Network error on destination MXs on MX that starts with "_"

2024-06-11 Thread Giovanni Bechis 

Hi,
recently I've found this error on my server:
Jun 11 10:46:33 mx smtpd[97386]:  mta delivery evpid=aa1ddab63539175b from= 
to= rcpt=<-> source="-" relay="example.com" delay=22h31m25s result="TempFail" 
stat="Network error on destination MXs"

The destination domain MX record is:
_dc-mx.140697ab0ac1.example.com which I am not sure is valid but it's present 
on the wild.
Is it correct that OpenSMTPD fails to deliver in this case ?
OpenSMTPD version is 7.5.0 running on OpenBSD 7.5.

 Cheers
  Giovanni


OpenPGP_signature.asc
Description: OpenPGP digital signature

MIMEDefang support for OpenSMTPd

2023-01-16 Thread Giovanni Bechis 
Hi,
I've just released the first version of mimedefang-smtpd-filter, an
smtpd filter to use MIMEDefang together with OpenSMTPd.
The filter is a bridge between smtpd(8) protocol and
mimedefang-protocol(7); not all MIMEDefang features are currently
supported but most mimedefang-filter scripts should work without issues.
The filter can be downloaded from https://mimedefang.org/download/, code
is available at
https://github.com/The-McGrail-Foundation/MIMEDefang-smtpd-filter.
 Cheers
  Giovanni


signature.asc
Description: PGP signature

Re: OpenSMTPD ignores the system time zone in mail header and logfile

2022-11-04 Thread Giovanni Bechis 
On Fri, Nov 04, 2022 at 12:51:17PM -0400, Stuart D Gathman wrote:
> On Thu, 3 Nov 2022, Nils wrote:
> 
> > The problem is probably Void Linux specific, since I don't have this
> > problem on a OpenBSD installation.
> 
> > P.S.: This is a cross-post of 
> > https://github.com/void-linux/void-packages/issues/39918
> 
> I did some research and reported on the github issue.
> 
> Summary:
> 
> The Received header field should use -, not + when localtime is
> not actually UTC.  But Received should not necessarily be in localtime.
> 
The following diff creates Received headers with - values.
 Cheers
  Giovanni

Index: to.c
===
RCS file: /cvs/src/usr.sbin/smtpd/to.c,v
retrieving revision 1.48
diff -u -p -r1.48 to.c
--- to.c14 Jun 2021 17:58:16 -  1.48
+++ to.c4 Nov 2022 17:30:11 -
@@ -159,7 +159,7 @@ time_to_text(time_t when)
day[lt->tm_wday], lt->tm_mday, month[lt->tm_mon],
lt->tm_year + 1900,
lt->tm_hour, lt->tm_min, lt->tm_sec,
-   offset >= 0 ? '+' : '-',
+   offset > 0 ? '+' : '-',
abs((int)offset / 3600),
abs((int)offset % 3600) / 60,
tz))


signature.asc
Description: PGP signature

Re: Problem using senders table in listen directive

2019-10-14 Thread Giovanni Bechis 
On 10/12/19 4:46 PM, y38...@protonmail.com wrote:
> SELECT (username||'@'||domain) FROM users WHERE ? LIKE mailbox
I think it should read
SELECT (username||'@'||domain) FROM users WHERE mailbox LIKE ?
typo or error ?
 
 Giovanni

Re: Filters and rctp-to rewrite.

2019-09-10 Thread Giovanni Bechis 
On 9/9/19 7:16 PM, Reio Remma wrote:
> On 09.09.2019 20:03, Giovanni Bechis wrote:
>>> I'm currently using amavisd-new with the quarantine feature, but I'm 
>>> itching to switch to Rspamd (greylisting here I come!).
>>>
>> amavisd-new 2.12 has rspamd support, have you tried it ?
> 
> Curious! I see the project has again switched hands, if you mean this one?
> 
> https://gitlab.com/amavis/amavis
> 
exactly, this is the new official amavis home.

> I'll have a look at it. Then again with Rspamd and filter-rspamd we could cut 
> down a lot of complexity.
>

Re: Filters and rctp-to rewrite.

2019-09-09 Thread Giovanni Bechis 
On 9/9/19 6:48 PM, Reio Remma wrote:
> On 09.09.2019 18:13, Martijn van Duren wrote:
>> On 9/9/19 3:37 PM, Reio Remma wrote:
>>> Hello!
>>>
>>> Slowly digging into filters.
>>>
>>> Now I'm curious if it's possible to modify the recipient after say spam
>>> check in data-line? I get the impression that rewriting rcpt-to at that
>>> stage is impossible, but my goal would be to redirect/quarantine high
>>> scoring spam to a special e-mail address.
>>>
>>> Would it be doable somehow?
>>>
>>> Thanks!
>>> Reio
>>>
>> It is not.
>>
>> What you might be able to do is add an additional header and somehow let
>> an lmtp server make the decision based on the header.
>>
>> I haven't used lmtp myself, no clue if this actually works, but it's
>> worth investigating :-)
>>
>> Please reply to the threat if you managed to make it work.
> 
> Thanks Martijn and Gilles for the confirmation!
> 
> I'm currently using amavisd-new with the quarantine feature, but I'm itching 
> to switch to Rspamd (greylisting here I come!).
> 
amavisd-new 2.12 has rspamd support, have you tried it ?

> I'm using the quarantine to keep an eye on mails with a medium spam score so 
> we won't lose the occasional legit mail with a higher than normal spam score. 
> Additionally I can train these borderline mails correctly as ham/spam.
> 
> I now see Rspamd has a metadata exporter feature I could probably use to copy 
> spammy mails to the quarantine mail address.
> 
> There are also Dovecot's sieve scripts. I'll have to see which work better.
> 
> Thanks,
> Reio
>

Re: RBLs?

2019-07-03 Thread Giovanni Bechis 
On 7/2/19 10:31 PM, mabi wrote:
> ‐‐‐ Original Message ‐‐‐
> On Tuesday, July 2, 2019 11:44 AM, Gilles Chehade  wrote:
> 
>> if you configure rspamd to flag spam mail as reject, smtpd will reject them.
> 
> Glad to hear that this is possible with rspamd! Because with SpamAssassin it 
> is only possible to tag the mail as spam but not to reject it upfront. I want 
> to reject the mail immediately if it detected as spam so that it does not get 
> relayed further (out to another mail server).
> 
I think it could be possible to write a filter-spamassassin, that way smtpd 
could reject based on SpamAssassin tags.
 
 Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: How can I integrate opensmtpd with opendkim?

2019-01-30 Thread Giovanni Bechis 
Atm I am using amavisd-new with clamav and spamassassin disabled to sign dkim 
on a send-only
server with opensmtpd.
 Cheers
  Giovanni

On 1/30/19 6:18 PM, Sergey Seacher wrote:
> I use Centos 7. There is packages perl-Mail-DKIM and opendkim in repository, 
> but there is not
> dkimproxy.
> 
> 30.01.2019 19:04, Chris Bennett пишет:
>> On Wed, Jan 30, 2019 at 05:45:35PM +0300, Sergey Seacher wrote:
>>> Hello, All!
>>>
>>> How can I integrate opensmtpd with opendkim?
>>>
>> There is also dkimproxy and a Perl module p5-Mail-DKIM.
>> Which one do you recommend, you hinted that there will be changes from
>> 6.4 to 6.5 for dkimproxy setup when it comes out, if I understood
>> correctly.
>>
>> I've got things working for 6.4 right now, but I will post a couple of
>> questions about using auth and some other stuff I expect/want to use
>> shortly.
>>
>> Thanks, I'm really thrilled to have this massive improvement over
>> sendmail!! All of your time doing this work has been so helpful, I
>> really hated sendmail with that huge book I had for it.
>>
>> Chris Bennett
>>
>>


-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: people using elk / grafana ?

2018-11-24 Thread Giovanni Bechis 
On Fri, Nov 09, 2018 at 05:08:48PM +0100, Gilles Chehade wrote:
> HELO,
> 
> I'm looking for people that are regular users of ELK / Grafana or alike.
> 
I am using ELK for my servers, I have some logstash rules so I can take
graphs from both postfix and smtpd(4) servers.
Some info are relevant only for smtpd(4) servers, some only from postfix,
some for both, but this is strictly related to my setup.

> I'd like to discuss improvements that can be made to the event reporting
> mechanism to ease integration with monitoring and alerting tools.
> 
> If creating dashboards and alerts is part of your daily routing, ping me
> so we can talk.
> 
not my daily routing, maybe my weekly one.
 
 Cheers
  Giovanni


signature.asc
Description: PGP signature

Re: tool-stats

2016-09-06 Thread Giovanni Bechis 
On 09/06/16 18:10, Mischa wrote:
> Hi All,
> 
> Did something else change in 6.0 in regards to logging?
> 
> tool-stats remains very empty.
> 
in OpenBSD 6.0 works file, are you running portable (on Linux) ?

-
tool-stats - smtpd log statistics (c) 2016 Joerg Jung

Thu Sep 06 09:00:02 - Thu Sep 06 18:19:33

Messages:   smtp: 6533 mta: 6509 mda: 0 reject: 0
Throughput: 700.57 mails/hour 44.67 mbytes/hour
-

 Cheers
   Giovanni

> # zcat /var/log/maillog.6.gz | tool-stats  
> tool-stats - smtpd log statistics (c) 2016 Joerg Jung
> 
> Mon Aug 27 15:00:01 - Tue Aug 28 15:00:01
> 
> Messages:   smtp: 0 mta: 0 mda: 0 reject: 4327
> Throughput: 0.00 mails/hour 0.00 bytes/hour
> 
> Filters
> 
>DNSBL:   4327
>Regex:   connect: 0 helo: 0 mail: 0 rcpt: 0 dataline: 0
>Spam:0
>Virus:   0
> 
> ###
> 
> # tool-stats /var/log/maillog   
> tool-stats - smtpd log statistics (c) 2016 Joerg Jung
> 
> Thu Sep 06 11:00:01 - Thu Sep 06 18:07:10
> 
> Messages:   smtp: 0 mta: 0 mda: 0 reject: 0
> Throughput: 0.00 mails/hour 0.00 bytes/hour
> 
> Filters
> 
>DNSBL:   0
>Regex:   connect: 0 helo: 0 mail: 0 rcpt: 0 dataline: 0
>Spam:0
>Virus:   0
> 
> 
> 
> I can see mail is coming in still
> 
> # grep -c "550 Invalid recipient" /var/log/maillog
> 754
> 
> Mischa
> 
> 


-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Filters

2016-01-01 Thread Giovanni Bechis 
Il 1 gennaio 2016 08:09:17 CET, Damian McGuckin  ha scritto:
>
>Hi everybody,
>
>New to this list although I have been using OpenBSD thought since 2.1.
>Contributed hardware (long ago) to the OpenBSD project.
>
>I am trying to figure out how to use DNS BLs with OpenSMTPD. Until I
>can 
>do that, I do not want to deploy it.
>
>I can see the API code in the source try but not the instructions on
>how 
>to use it.
>
>I found the document 'opensmtpd-LinuxCon2015.conf' by Giovanni Bechis
>and 
>it seems to imply that filters are operational. In fact, it says
>
>   "there are filters available for dnsbl, regex matching,
>   Spam Assassin, and Clamav integration and much more"
>
>However, except for some limited images in the presentation, I cannot
>find 
>any documentation. Even if I grep 'dnsbl' in the current release,
>nothing 
>is there.
>
>Any pointers as to where I can find this information?
>
>Thanks - Damian
>
>Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW
>2037
>Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted
>here
>Views & opinions here are mine and not those of any past or present
>employer

You should at least pkg_add opensmtpd-extras to start playing with filters.
In base there is only the opensmtpd core implementation.
  Cheers
   Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Configuring opensmtpd to send local mails via smarthost

2015-11-25 Thread Giovanni Bechis 
On 11/25/15 16:25, tomaszdro...@interia.eu wrote:
> :-( it still does not work
> 
> 
> I have corrected:
> 
> /etc/opensmtpd/secrets_for_relay_via:
> label   tomaszdro...@interia.eu:my_pasword
> 
> /etc/opensmtpd/smtpd.conf:
> accept from local for any relay via secure+auth://la...@poczta.interia.pl 
> auth 
> 
> or even to
> accept from local for any relay via secure+auth://la...@poczta.interia.pl 
> auth  as tomaszdro...@interia.eu
> 
> or event to 
> accept from local for any relay via tls+auth://la...@poczta.interia.pl 
> auth 
> 
start smtpd with -dv option, then enable tracing with smtpctl trace lookup and 
post the result (verify first, it may leak passwords).
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Configuring opensmtpd to send local mails via smarthost

2015-11-25 Thread Giovanni Bechis 
On 11/25/15 13:41, tomaszdro...@interia.eu wrote:
[...]
I have something like this:

> secrets_for_relay_via:
> tomaszdrozdz_interia_eu:tomaszdrozdz:my_password
> 
label tomaszdro...@interia.eu:password

> makemap secrets_for_relay_via
> 
> smtpd.conf:
> listen on lo
> table secrets_for_relay_via db:/etc/opensmtpd/secrets_for_relay_via.db
> accept from local for any relay via 
> secure+auth://tomaszdrozdz_interia...@poczta.interia.pl auth 
> 
> expire 4h
> 
accept from local for any relay via secure+auth://la...@poczta.interia.pl auth 


 Cheers
   Giovanni


-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-11-11 Thread Giovanni Bechis 
On 11/11/15 08:13, Mohammad H. Al Shami wrote:
> What I personally do is have a single server in my network able to send 
> emails to the public, and all other servers just relay via that server.
> 
> Makes handling DKIM/SPF/DMARC easier IMHO
> 
you should correctly setup your hostname and you dns then.
At least your hostname should resolve to something.
 Cheers
  Giovanni 

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-11-10 Thread Giovanni Bechis 
On 11/10/15 11:54, tomaszdro...@interia.eu wrote:
> May I have question about smart host ?
> What is it, how does it work, what do I need, how to configure OPENSMTPD ?
> 
> Is it kind of "relay via" ?
> Do I need some mail account elsewhere for my OPENSMTD to log in ?
> It is hard for me to google out the "idea draft" of smart host)
> 
you should use "relay via" and use an account created by your isp if you do not 
want to send emails directly via your server.
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-11-09 Thread Giovanni Bechis 
On 11/09/15 17:22, tomaszdro...@interia.eu wrote:
> So You suggest that for example:
> 
> 1)
> My Linux host <---> router <---> ISP
> a) I should have static IP from my ISP and I should own my won domain ?
> 
not necessarily but your hostname(1) should resolve to something; you can 
always use a smart host to send outbound email if you do not have a static ip.
 
> 2)
> My Linux host <---> my company intranet
> a) my company should "allowed my Linux host in company DNS system" ?
> [[ b) this question only by my curiosity because I guess configuring DNS on 
> my Linux host is to much work for me - am I right ?] - and the question is: I 
> could install DNS on my Linux host and dont care about my company DNS system 
> ?]
> 
if your dns is managed by your company, your company should create at least an 
A record for your linux box.
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-10-30 Thread Giovanni Bechis 
On 10/30/15 12:25, tomaszdro...@interia.eu wrote:
> Giovanni Bechis" 
>> what is the output of `hostname`, `hostname --fqdn` and `dnsdomainname` ?
>> Your hostname whould be in fqdn format, not just the name of the host.
>>  Cheers
>>Giovanni
>>
> 
> *) hostname
> se-gips
> 
> *) hostname --fqdn
> se-gips
> 
> *) dnsdomainname
> [shows nothing - empty]
> 
As I told you before, set your hostname to something that is resolvable 
(se-gips.interia.eu is in fqdn format but still not resolvable).
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-10-30 Thread Giovanni Bechis 
On 10/30/15 11:49, tomaszdro...@interia.eu wrote:
[...]
> 7) cat /etc/hostname 
> se-gips
> 
> 8) cat /etc/resolv.conf
> 
what is the output of `hostname`, `hostname --fqdn` and `dnsdomainname` ?
Your hostname whould be in fqdn format, not just the name of the host.
 Cheers
   Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-10-29 Thread Giovanni Bechis 
tomaszdro...@interia.eu ha scritto:
>Hallo opensmtpd mail list :-)
>
>I must say that I am "email server" greenhorn.
>I also do not have much experience in net configuration.
>
>I want to have email server that will allow me to send emails from my
>linux.
>I search internet (sendmail, qmail, exim, postfix, ...) and luckily
>found OPENSMTPD :-)
>I have liked it just after seeing one configuration line with: "accept
>from ...".
>Way of configuring opensmtpd seams to me be modern, simple and easiest
>of all smtp servers :-)
>
>As I wrote I am greenhorn and have problem.
>
>
>
>1) My system info:
>
>A) I run:
>Operating System: Fedora 21 (Twenty One)
>CPE OS Name: cpe:/o:fedoraproject:fedora:21
>Kernel: Linux 4.1.8-100.fc21.x86_64
>Architecture: x86-64
>
>on Virtual box.
>
>B) dnf info opensmtpd
>
>Name: opensmtpd
>Arch: x86_64
>Version : 5.7.1p1
>Release : 1.fc21
>
>2)
>A) iptables --list
>
>Chain INPUT (policy ACCEPT)
>target prot opt source   destination 
>
>Chain FORWARD (policy DROP)
>target prot opt source   destination 
>
>Chain OUTPUT (policy ACCEPT)
>target prot opt source   destination
>
>B) ip addr
>
>1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
>group default 
>link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>inet 127.0.0.1/8 scope host lo
>   valid_lft forever preferred_lft forever
>inet6 ::1/128 scope host 
>   valid_lft forever preferred_lft forever
>2: enp0s3:  mtu 1500 qdisc pfifo_fast
>state UP group default qlen 1000
>link/ether 08:00:27:6f:f9:22 brd ff:ff:ff:ff:ff:ff
>inet 172.29.2.101/19 brd 172.29.31.255 scope global dynamic enp0s3
>   valid_lft 570826sec preferred_lft 570826sec
>inet6 fe80::a00:27ff:fe6f:f922/64 scope link 
>   valid_lft forever preferred_lft forever
>6: enp0s11u1:  mtu 1500 qdisc
>pfifo_fast state UNKNOWN group default qlen 1000
>link/ether 0c:5b:8f:27:9a:64 brd ff:ff:ff:ff:ff:ff
> inet 192.168.8.100/24 brd 192.168.8.255 scope global dynamic enp0s11u1
>   valid_lft 52421sec preferred_lft 52421sec
>inet6 fe80::e5b:8fff:fe27:9a64/64 scope link 
>   valid_lft forever preferred_lft forever
>
>3) My opensmtp:
>
>A) /etc/opensmtpd/smtpd.conf
>
>listen on lo
>listen on enp0s3
>listen on enp0s11u1
>
>accept from local for any relay
>
>expire 4h
>
>B) ls -laZ /var/log/maillog 
>-rw---. root root system_u:object_r:var_log_t:s0   /var/log/maillog
>
>C) ps -ef|grep smtpd
>
>root 11410 1  0 11:44 ?00:00:00 smtpd: [priv]
>smtpq11411 11410  0 11:44 ?00:00:00 smtpd: queue
>smtpd11412 11410  0 11:44 ?00:00:00 smtpd: control
>smtpd11413 11410  0 11:44 ?00:00:00 smtpd: lookup
>smtpd11414 11410  0 11:44 ?00:00:00 smtpd: scheduler
>smtpd11415 11410  0 11:44 ?00:00:00 smtpd: pony express
>smtpd11416 11410  0 11:44 ?00:00:00 smtpd: klondike
>
>4) mailx -s "hello" "tomaszdro...@interia.eu"
>
>5) Problems
>
>A) sudo smtpctl show queue
>
>c823c60ac80192be|local|mta|auth|@|tomek@se-gips|tomek@se-gips|1446115579|1446461179|0|8|invalid||Temporary
>failure in MX lookup
>
>B) /var/log/maillog
>is empty
>
>Why I can not send email ?
>Why log file is empty ?
>
>
>Please help if you can.
>If you need more information I will provide it.

Your  server cannot resolve se-gips domain, check your host name and your 
resolver configuration. 
  Cheers
 Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: smtpd fails on automatic startup

2015-10-11 Thread Giovanni Bechis 
Holger Jahn  ha scritto:
>>> I agree with you that the network startup is probably part of the
>>> problem, but I'm not sure why this isn't sufficient:
>
>Perhaps you have got an inconsistency in /etc/hosts, your network 
>interface, and DNS/DHCP, or something else down these lines. Host name 
>resolution might not work correctly at boot (SMTPD failing to start), 
>but later in the boot process it does, rendering the initial issue 
>invisible.
>
>How is your network interface configured and what is in /etc/hosts?

Your firewall could prevent smtpd from starting if you have a default "drop 
all" rule, then you start smtpd and finally your firewall loads the correct 
rules.
I had a similar problem in the past due to that and an incorrect hosts(5) file. 
   Cheers
 Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

OpenSMTPD big deployments

2015-07-28 Thread Giovanni Bechis 
Hi,
in October I will give a talk at Linuxcon about OpenSMTPD, does anybody have 
some statistics about some big deployments ?
Atm I have statistics only for my servers.
 Cheers & Thanks
  Giovanni  

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Building dkimproxy on headless OpenBSD server with no X install sets

2015-03-12 Thread Giovanni Bechis 
On 03/12/15 17:42, Gonzalo wrote:
> what are you talking about??
> 
> onzalo : /usr/ports> sudo pkg_add -vi dkimproxy
> Password:
> Update candidates: quirks-2.54 -> quirks-2.54
> quirks-2.54 signed on 2015-03-08T12:33:05Z

on 5.6 there is no package:

revision 1.323
date: 2015/02/16 18:10:21;  author: jasper;  state: Exp;  lines: +2 -1;  
commitid: L4dxY4PfIGmB6s3k;
hookup dkimproxy which seems to have been forgotten when originally imported

ok sthen@


 Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: OpenSMTPD on OpenBSD 5.6 backend MySQL

2015-02-10 Thread Giovanni Bechis 
On 02/10/15 16:20, Ultramedia Libertad wrote:
> Greetings friends,
> 
> I read that OpenSMTPD already have the option of mysql backend,
> I would like to have an example of how to do it,
> As that previously used postfix with 3 virtual domains and 10 virtual users 
> in total.
> by the time my mail server is stopped and l people without post until I learn 
> how to work OpenSMTD with mysql backend.
> 
> thank you for advance.
> 
> OpenBSD 5.6
> 
> OpenSMTPD 5.4.3
> 
> Thank you for advance
> 
> -- 
> editor de sueños
To be able to connect with MySQL you should install opensmtpd-extras port.
It is available on current, I do not know if the current port will compile on 
5.6 due to netdb.h change.
Attached a couple of config files to start with, in mysql.conf you have to 
write your own sql queries.
 Cheers
  Giovanni

#
# Sample MySQL configuration file
#

hostlocalhost
usernameuser
passwordpass
databasedb

# Alias lookup query
#
# rows   >= 0
# fields == 1 (user varchar)
#
query_alias select destination from mail_valias where source=?


# Domain lookup query
#
# rows   == 1
# fields == 1 (domain varchar)
#
query_domainselect domain from mail_domain where domain=?;


# User lookup query
#
# rows   == 1
# fields == 3 (uid int, gid int, directory varchar)
#
query_userinfoselect uid,gid,maildir from mail_user where 
login=?


# Credentials lookup query
#
# rows   == 1
# fields == 2 (username varchar, password varchar)
#
query_credentialsselect login, password from mail_user where login=?;


# Netaddr lookup query
#
# rows   == 1
# fields == 1 (netaddr varchar)
#
#query_netaddrselect value from netaddr where value=$1;
#   $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

# To accept external mail, replace with: listen on all
#
listen on lo0

table vusers mysql:/tmp/mysql.conf
table vdomains mysql:/tmp/mysql.conf
table aliases mysql:/tmp/mysql.conf

accept for domain  userbase  virtual  deliver to 
maildir
accept from local for any relay

Re: OpenSMTPD Extras and libasr

2014-11-13 Thread Giovanni Bechis 
On 11/13/14 15:59, Emmanuel Vadot wrote:
>  For 4, I think that for now smtpd uses ${PREFIX}/libexec/opensmtpd/ to look 
> at custom tables/filters which will fail on OpenBSD if the user use the smtpd 
> in base (PREFIX=/usr) and an extra via the packages (PREFIX=/usr/local IIRC).
> 
OpenBSD-current does provide extras via packages, just pkg_add opensmtpd-extras.
 Cheers
  Giovanni Bechis


-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: OpenSMTPD with mysql virtual users

2014-10-25 Thread Giovanni Bechis 
On Wed, Oct 22, 2014 at 11:41:07AM +, Theron ZORBAS wrote:
> Hi @list, 
> 
> I've installed OpenBSD 5.6-current from the 19/10/2014 snapshot: 
> 
> # uname -a 
> OpenBSD mail.mydom.local 5.6 GENERIC.MP#448 amd64 
> 
> # pkg_info 
> gettext-0.19.2  GNU gettext 
> libiconv-1.14p1character set conversion library 
> libidn-1.29internationalized string handling 
> mariadb-client-10.0.14v0 multithreaded SQL database (client) 
> opensmtpd-extras-20140909 extra tools for OpenSMTPD 
> opensmtpd-extras-mysql-20140909 OpenSMTPD authentication support for MySQL 
> pcre-8.35  perl-compatible regular expression library 
> vim-7.4.430-no_x11  vi clone, many additional features 
> wget-1.15  retrieve files from the web via HTTP, HTTPS and FTP 
> 
> My aim is to replace our university's postfix servers with OpenSMTPD. 
> 
> After that searched about OpenSMTPD + Virtual Users(Mysql) 
> But got no result. Can anyone please supply to me minimal config and sql 
> schema please? 
> 
This is, more or less, what I am using, mysql.conf has been stripped down but
you can create a simple database starting from that.
 Cheers
  Giovanni
#   $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

# To accept external mail, replace with: listen on all
#
pki XXX certificate "/etc/ssl/XXX.crt"
pki XXX key "/etc/ssl/private/XXX.key"

table aliases db:/etc/mail/aliases.db

table vusers mysql:/etc/mail/mysql.conf
table vdomains mysql:/etc/mail/mysql.conf
table valiases mysql:/etc/mail/mysql.conf
table credentials mysql:/etc/mail/mysql.conf

listen on egress secure auth-optional  pki XXX
listen on egress port submission tls auth  pki XXX

listen on lo0 port 10025 tag Filtered

accept tagged Filtered for domain  userbase  virtual 
 deliver to maildir
accept from any for domain  relay via "smtp://127.0.0.1:10024"

# Local emails
accept tagged Filtered for local alias  deliver to mbox
accept from local for local relay via "smtp://127.0.0.1:10024"

accept for any relay pki XXX

hostlocalhost
usernameusr
passwordpass
databasedb

# Alias lookup query
#
# rows   >= 0
# fields == 1 (user varchar)
#
query_alias select destination from mail_valias where source=?


# Domain lookup query
#
# rows   == 1
# fields == 1 (domain varchar)
#
query_domainselect domain from mail_domain where domain=?;


# User lookup query
#
# rows   == 1
# fields == 3 (uid int, gid int, directory varchar)
#
query_userinfoselect uid,gid,maildir AS maildir from mail_user 
where login=?;


# Credentials lookup query
#
# rows   == 1
# fields == 2 (username varchar, password varchar)
#
query_credentialsselect login, password from mail_user where login=?;


# Netaddr lookup query
#
# rows   == 1
# fields == 1 (netaddr varchar)
#
#query_netaddrselect value from netaddr where value=$1;

Re: What form should query_credentials return?

2014-09-08 Thread Giovanni Bechis 
On 09/08/14 14:08, Nolan Darilek wrote:
> I'm struggling to get OpenSMTPD working with DBMail. Seems I'm almost
> there but not quite. Mail is arriving into my account, but I can't seem
> to authenticate against the database due to authentication failures.
> 
> Currently DBMail is storing my password unencrypted, and it occurs to me
> that perhaps OpenSMTPD is expecting an encrypted password from
> query_credentials. Yes, I know this is a bad idea, and I fully intend to
> fix it, but my intent was to minimize moving parts.
> 
> I found a link that seems to indicate query_credentials expects a
> password returned in encrypt(3) format. Is this accurate?
> 
> If so, given this from DBMail's docs:
> 
> -p pwtype
> Password type may be one of the following: plaintext, crypt, md5-hash,
> md5-digest, crypt-raw, md5-hash-raw, md5-digest-raw, md5-base64,
> md5-base64-raw.
> 
> Which should I use such that query_credentials returns what OpenSMTPD
> expects?
> 
I think crypt would be a good choice since opensmtpd uses crypt(3) to check for 
passwords.
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: [userbase] email in login field

2014-09-05 Thread Giovanni Bechis 
On 09/01/14 11:56, Gilles Chehade wrote:
> we may want to support email addresses as login, this can be discussed
> it was not designed this way to start with because we didn't support
> !system auth but this has changed and the use case has come up a few
> times
> 
at the moment my setup it's working even if a bit hacky from a sql 
point-of-view, I haven't checked the code how difficult would be to support 
email addresses as login.
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Incomplete error messages from bounced emails?

2014-09-05 Thread Giovanni Bechis 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 09/01/14 18:53, Hugo Osvaldo Barrera wrote:
> On 2014-09-01 11:46, Gilles Chehade wrote:
>> On Sat, Aug 23, 2014 at 12:28:00PM -0300, Hugo Osvaldo Barrera wrote:
>>> On 2014-08-22 18:32, Giovanni Bechis wrote:
>>>> On 08/22/14 14:30, Hugo Osvaldo Barrera wrote:
>>>>> I recently had some messages bounce from gmail.com. I went up to their 
>>>>> forums
>>>>> to ask what's up, and on the replies, it was pointed out to my that gsmtpd
>>>>> actually sends a rather verbose explanation message when it bounces 
>>>>> messages
>>>>> (eg: if it's spam, invalid return address, blacklisted address, etc).
>>>>>
>>>>> Here's the thread were this was pointed to me. I'm guessing that sending 
>>>>> an
>>>>> email from a non-static IP range is enough to trigger a bounce 
>>>>> harmelessly:
>>>>> https://productforums.google.com/forum/#!msg/gmail/SQQAbew5tfE/-ue8aO07sf8J
>>>>>
>>>>> Can somebody confirm if these explanations are being dropped by smtpd, if
>>>>> they're non-standard, or what's going on?
>>>>>
>>>> gmail warnings are splitted in two or more lines and smtpd logs only one 
>>>> of them.
>>>> See https://github.com/OpenSMTPD/OpenSMTPD/issues/365 for details.
>>>>  Cheers
>>>>   Giovanni
>>>>
>>>> -- 
>>>> You received this mail because you are subscribed to misc@opensmtpd.org
>>>> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>>>>
>>>
>>> Looks like the devs were expecting this to make it to the list and it did 
>>> not.
>>> Can we bring that up now? Are there any downsides to implementing this?
>>>
>>
>> Yes, we were waiting for the discussion to come up.
>>
>> There's a downside to implementing this:
>>
>> Imagine you create an account for me on your server.
>> I then decide to go rogue and setup a remote MX which will reply with
>> a HUGE response, say 1000s of lines.
>>
>> We need to log atomically so:
>>
>> a- log line can't be written until we're done reading response;
>> b- session needs to remember every line of the response until done reading;
>>
> 
> Can't we not-log all of it, but keep the message and send it to the original
> sender?
> 
> The logs could be something like:
> 
>   "550 Error... [25 more lines trimmed]"
> 
I would like to have at maximum 5/6 lines of response on my log to be able to 
found if a problem is recurring and which could be the original cause.
 Cheers
  Giovanni
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJUCfFIAAoJEI7Sc79XDlKKIOgIAJUFm5US9HxXVPAsB8nGTwGH
t7fDfqqbn+Uuhpnilh/zWznrjqmoA1QeJLdvSo31T/mu2hz3EJ8IauLscYnkvCA3
ZB0PjSGFDec1B6cJ3LoyWscSIn/cn1xn/4cUDDAupsyMelIdmfAL4xNOupm073wC
hkEcFqPpqfnTU5aQMV3H/hG7Xs/1jMqjWtNF3IU+gVUfWfilYnu+QAwJq6YBVGFX
lhJn4Eqj4rAOeQfr0jAY1qvbqBcsCDrpfgrHW4LYiNMjrDcfUQ8tkoWjfM+73FY2
iWVmEFvuyybanHjmTGysue4ssAOmrSmot3tw2pAWIRY9Gk0XlL6M17EvGgKhJPg=
=/Zip
-END PGP SIGNATURE-

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Postgres?

2014-09-05 Thread Giovanni Bechis 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 09/05/14 15:19, Hugo Osvaldo Barrera wrote:
> Hi,
> 
> For a while now I've been wanting to try the postgres support properly. I've
> finally sat down to do it, but haven't had much luck:
> 
> # grep postgres smtpd.conf
> table postgres postgres://postgres.conf
> # smtpd -n
> fatal: table_create: backend "postgres" does not exist
> 
> Do I need to do any special building? Am I using the wrong syntax?
> 
> I'm using OpenBSD-current (updated like 2 weeks ago?).
> 
> Thanks,
> 
This is still work-in-progress on OpenBSD, (see 
http://marc.info/?l=openbsd-ports&m=140845596917927&w=2), if interested I have 
a quite-working port.
 Cheers
  Giovanni
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJUCfCxAAoJEI7Sc79XDlKKVzwH/1timymhqZvNWuFxr2EvLKMI
jtYXTyVkczE7QkWJQ01MlVPe7OVt0Fi2pZmPFg4eRBdMRauzU8eLIpwl+c3hlGHZ
S600a7Hq1dv6GLnJ2suC5P+1EefUe0jR4t9QMIvbAJF8qcn069gfufgchNVBwl92
F7D/yft1WnwCwOj0dFvGA2ETGjnt6kM5Gp4L1se7CpUBw7ysOtGYlQ3u6yuuWKE/
z0nskJ1w7LVo/LKUxpa3BqBGgmNeG2WKHfj9sA2Qh5K1RL27FIhPM5MTfWGwXJt6
exDGCbaawm9KfB9PsuYF8X7uWI0U1KpBecKLZRlFKmoOhTLXXqyaTopp6w51Qng=
=BKTt
-END PGP SIGNATURE-

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Incomplete error messages from bounced emails?

2014-08-22 Thread Giovanni Bechis 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/22/14 14:30, Hugo Osvaldo Barrera wrote:
> I recently had some messages bounce from gmail.com. I went up to their forums
> to ask what's up, and on the replies, it was pointed out to my that gsmtpd
> actually sends a rather verbose explanation message when it bounces messages
> (eg: if it's spam, invalid return address, blacklisted address, etc).
> 
> Here's the thread were this was pointed to me. I'm guessing that sending an
> email from a non-static IP range is enough to trigger a bounce harmelessly:
> https://productforums.google.com/forum/#!msg/gmail/SQQAbew5tfE/-ue8aO07sf8J
> 
> Can somebody confirm if these explanations are being dropped by smtpd, if
> they're non-standard, or what's going on?
> 
gmail warnings are splitted in two or more lines and smtpd logs only one of 
them.
See https://github.com/OpenSMTPD/OpenSMTPD/issues/365 for details.
 Cheers
  Giovanni
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJT93C6AAoJEI7Sc79XDlKKLWkH+we5rr8BJrF86lk81z01wTsf
xNGjo/2lly6zuIwYlknmeRqoJLUNOgj5xJrKIMen3YkveOdcq/aLl3yxBLN4pH9j
cU/60mLohNWAzpbX4KbFDPxlbpn7SMkxxZ3asfWgcRjPt7LX2MBO1l5qw9umk8VZ
v60OCJGsSxv49ps+KyoBh0fDxqXJordR6aCmVix83Kc6rTCKeYcKzAyGSqSI3JqF
DKFQra25z8lR/kvB6vuQmq+cFUejWDc7p0st0Rq4WGRUwq7ZpiEf7IjUSLhxbiYL
736oUdwW9MlRwr+GWPaK3UaCXXE6z2Tj4IxzW4WGbiWsDY0Y02SgcPpODMTp2GY=
=9pqx
-END PGP SIGNATURE-

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Can't deliver messages: connection closed unexpectedly

2014-08-21 Thread Giovanni Bechis 
On 08/21/14 23:30, Fabio Riga wrote:
> Il 21/08/2014 23:18, Giovanni Bechis ha scritto:
>> Is the "cloudmark line" in your log splitted in two lines ?
>> If it is true this could be why it is not logged: 
>> https://github.com/OpenSMTPD/OpenSMTPD/issues/365
>>  Cheers
>>   Giovanni
> No, it isn't. It's one line and it isn't in the log file. Only telnet 
> reported this.
> 
> Fabio
when you connect with telnet is the line splitted ?
if it is true the line will not be logged by smtpd.
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Can't deliver messages: connection closed unexpectedly

2014-08-21 Thread Giovanni Bechis 
On 08/21/14 23:13, Fabio Riga wrote:
> Il 21/08/2014 22:38, Giovanni Bechis ha scritto:
>> try this one:
>> # /etc/rc.d/smtpd stop && smtpd -dv
>> # smtpctl trace smtp
>> Post your logs.
>>
>> Anyway I tried from my smtpd server (~OpenBSD 5.6) and it is working fine.
>>   Cheers
>>Giovanni
> Dear Giovanni, thanks for your help. I found the solution trying to connect 
> to a mx server via telnet (from my server) and this is the result:
> 
> [fabio@mail ~]$ telnet mxd1.aruba.it 25
> Trying 62.149.128.160...
> Connected to mxd1.aruba.it.
> Escape character is '^]'.
> 554 mxcmd04.ad.aruba.it bizsmtp hYzf1o0274Aa5Bp01 Connection refused from 
> 149.210.142.193. See 
> http://csi.cloudmark.com/reset-request/?ip=149.210.142.193 for more 
> information.
> Connection closed by foreign host.
> 
> So my server is blacklisted by this cloudmark, I just sent the reset request 
> and hopefully I'll resolve the problem. Anyway, openSMTPd didn't report this. 
> Another blacklist system was blocking me some time ago and was reported in 
> the log. I don't understand why this wasn't found.
> 
> Cheers,
> Fabio
> 
Is the "cloudmark line" in your log splitted in two lines ?
If it is true this could be why it is not logged: 
https://github.com/OpenSMTPD/OpenSMTPD/issues/365
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Can't deliver messages: connection closed unexpectedly

2014-08-21 Thread Giovanni Bechis 
On 08/21/14 21:43, Fabio Riga wrote:
> Il 21/08/2014 19:19, Giovanni Bechis ha scritto:
>> Fabio Riga  ha scritto:
>>
>> Il 21/08/2014 18:49, Fabio Riga ha scritto:
>>
>> disconnected in state MTA_EHLO
>> After debugging I googled this and found
>> https://github.com/OpenSMTPD/OpenSMTPD/issues/446, but for me this tells
>> nothing about the problem.
>>
>> Fabio
>>
>>
>> Can you try "smtpctl trace smtp" and then repost you log ?
>> You should have a more verbose log.
>> Cheers
>> Giovanni 
> This command does nothing. My logs are just the same...
> 
try this one:
# /etc/rc.d/smtpd stop && smtpd -dv
# smtpctl trace smtp
Post your logs.

Anyway I tried from my smtpd server (~OpenBSD 5.6) and it is working fine.
 Cheers
  Giovanni
Aug 21 22:32:32 blink smtpd[14341]: smtp-in: New session ccded70ed5481b45 from host 0@localhost [local]
Aug 21 22:32:32 blink smtpd[14341]: smtp-in: Accepted message b5b50af4 on session ccded70ed5481b45: from=, to=, size=189, ndest=1, proto=ESMTP
Aug 21 22:32:32 blink smtpd[14341]: smtp-in: Closing session ccded70ed5481b45
Aug 21 22:32:32 blink smtpd[14341]: smtp-out: Connecting to smtp+tls://62.149.128.67:25 (mxd11.aruba.it) on session ccded7110811901b...
Aug 21 22:32:32 blink smtpd[14341]: smtp-out: Connected on session ccded7110811901b
Aug 21 22:32:32 blink smtpd[14341]: smtp-out: Started TLS on session ccded7110811901b: version=TLSv1/SSLv3, cipher=DHE-RSA-AES256-SHA, bits=256
Aug 21 22:32:32 blink smtpd[14341]: smtp-out: Server certificate verification failed on session ccded7110811901b
Aug 21 22:32:34 blink smtpd[14341]: relay: PermFail for b5b50af4cd5a3c7a: session=ccded7110811901b, from=, to=, rcpt=<->, source=1.2.3.4, relay=62.149.128.67 (mxd11.aruba.it), delay=2s, stat=550 5.1.1  : sorry, no mailbox here by that name (#5.1.1 - chkuser)

Re: Can't deliver messages: connection closed unexpectedly

2014-08-21 Thread Giovanni Bechis 
Fabio Riga  ha scritto:
>Il 21/08/2014 18:49, Fabio Riga ha scritto:
>> disconnected in state MTA_EHLO
>After debugging I googled this and found 
>https://github.com/OpenSMTPD/OpenSMTPD/issues/446, but for me this
>tells 
>nothing about the problem.
>
>Fabio
>
>-- 
>You received this mail because you are subscribed to misc@opensmtpd.org
>To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Can you try "smtpctl trace smtp" and then repost you log ?
You should have a more verbose log.
  Cheers
 Giovanni

Re: Can't deliver messages: connection closed unexpectedly

2014-08-21 Thread Giovanni Bechis 
On 08/21/14 17:33, Giovanni Bechis wrote:
> On 08/21/14 15:59, Fabio Riga wrote:
>> Hi list,
>>
>> I run an OpenBSD 5.5 server on a VPS with OpenSMTPd. I get the message 
>> "Connection closed unexpectedly" and a TempFail for every message sent to 
>> every domain of a very big Italian ISP. The TempFail last 4 days, then the 
>> message expires. I don't know if the laconic message is an OpenSMTPd issue 
>> or a ISP one, but maybe somebody has a clue of the possible causes.
>>
>> I tryed as well to ask to the ISP, maybe I'll get an answer...
>>
>> Here it is a part of maillog:
>>
> I think it could a network problem on their side, from Italy (OpenBSD 5.6) I 
> cannot deliver (see log file), from outside Italy there are no problems.
>  Cheers
>   Giovanni
> 
Discard the message, my connection is in Spamhaus, from outside Italy I can 
confirm I can deliver to aruba.it.
 Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Can't deliver messages: connection closed unexpectedly

2014-08-21 Thread Giovanni Bechis 
On 08/21/14 15:59, Fabio Riga wrote:
> Hi list,
> 
> I run an OpenBSD 5.5 server on a VPS with OpenSMTPd. I get the message 
> "Connection closed unexpectedly" and a TempFail for every message sent to 
> every domain of a very big Italian ISP. The TempFail last 4 days, then the 
> message expires. I don't know if the laconic message is an OpenSMTPd issue or 
> a ISP one, but maybe somebody has a clue of the possible causes.
> 
> I tryed as well to ask to the ISP, maybe I'll get an answer...
> 
> Here it is a part of maillog:
> 
I think it could a network problem on their side, from Italy (OpenBSD 5.6) I 
cannot deliver (see log file), from outside Italy there are no problems.
 Cheers
  Giovanni

Script started on Thu Aug 21 17:28:16 2014
$ sm  sudo smtpd -dv

debug: init ssl-tree
info: OpenSMTPD 5.4.3 starting
debug: bounce warning after 4h
debug: using "fs" queue backend
debug: using "ramqueue" scheduler backend
debug: using "ram" stat backend
info: startup [debug mode]
debug: parent_send_config_ruleset: reloading
debug: parent_send_config: configuring pony process
debug: parent_send_config: configuring ca process
debug: init ssl-tree
debug: ca_engine_init: using RSAX engine support
debug: smtp: listen on 127.0.0.1 port 25 flags 0x400 pki ""
debug: smtp: listen on IPv6:fe80::1%lo0 port 25 flags 0x400 pki ""
debug: smtp: listen on IPv6:::1 port 25 flags 0x400 pki ""
debug: smtp: will accept at most 2037 clients
debug: init private ssl-tree
debug: queue: done loading queue into scheduler
debug: smtpd: scanning offline queue...
debug: smtpd: offline scanning done
debug: smtp: new client on listener: 0x4536b769300
smtp: 0x4565257e000: STATE_NEW -> STATE_CONNECTED
smtp-in: New session aa25a6d9509a520a from host 1000@localhost [local]
smtp: 0x4565257e000: >>> 220 localhost ESMTP OpenSMTPD
smtp: 0x4565257e000: <<< EHLO localhost
smtp: 0x4565257e000: STATE_CONNECTED -> STATE_HELO
smtp: 0x4565257e000: >>> 250-localhost Hello localhost [local], pleased to meet you
smtp: 0x4565257e000: >>> 250-8BITMIME
smtp: 0x4565257e000: >>> 250-ENHANCEDSTATUSCODES
smtp: 0x4565257e000: >>> 250-SIZE 36700160
smtp: 0x4565257e000: >>> 250 HELP
smtp: 0x4565257e000: <<< MAIL FROM:  
smtp: 0x4565257e000: >>> 250 2.0.0: Ok
smtp: 0x4565257e000: <<< RCPT TO: 
smtp: 0x4565257e000: >>> 250 2.1.5 Destination address valid: Recipient ok
smtp: 0x4565257e000: <<< DATA
smtp: 0x4565257e000: STATE_HELO -> STATE_BODY
smtp: 0x4565257e000: >>> 354 Enter mail, end with "." on a line by itself
<<< [MSG] From: Giovanni Bechis 
<<< [MSG] Date: Thu, 21 Aug 2014 17:28:35 +0200 (CEST)
<<< [MSG] Message-Id: <5588509546345635123.enqu...@bigio.paclan.it>
<<< [MSG] To: t...@staff.aruba.it
<<< [MSG] Subject: test
<<< [MSG] 
<<< [MSG] test
debug: 0x4565257e000: end of message, msgflags=0x
smtp: 0x4565257e000: >>> 250 2.0.0: e8eb560f Message accepted for delivery
smtp-in: Accepted message e8eb560f on session aa25a6d9509a520a: from=, to=, size=196, ndest=1, proto=ESMTP
debug: scheduler: evp:e8eb560f60257862 scheduled (mta)
smtp: 0x4565257e000: STATE_BODY -> STATE_HELO
smtp: 0x4565257e000: <<< QUIT
smtp: 0x4565257e000: >>> 221 2.0.0: Bye
smtp: 0x4565257e000: STATE_HELO -> STATE_QUIT
smtp-in: Closing session aa25a6d9509a520a
debug: smtp: 0x4565257e000: deleting session: done
debug: mta: received evp:e8eb560f60257862 for 
debug: mta: draining [relay:staff.aruba.it] refcount=1, ntask=1, nconnector=0, nconn=0
debug: mta: querying MX for [relay:staff.aruba.it]...
debug: mta: [relay:staff.aruba.it] waiting for MX
debug: MXs for domain staff.aruba.it:
	62.149.157.49 preference 10
debug: mta: ... got mx (0x45611e38220, staff.aruba.it, [relay:staff.aruba.it])
debug: mta: draining [relay:staff.aruba.it] refcount=1, ntask=1, nconnector=0, nconn=0
debug: mta: querying source for [relay:staff.aruba.it]...
debug: mta: ... got source for [relay:staff.aruba.it]: []
debug: mta: new [connector:[]->[relay:staff.aruba.it],0x1]
debug: mta: connecting with [connector:[]->[relay:staff.aruba.it],0x0]
debug: mta-routing: searching new route for [connector:[]->[relay:staff.aruba.it],0x0]...
debug: mta-routing: selecting candidate route [] <-> 62.149.157.49
debug: mta-routing: spawning new connection on [] <-> 62.149.157.49
debug: mta: 0x45666484000: spawned for relay [relay:staff.aruba.it]
debug: mta: connecting with [connector:[]->[relay:staff.aruba.it],0x0]
debug: mta: cannot use [relay:staff.aruba.it] before 2s
debug: mta-routing: no route available for [connector:[]->[relay:staff.aruba.it],0x0]: must wait a bit
debug: mta: retrying to connect on [connector:[]->[relay:staff.aruba.i

Re: [userbase] email in login field

2014-08-20 Thread Giovanni Bechis 
On Wed, Aug 20, 2014 at 02:16:05PM +0200, Martijn van Duren wrote:
> 
> > query_alias select COALESCE(destination, REPLACE(maddr, '@',
> > '_')), ? as maddr from mail_forwarding where source=maddr;
> 
> And of course I was a bit too fast with this one (column aliases can't
> be used in other columns), so if something should work it would be:
> 
> query_alias SET @maddr = ?; SELECT COALESCE(destination,
> REPLACE(@maddr, '@', '_')) from mail_forwarding where source=@maddr;
> 
> I've tested this one as a proof of concept, yet not in an
> table_mysql.conf setup.
> 
> I am curious if this works, so keep me posted. :)
> 
This one seems to work, I created a view to get rid of the SET instructions 
that does not seem
to work.
I will do more tests soon.
 Thanks & Cheers
  Giovanni
#
# Sample PostgreSQL configuration file
#
# This is an example configuration file for using OpenSMTPD with the PostgreSQL
# backend for lookups. OpenSMTPD does not have hardcoded tables and you may
#
#

hostlocalhost
usernameuser
passwordpass
databasedb

# Alias lookup query
#
# rows   >= 0
# fields == 1 (user varchar)
#
query_alias select destination from mail_valias where source=?


# Domain lookup query
#
# rows   == 1
# fields == 1 (domain varchar)
#
query_domainselect domain from mail_domain where domain=?;


# User lookup query
#
# rows   == 1
# fields == 3 (uid int, gid int, directory varchar)
#
query_userinfoselect uid,gid,maildir from mail_user where 
REPLACE(login, '@', '_')=? and server_id=6;


# Credentials lookup query
#
# rows   == 1
# fields == 2 (username varchar, password varchar)
#
query_credentialsselect login, password from mail_user where login=?;


# Netaddr lookup query
#
# rows   == 1
# fields == 1 (netaddr varchar)
#
#query_netaddrselect value from netaddr where value=$1;
MariaDB [dbispconfig]> show create view mail_valias\G
*** 1. row ***
View: mail_valias
 Create View: CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL 
SECURITY DEFINER VIEW `mail_valias` AS select `mail_forwarding`.`source` AS 
`source`,replace(replace(`mail_forwarding`.`destination`,'@','_'),'\r\n',', ') 
AS `destination` from `mail_forwarding` union select `mail_user`.`email` AS 
`email`,replace(`mail_user`.`email`,'@','_') AS `replace(email, '@', '_')` from 
`mail_user`
character_set_client: utf8
collation_connection: utf8_general_ci
1 row in set (0.00 sec)

MariaDB [dbispconfig]> \q

Re: [userbase] email in login field

2014-08-20 Thread Giovanni Bechis 
On 08/20/14 14:16, Martijn van Duren wrote:
> 
>> query_alias select COALESCE(destination, REPLACE(maddr, '@',
>> '_')), ? as maddr from mail_forwarding where source=maddr;
> 
> And of course I was a bit too fast with this one (column aliases can't
> be used in other columns), so if something should work it would be:
> 
> query_alias SET @maddr = ?; SELECT COALESCE(destination,
> REPLACE(@maddr, '@', '_')) from mail_forwarding where source=@maddr;
> 
> I've tested this one as a proof of concept, yet not in an
> table_mysql.conf setup.
> 
> I am curious if this works, so keep me posted. :)
> 
nope, syntax error in query alias, anyway in my alias table I haven't all 
users, just real aliases, so the query won't match.
 Thanks & Cheers
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: [userbase] email in login field

2014-08-20 Thread Giovanni Bechis 
On 08/20/14 11:27, Martijn van Duren wrote:
> Hello Giovanni,
> 
> When doing a login the username is always stripped from its domain part.
> For my setup (sqlite-based) I worked around this in the following manner
> (only important sections):
I have to think if it is possible for me, I want to switch to opensmtpd only 
one node of my postfix cluster for the moment; my user database must be 
postfix-compatible for some time. 
 Cheers & Thanks
  Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

[userbase] email in login field

2014-08-20 Thread Giovanni Bechis 
Hi,
I am trying to configure an smtpd server with mysql as userbase, on my database 
the mailbox schema is the following (simplified):
id  1
login   giova...@paclan.it
email   giova...@paclan.it
uid 5000
gid 5000
maildir /var/vmail/paclan.it/giovanni

With the following conf the table_lookup tries to find a record with 
login=giovanni instead of login=giova...@paclan.it, is there a way to tell that 
the login field contains an email ?
 Thanks
  Giovanni
#
# Sample PostgreSQL configuration file
#
# This is an example configuration file for using OpenSMTPD with the PostgreSQL
# backend for lookups. OpenSMTPD does not have hardcoded tables and you may
#
#

hostlocalhost
usernameuser
passwordpass
databasedb

# Alias lookup query
#
# rows   >= 0
# fields == 1 (user varchar)
#
query_aliasselect destination from mail_forwarding where 
source=?;


# Domain lookup query
#
# rows   == 1
# fields == 1 (domain varchar)
#
query_domainselect domain from mail_domain where domain=?;


# User lookup query
#
# rows   == 1
# fields == 3 (uid int, gid int, directory varchar)
#
query_userinfoselect uid,gid,maildir from mail_user where 
login=? and server_id=6;


# Credentials lookup query
#
# rows   == 1
# fields == 2 (username varchar, password varchar)
#
query_credentialsselect login, password from mail_user where login=?;


# Netaddr lookup query
#
# rows   == 1
# fields == 1 (netaddr varchar)
#
#query_netaddrselect value from netaddr where value=$1;
#   $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

# To accept external mail, replace with: listen on all
#
listen on lo0

table vusers mysql:/tmp/mysql.conf
table vdomains mysql:/tmp/mysql.conf
table aliases mysql:/tmp/mysql.conf

accept for domain  userbase  alias  deliver to 
maildir
accept from local for any relay
smtp-in: New session fa16849c56bf0dd1 from host localhost [127.0.0.1]
lookup: check "127.0.0.1" as NETADDR in table static: -> found
lookup: check "paclan.it" as DOMAIN in table proc:vdomains -> found
lookup: lookup "giovanni" as ALIAS in table proc:aliases -> 0
lookup: lookup "giovanni" as USERINFO in table proc:vusers -> 0
smtp-in: Failed command on session fa16849c56bf0dd1: "RCPT TO: " => 550 Invalid recipient