it's the second time I cannot find any error log
>> about such a failed delivery (I asked for more info the previous
>> time it happened but so far nobody replied) so together with this
>> report it seems the problem might be on the server side?
> 
> I'm investigating but I suspect it is an issue with mlmmj,
> I get the same bounces ... and I'm local.
> 

I can confirm it is an issue with mlmmj, there's no failed SMTP attempt
for any of you who reported getting this message.

Gilles



perl filter/report module

2020-02-25 Thread Edgar Pettijohn
I wrote a simple perl module for easing the writing of filter/reports 
for OpenSMTPD. It isn't 100% complete, but its usable.


http://www.pettijohn-web.com/OpenSMTPD-Report-0.01.tar.gz


Edgar





Re: OpenSMTPD 6.6.4p1 released: addresses CRITICAL vulnerability

2020-02-25 Thread Denis Fateyev
Oh, I see. They added an amendment to the end.

Last-minute note: on February 9, 2020, opensmtpd-6.6.2p1-1.fc31 was
released and correctly made smtpctl set-group-ID smtpq, instead of
set-group-ID root.

Rather strange that they haven't managed to update packages for two
weeks before checking anything.


On Wed, Feb 26, 2020 at 3:56 AM Denis Fateyev  wrote:

> Beside the real vulnerability, what is interesting that Qualys used an
> outdated Fedora package to prepare the report:
>
> On Linux, this vulnerability is generally not exploitable because
> /proc/sys/fs/protected_hardlinks prevents attackers from creating
> hardlinks to files they do not own. On Fedora 31, however, smtpctl is
> set-group-ID root, not set-group-ID smtpq:
>
> --
> -r-xr-sr-x. 1 root root 303368 Jul 26  2019 /usr/sbin/smtpctl
> --
>
>
> The latest package (6.6.2, pushed to stable on Feb 09) contains a
> different file:
>
> # ls -la /usr/sbin/smtpctl
> -r-xr-sr-x 1 root smtpq 333288 Jan 31 18:43 /usr/sbin/smtpctl
>
> That version that they tested was way back from 2019.
>
> I think I need to inform them separately, but just FYI.
>
>

-- 
wbr, Denis.


Re: OpenSMTPD 6.6.4p1 released: addresses CRITICAL vulnerability

2020-02-25 Thread Denis Fateyev
Beside the real vulnerability, what is interesting that Qualys used an
outdated Fedora package to prepare the report:

On Linux, this vulnerability is generally not exploitable because
/proc/sys/fs/protected_hardlinks prevents attackers from creating
hardlinks to files they do not own. On Fedora 31, however, smtpctl is
set-group-ID root, not set-group-ID smtpq:

--
-r-xr-sr-x. 1 root root 303368 Jul 26  2019 /usr/sbin/smtpctl
--


The latest package (6.6.2, pushed to stable on Feb 09) contains a different
file:

# ls -la /usr/sbin/smtpctl
-r-xr-sr-x 1 root smtpq 333288 Jan 31 18:43 /usr/sbin/smtpctl

That version that they tested was way back from 2019.

I think I need to inform them separately, but just FYI.


Re: request (privately) for maillog

2020-02-25 Thread Craig Skinner
On Mon, 24 Feb 2020 18:41:19 +0100 "Peter J. Philipp" wrote:
> I got another "bouncing messages from misc@opensmtpd.org" message. The
> particular message was 4669 that bounced. Yet I have no record of this in
> my maillog,...

Same here.

Cheers,
-- 
Craig Skinner | http://linkd.in/yGqkv7