Re: 550 invalid recipient issue

2019-03-18 Thread Gabriele Tofano
On Mar 18, 2019, at 9:14 AM, Pete  wrote:
> 
> Hi,
> 
> shouldn't that read more like
>> user1:password::userdb_quota_rule=*:storage=1G
> without the domain part in the passwd file?
> 
>> 
>> My passwd file where the user mail address are is:
> 
>> us...@server.com:password::userdb_quota_rule=*:storage=1G
>> us...@server.com:password::
> 
> 
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

Hi Pete,

The passwd file is used to authenticate users for outbound mail deliveries and 
not for processing inbounds. Passwd file is currently working correctly as 
users are able to authenticate and send emails to external recipients.
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-18 Thread Gabriele Tofano
On Mar 16, 2019, at 6:09 PM, Thomas Bohl  wrote:
> 
>> Both files are looking good/same as before and local delivery with sendmail 
>> does not work:
>> ga...@server.com... Connecting to [127.0.0.1] via relay...
>> 220 mail.server.com ESMTP OpenSMTPD
> EHLO mail.server.com
>> 250-mail.server.com Hello mail.server.com [127.0.0.1], pleased to meet you
>> 250-8BITMIME
>> 250-ENHANCEDSTATUSCODES
>> 250-SIZE 36700160
>> 250-DSN
>> 250 HELP
> MAIL From: SIZE=108
>> 250 2.0.0: Ok
> RCPT To:
>> 550 Invalid recipient
> 
> Hm... You said it stopped working after you restarted smtpd.
> Maybe it runs of a wrong config file?
> 
> I once accidentally typed "smtpd" in the middle of changing the 
> configuration. Which started a daemonized smtpd with an unfinished config. No 
> matter how often I changed the smtpd.conf and typed "rcctl restart smtpd" the 
> wrong config persisted :-) It toke me about two hours until I realised smtpd 
> was still running after "rcctl stop smtpd".
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

The configuration loaded is correct as I see the daemon is loading the correct 
certificates and stuff if launched with smtpd -dv -T smtp. I am very shocked as 
I am not able to figure out what happened. I never changed any config file 
since December and I have installed this environment at least 3 times in my lab 
and was always working. I have forced the daemon to load my config file with -f 
and the issue persist.

Thank you
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-18 Thread Gabriele Tofano


> On Mar 18, 2019, at 8:06 PM, Thomas Bohl  
> wrote:
> 
>> The configuration loaded is correct as I see the daemon is loading the 
>> correct certificates and stuff if launched with smtpd -dv -T smtp. I am very 
>> shocked as I am not able to figure out what happened. I never changed any 
>> config file since December and I have installed this environment at least 3 
>> times in my lab and was always working. I have forced the daemon to load my 
>> config file with -f and the issue persist.
> 
> At this point I would recreate /usr/local/etc/mail/domains and 
> /usr/local/etc/mail/virtuals. Rename the old files.
> Start by retyping (no clipboard) one line per file.
> 
> Reload them via
> # smtpctl update table domains
> # smtpctl update table virtuals
> 
> 
> You could also test a "catchall"
> @ user1
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

I did what suggested but still providing the message "550 Invalid recipient”. I 
am very bummed since I do not understand what could have changed in terms of 
config files. They look the same as the originals that I use to setup new 
servers.

There is any way to check what is loaded from the config file?

Thank you
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-18 Thread Gabriele Tofano


> On Mar 18, 2019, at 9:56 PM, Gabriele Tofano  
> wrote:
> 
> 
>> On Mar 18, 2019, at 8:06 PM, Thomas Bohl  
>> wrote:
>> 
>>> The configuration loaded is correct as I see the daemon is loading the 
>>> correct certificates and stuff if launched with smtpd -dv -T smtp. I am 
>>> very shocked as I am not able to figure out what happened. I never changed 
>>> any config file since December and I have installed this environment at 
>>> least 3 times in my lab and was always working. I have forced the daemon to 
>>> load my config file with -f and the issue persist.
>> 
>> At this point I would recreate /usr/local/etc/mail/domains and 
>> /usr/local/etc/mail/virtuals. Rename the old files.
>> Start by retyping (no clipboard) one line per file.
>> 
>> Reload them via
>> # smtpctl update table domains
>> # smtpctl update table virtuals
>> 
>> 
>> You could also test a "catchall"
>> @user1
>> 
>> -- 
>> You received this mail because you are subscribed to misc@opensmtpd.org
>> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>> 
> 
> I did what suggested but still providing the message "550 Invalid recipient”. 
> I am very bummed since I do not understand what could have changed in terms 
> of config files. They look the same as the originals that I use to setup new 
> servers.
> 
> There is any way to check what is loaded from the config file?
> 
> Thank you
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

I discovered the below after running a smtpd -dv -Tlookup:

lookup: check "17.58.63.178" as NETADDR in table static: -> 0
lookup: check "17.58.63.178" as NETADDR in table static: -> found
lookup: check “domain.com" as DOMAIN in table static: -> found
lookup: lookup “user1" as USERINFO in table getpwnam: -> 0

Why osmtpd is looking for user1 in table getpwnam? What table is that?
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-19 Thread Gabriele Tofano
On Mar 19, 2019, at 12:16 AM, Thomas Bohl  wrote:
> 
>>> Which leads to the question: Does user1 exist?
>>> 
>> But I do not understand why osmtpd is looking at the /etc/passwd file when I 
>> have always used my table files (defined in smtp.conf) with a working 
>> environment, 
> 
> My understanding is, according to the configuration you presented, that it 
> has to lookup /etc/passwd. (I'm only unsure about the role of rcpt-to in 
> this.)
> 
> https://man.openbsd.org/OpenBSD-6.3/table#Aliasing_tables
> "Aliasing tables are mappings that associate a recipient to one or many 
> destinations.
> ...
> accept for domain example.org virtual  deliver to mbox
> ...
> In a virtual domain context, the key is either a user part, a full email 
> address or a catch all ... and the value is one or many recipients as 
> described in aliases(5):"
> 
> https://man.openbsd.org/OpenBSD-6.3/aliases.5
> "...The file consists of key/value mappings of the form:
> 
> key: value1, value2, value3, ...
> ...The key is expanded to the corresponding values, which consist of one or 
> more of the following:
> 
> user
> A user on the host machine. The user must have a valid entry in the passwd(5) 
> database file. ..."
> 
> 
> > and user1 has never been a system user.
> 
> What is user1 then? A virtual Dovecot user?

User1 is listed in the /usr/local/etc/mail/passwd file for smtpd authentication 
and in /usr/local/etc/mail/aliases and /usr/local/etc/mail/virtuals for local 
user mapping and standard mailbox redirect.

Dovecot is looking at /usr/local/etc/mail/passwd for its virtual users.

I never had user1 and user2 as a system users and smtpd has always worked 
correctly on my production and lab servers.

> Can you maybe post your virtuals?

Here my /usr/local/etc/mail/virtuals:

ab...@domain.comus...@domain.com
postmas...@domain.com   us...@domain.com
webmas...@domain.comus...@domain.com


And here my /usr/local/etc/aliases:

vmail:  /dev/null

root:   user1
user1:  us...@domain.com

> 
> You could experiment with the "as user" parameter.
> https://man.openbsd.org/OpenBSD-6.3/smtpd.conf.5#deliver_to_lmtp
> 
> P.S.
> Like in your first message you again wrote "smtp.conf". I'm sure you meant 
> "smtpd.conf", right?

That was an autocorrect and I confirm my config file is named smtpd.conf.


> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-19 Thread Gabriele Tofano
On Mar 19, 2019, at 2:56 AM, Reio Remma  wrote:
> 
>> smtpd -dv -Tlookup

Here the whole debug:

# smtpd -dv -Tlookup
debug: init ssl-tree
info: loading pki information for mail.domain.com
debug: init ca-tree
debug: init ssl-tree
info: loading pki keys for mail.domain.com
info: OpenSMTPD 5.9.2p1 starting
debug: bounce warning after 4h
debug: using "fs" queue backend
debug: using "ramqueue" scheduler backend
debug: using "ram" stat backend
queue: queue compression enabled
queue: queue encryption enabled
debug: queue: done loading queue into scheduler
filter: building simple chains...
filter: building complex chains...
filter: done building complex chains
debug: ca_engine_init: using RSA privsep engine
debug: parent_send_config_ruleset: reloading
debug: parent_send_config: configuring pony process
debug: parent_send_config: configuring ca process
debug: smtp: listen on x.x.x.x port 587 flags 0x569 pki "mail.domain.com" ca ""
debug: smtp: listen on x.x.x.x port 25 flags 0x401 pki "mail.domain.com" ca ""
debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:x::1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:::1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on 127.0.0.1 port 25 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:x::1 port 25 flags 0x400 pki "" ca ""
debug: smtp: listen on IPv6:::1 port 25 flags 0x400 pki "" ca ""
debug: pony: rsae_init
debug: pony: rsae_init
debug: smtp: will accept at most 6866 clients
debug: init private ssl-tree
debug: smtpd: scanning offline queue...
debug: smtpd: offline scanning done
debug: smtp: new client on listener: 0x802851000
smtp-in: New session edbec85d0fe88133 from host st43p00im-zteg10062001.me.com 
[17.58.63.166]
debug: smtp: SIZE in MAIL FROM command
lookup: check "17.58.63.166" as NETADDR in table static: -> 0
lookup: check "17.58.63.166" as NETADDR in table static: -> found
lookup: check “domain.com" as DOMAIN in table static:domains -> found
lookup: lookup “us...@domain.com" as ALIAS in table static:virtuals -> 0
lookup: lookup “user1" as ALIAS in table static:virtuals -> 0
lookup: lookup “@domain.com" as ALIAS in table static:virtuals -> 0
lookup: lookup "@" as ALIAS in table static:virtuals -> 0
smtp-in: Failed command on session edbec85d0fe88133: "RCPT 
TO: ORCPT=rfc822;us...@.domain.com" => 550 Invalid recipient
smtp-in: Closing session edbec85d0fe88133
debug: smtp: 0x802962c00: deleting session: done




Re: 550 invalid recipient issue

2019-03-19 Thread Gabriele Tofano
On Mar 19, 2019, at 8:58 AM, Gabriele Tofano  wrote:
> 
> On Mar 19, 2019, at 12:16 AM, Thomas Bohl  
> wrote:
>> 
>>>> Which leads to the question: Does user1 exist?
>>>> 
>>> But I do not understand why osmtpd is looking at the /etc/passwd file when 
>>> I have always used my table files (defined in smtp.conf) with a working 
>>> environment, 
>> 
>> My understanding is, according to the configuration you presented, that it 
>> has to lookup /etc/passwd. (I'm only unsure about the role of rcpt-to in 
>> this.)
>> 
>> https://man.openbsd.org/OpenBSD-6.3/table#Aliasing_tables
>> "Aliasing tables are mappings that associate a recipient to one or many 
>> destinations.
>> ...
>> accept for domain example.org virtual  deliver to mbox
>> ...
>> In a virtual domain context, the key is either a user part, a full email 
>> address or a catch all ... and the value is one or many recipients as 
>> described in aliases(5):"
>> 
>> https://man.openbsd.org/OpenBSD-6.3/aliases.5
>> "...The file consists of key/value mappings of the form:
>> 
>> key: value1, value2, value3, ...
>> ...The key is expanded to the corresponding values, which consist of one or 
>> more of the following:
>> 
>> user
>> A user on the host machine. The user must have a valid entry in the 
>> passwd(5) database file. ..."
>> 
>> 
>>> and user1 has never been a system user.
>> 
>> What is user1 then? A virtual Dovecot user?
> 
> User1 is listed in the /usr/local/etc/mail/passwd file for smtpd 
> authentication and in /usr/local/etc/mail/aliases and 
> /usr/local/etc/mail/virtuals for local user mapping and standard mailbox 
> redirect.
> 
> Dovecot is looking at /usr/local/etc/mail/passwd for its virtual users.
> 
> I never had user1 and user2 as a system users and smtpd has always worked 
> correctly on my production and lab servers.
> 
>> Can you maybe post your virtuals?
> 
> Here my /usr/local/etc/mail/virtuals:
> 
> ab...@domain.com  us...@domain.com
> postmas...@domain.com us...@domain.com
> webmas...@domain.com  us...@domain.com
> 
> 
> And here my /usr/local/etc/aliases:
> 
> vmail:/dev/null
> 
> root: user1
> user1:us...@domain.com
> 
>> 
>> You could experiment with the "as user" parameter.
>> https://man.openbsd.org/OpenBSD-6.3/smtpd.conf.5#deliver_to_lmtp
>> 
>> P.S.
>> Like in your first message you again wrote "smtp.conf". I'm sure you meant 
>> "smtpd.conf", right?
> 
> That was an autocorrect and I confirm my config file is named smtpd.conf.
> 
> 
>> -- 
>> You received this mail because you are subscribed to misc@opensmtpd.org
>> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>> 
> 
> 
> 
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

I found the issue. The original /usr/local/etc/mail/virtuals file was the 
following:

ab...@domain.comus...@domain.com
postmas...@domain.com   us...@domain.com
webmas...@domain.comus...@domain.com
us...@domain.comvmail
us...@domain.comvmail

Basically all the virtual users were mapped to the system vmail user which is 
in charge of handling deliveries, and for some reasons they were not listed in 
the file anymore. Adding them has resolved the issue and users are able to 
receive email again. I am going to investigate why those mappings were not 
present anymore but I would like to thank all of you for the precious support 
and time dedicated to help me out on this!

PS. It is not good when your mail server stop working on your wedding week :)  



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



Re: 550 invalid recipient issue

2019-03-15 Thread Gabriele Tofano


> On Mar 15, 2019, at 10:38 AM, Thomas Bohl  
> wrote:
> 
> Hello,
> 
>> #Allow local delivery
>> accept from any for local alias  deliver to lmtp 
>> "/var/run/dovecot/lmtp" rcpt-to
>> #Allow virtual domains
>> accept from any for domain  virtual  deliver to lmtp 
>> "/var/run/dovecot/lmtp" rcpt-to
> 
> Are the files /usr/local/etc/mail/domains and /usr/local/etc/mail/virtuals 
> still ok?
> Does local delivery with sendmail work?
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

Hi Thomas,

Thank you for your response.

Both files are looking good/same as before and local delivery with sendmail 
does not work:

ga...@server.com... Connecting to [127.0.0.1] via relay...
220 mail.server.com ESMTP OpenSMTPD
>>> EHLO mail.server.com
250-mail.server.com Hello mail.server.com [127.0.0.1], pleased to meet you
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-SIZE 36700160
250-DSN
250 HELP
>>> MAIL From: SIZE=108
250 2.0.0: Ok
>>> RCPT To:
550 Invalid recipient
>>> DATA
503 5.5.4 Invalid command arguments: No recipient specified
>>> RSET
250 2.0.0: Reset state
>>> RSET
250 2.0.0: Reset state
gab... Using cached ESMTP connection to [127.0.0.1] via relay...
>>> MAIL From:<> SIZE=1132
250 2.0.0: Ok
>>> RCPT To:
250 2.1.5 Destination address valid: Recipient ok
>>> DATA
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0: 6f663aeb Message accepted for delivery
gab... Sent (2.0.0: 6f663aeb Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0: Bye

Thank you!


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org



550 invalid recipient issue

2019-03-15 Thread Gabriele Tofano
Hi all,

I have been using openSMTPD+Dovecot on FreeBSD since December without any issue 
but, out of nowhere, since this past Tuesday people that try to send me emails 
are getting the 550 Invalid recipient message.

I am using FreeBSD 11.2-RELEASE-p9 with the following pakcages:

opensmtpd-5.9.2p1_6,1
opensmtpd-extras-table-passwd-201606230001_2
dkimproxy-1.4.1_1
dovecot-2.3.4.1
spamd-4.9.1_4
py36-certbot-0.29.1_2,1


Tuesday I had restarted the smtpd service as a diagnostic action since Dovecot 
was complaining about expired certificates (Let’s encrypt renewed the 
certificate in February).


My smtp.conf is:

--
#Set local interfaces
eth1="vtnet0"

#Certificates with Let's Encrypt
pki mail.server.com certificate 
"/usr/local/etc/letsencrypt/live/mail.server.com/fullchain.pem"
pki mail.server.com key 
"/usr/local/etc/letsencrypt/live/mail.server.com/privkey.pem"

#Enable queue compression and encryption
#(create key with 'openssl rand -hex 16')
queue compression
queue encryption key 6a29db69e3a2276752586bd781582cee

#Tables used for domains, users, passwords and aliases.
table aliases file:/usr/local/etc/mail/aliases
table domains file:/usr/local/etc/mail/domains
table passwd passwd:/usr/local/etc/mail/passwd
table virtuals file:/usr/local/etc/mail/virtuals

#Ports to listen on.
listen on lo0
listen on lo0 port 10028 tag DKIM_OUT
listen on $eth1 port 25 tls pki mail.server.com

#Mask the source on port 587 for more privacy
listen on $eth1 mask-source port 587 tls-require pki mail.server.com auth 


#Allow local delivery
accept from any for local alias  deliver to lmtp 
"/var/run/dovecot/lmtp" rcpt-to

#Allow virtual domains
accept from any for domain  virtual  deliver to lmtp 
"/var/run/dovecot/lmtp" rcpt-to

#Allow outgoing mails to pass to DKIMproxy.
accept tagged DKIM_OUT for any relay
accept from local for any relay via smtp://127.0.0.1:10027


My passwd file where the user mail address are is:

us...@server.com:password::userdb_quota_rule=*:storage=1G
us...@server.com:password::

The mail log with the error is:

Mar 15 08:01:09 mail smtpd[672]: smtp-in: New session 99434f3a54ad790f from 
host st43p00im-ztfb10063301.me.com [17.58.63.179]
Mar 15 08:01:09 mail smtpd[672]: smtp-in: Failed command on session 
99434f3a54ad790f: "RCPT TO: ORCPT=rfc822;us...@server.com" => 
550 Invalid recipient
Mar 15 08:01:09 mail smtpd[672]: smtp-in: Closing session 99434f3a54ad790f

I am in a very busy week but I will try to reply as fast as possible.

Thank you very much in advance!
Gabri



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org