MIMEDefang support for OpenSMTPd
Hi, I've just released the first version of mimedefang-smtpd-filter, an smtpd filter to use MIMEDefang together with OpenSMTPd. The filter is a bridge between smtpd(8) protocol and mimedefang-protocol(7); not all MIMEDefang features are currently supported but most mimedefang-filter scripts should work without issues. The filter can be downloaded from https://mimedefang.org/download/, code is available at https://github.com/The-McGrail-Foundation/MIMEDefang-smtpd-filter. Cheers Giovanni signature.asc Description: PGP signature
Re: OpenSMTPD ignores the system time zone in mail header and logfile
On Fri, Nov 04, 2022 at 12:51:17PM -0400, Stuart D Gathman wrote: > On Thu, 3 Nov 2022, Nils wrote: > > > The problem is probably Void Linux specific, since I don't have this > > problem on a OpenBSD installation. > > > P.S.: This is a cross-post of > > https://github.com/void-linux/void-packages/issues/39918 > > I did some research and reported on the github issue. > > Summary: > > The Received header field should use -, not + when localtime is > not actually UTC. But Received should not necessarily be in localtime. > The following diff creates Received headers with - values. Cheers Giovanni Index: to.c === RCS file: /cvs/src/usr.sbin/smtpd/to.c,v retrieving revision 1.48 diff -u -p -r1.48 to.c --- to.c14 Jun 2021 17:58:16 - 1.48 +++ to.c4 Nov 2022 17:30:11 - @@ -159,7 +159,7 @@ time_to_text(time_t when) day[lt->tm_wday], lt->tm_mday, month[lt->tm_mon], lt->tm_year + 1900, lt->tm_hour, lt->tm_min, lt->tm_sec, - offset >= 0 ? '+' : '-', + offset > 0 ? '+' : '-', abs((int)offset / 3600), abs((int)offset % 3600) / 60, tz)) signature.asc Description: PGP signature
Re: Problem using senders table in listen directive
On 10/12/19 4:46 PM, y38...@protonmail.com wrote: > SELECT (username||'@'||domain) FROM users WHERE ? LIKE mailbox I think it should read SELECT (username||'@'||domain) FROM users WHERE mailbox LIKE ? typo or error ? Giovanni
Re: Filters and rctp-to rewrite.
On 9/9/19 7:16 PM, Reio Remma wrote: > On 09.09.2019 20:03, Giovanni Bechis wrote: >>> I'm currently using amavisd-new with the quarantine feature, but I'm >>> itching to switch to Rspamd (greylisting here I come!). >>> >> amavisd-new 2.12 has rspamd support, have you tried it ? > > Curious! I see the project has again switched hands, if you mean this one? > > https://gitlab.com/amavis/amavis > exactly, this is the new official amavis home. > I'll have a look at it. Then again with Rspamd and filter-rspamd we could cut > down a lot of complexity. >
Re: Filters and rctp-to rewrite.
On 9/9/19 6:48 PM, Reio Remma wrote: > On 09.09.2019 18:13, Martijn van Duren wrote: >> On 9/9/19 3:37 PM, Reio Remma wrote: >>> Hello! >>> >>> Slowly digging into filters. >>> >>> Now I'm curious if it's possible to modify the recipient after say spam >>> check in data-line? I get the impression that rewriting rcpt-to at that >>> stage is impossible, but my goal would be to redirect/quarantine high >>> scoring spam to a special e-mail address. >>> >>> Would it be doable somehow? >>> >>> Thanks! >>> Reio >>> >> It is not. >> >> What you might be able to do is add an additional header and somehow let >> an lmtp server make the decision based on the header. >> >> I haven't used lmtp myself, no clue if this actually works, but it's >> worth investigating :-) >> >> Please reply to the threat if you managed to make it work. > > Thanks Martijn and Gilles for the confirmation! > > I'm currently using amavisd-new with the quarantine feature, but I'm itching > to switch to Rspamd (greylisting here I come!). > amavisd-new 2.12 has rspamd support, have you tried it ? > I'm using the quarantine to keep an eye on mails with a medium spam score so > we won't lose the occasional legit mail with a higher than normal spam score. > Additionally I can train these borderline mails correctly as ham/spam. > > I now see Rspamd has a metadata exporter feature I could probably use to copy > spammy mails to the quarantine mail address. > > There are also Dovecot's sieve scripts. I'll have to see which work better. > > Thanks, > Reio >
Re: RBLs?
On 7/2/19 10:31 PM, mabi wrote: > ‐‐‐ Original Message ‐‐‐ > On Tuesday, July 2, 2019 11:44 AM, Gilles Chehade wrote: > >> if you configure rspamd to flag spam mail as reject, smtpd will reject them. > > Glad to hear that this is possible with rspamd! Because with SpamAssassin it > is only possible to tag the mail as spam but not to reject it upfront. I want > to reject the mail immediately if it detected as spam so that it does not get > relayed further (out to another mail server). > I think it could be possible to write a filter-spamassassin, that way smtpd could reject based on SpamAssassin tags. Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: How can I integrate opensmtpd with opendkim?
Atm I am using amavisd-new with clamav and spamassassin disabled to sign dkim on a send-only server with opensmtpd. Cheers Giovanni On 1/30/19 6:18 PM, Sergey Seacher wrote: > I use Centos 7. There is packages perl-Mail-DKIM and opendkim in repository, > but there is not > dkimproxy. > > 30.01.2019 19:04, Chris Bennett пишет: >> On Wed, Jan 30, 2019 at 05:45:35PM +0300, Sergey Seacher wrote: >>> Hello, All! >>> >>> How can I integrate opensmtpd with opendkim? >>> >> There is also dkimproxy and a Perl module p5-Mail-DKIM. >> Which one do you recommend, you hinted that there will be changes from >> 6.4 to 6.5 for dkimproxy setup when it comes out, if I understood >> correctly. >> >> I've got things working for 6.4 right now, but I will post a couple of >> questions about using auth and some other stuff I expect/want to use >> shortly. >> >> Thanks, I'm really thrilled to have this massive improvement over >> sendmail!! All of your time doing this work has been so helpful, I >> really hated sendmail with that huge book I had for it. >> >> Chris Bennett >> >> -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: tool-stats
On 09/06/16 18:10, Mischa wrote: > Hi All, > > Did something else change in 6.0 in regards to logging? > > tool-stats remains very empty. > in OpenBSD 6.0 works file, are you running portable (on Linux) ? - tool-stats - smtpd log statistics (c) 2016 Joerg Jung Thu Sep 06 09:00:02 - Thu Sep 06 18:19:33 Messages: smtp: 6533 mta: 6509 mda: 0 reject: 0 Throughput: 700.57 mails/hour 44.67 mbytes/hour - Cheers Giovanni > # zcat /var/log/maillog.6.gz | tool-stats > tool-stats - smtpd log statistics (c) 2016 Joerg Jung > > Mon Aug 27 15:00:01 - Tue Aug 28 15:00:01 > > Messages: smtp: 0 mta: 0 mda: 0 reject: 4327 > Throughput: 0.00 mails/hour 0.00 bytes/hour > > Filters > >DNSBL: 4327 >Regex: connect: 0 helo: 0 mail: 0 rcpt: 0 dataline: 0 >Spam:0 >Virus: 0 > > ### > > # tool-stats /var/log/maillog > tool-stats - smtpd log statistics (c) 2016 Joerg Jung > > Thu Sep 06 11:00:01 - Thu Sep 06 18:07:10 > > Messages: smtp: 0 mta: 0 mda: 0 reject: 0 > Throughput: 0.00 mails/hour 0.00 bytes/hour > > Filters > >DNSBL: 0 >Regex: connect: 0 helo: 0 mail: 0 rcpt: 0 dataline: 0 >Spam:0 >Virus: 0 > > > > I can see mail is coming in still > > # grep -c "550 Invalid recipient" /var/log/maillog > 754 > > Mischa > > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Filters
Il 1 gennaio 2016 08:09:17 CET, Damian McGuckin <dami...@esi.com.au> ha scritto: > >Hi everybody, > >New to this list although I have been using OpenBSD thought since 2.1. >Contributed hardware (long ago) to the OpenBSD project. > >I am trying to figure out how to use DNS BLs with OpenSMTPD. Until I >can >do that, I do not want to deploy it. > >I can see the API code in the source try but not the instructions on >how >to use it. > >I found the document 'opensmtpd-LinuxCon2015.conf' by Giovanni Bechis >and >it seems to imply that filters are operational. In fact, it says > > "there are filters available for dnsbl, regex matching, > Spam Assassin, and Clamav integration and much more" > >However, except for some limited images in the presentation, I cannot >find >any documentation. Even if I grep 'dnsbl' in the current release, >nothing >is there. > >Any pointers as to where I can find this information? > >Thanks - Damian > >Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW >2037 >Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted >here >Views & opinions here are mine and not those of any past or present >employer You should at least pkg_add opensmtpd-extras to start playing with filters. In base there is only the opensmtpd core implementation. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Configuring opensmtpd to send local mails via smarthost
On 11/25/15 13:41, tomaszdro...@interia.eu wrote: [...] I have something like this: > secrets_for_relay_via: > tomaszdrozdz_interia_eu:tomaszdrozdz:my_password > label tomaszdro...@interia.eu:password > makemap secrets_for_relay_via > > smtpd.conf: > listen on lo > table secrets_for_relay_via db:/etc/opensmtpd/secrets_for_relay_via.db > accept from local for any relay via > secure+auth://tomaszdrozdz_interia...@poczta.interia.pl auth > > expire 4h > accept from local for any relay via secure+auth://la...@poczta.interia.pl auth Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
On 11/11/15 08:13, Mohammad H. Al Shami wrote: > What I personally do is have a single server in my network able to send > emails to the public, and all other servers just relay via that server. > > Makes handling DKIM/SPF/DMARC easier IMHO > you should correctly setup your hostname and you dns then. At least your hostname should resolve to something. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
On 11/10/15 11:54, tomaszdro...@interia.eu wrote: > May I have question about smart host ? > What is it, how does it work, what do I need, how to configure OPENSMTPD ? > > Is it kind of "relay via" ? > Do I need some mail account elsewhere for my OPENSMTD to log in ? > It is hard for me to google out the "idea draft" of smart host) > you should use "relay via" and use an account created by your isp if you do not want to send emails directly via your server. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
On 11/09/15 17:22, tomaszdro...@interia.eu wrote: > So You suggest that for example: > > 1) > My Linux host <---> router <---> ISP > a) I should have static IP from my ISP and I should own my won domain ? > not necessarily but your hostname(1) should resolve to something; you can always use a smart host to send outbound email if you do not have a static ip. > 2) > My Linux host <---> my company intranet > a) my company should "allowed my Linux host in company DNS system" ? > [[ b) this question only by my curiosity because I guess configuring DNS on > my Linux host is to much work for me - am I right ?] - and the question is: I > could install DNS on my Linux host and dont care about my company DNS system > ?] > if your dns is managed by your company, your company should create at least an A record for your linux box. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
On 10/30/15 12:25, tomaszdro...@interia.eu wrote: > Giovanni Bechis" <giova...@paclan.it> >> what is the output of `hostname`, `hostname --fqdn` and `dnsdomainname` ? >> Your hostname whould be in fqdn format, not just the name of the host. >> Cheers >>Giovanni >> > > *) hostname > se-gips > > *) hostname --fqdn > se-gips > > *) dnsdomainname > [shows nothing - empty] > As I told you before, set your hostname to something that is resolvable (se-gips.interia.eu is in fqdn format but still not resolvable). Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
On 10/30/15 11:49, tomaszdro...@interia.eu wrote: [...] > 7) cat /etc/hostname > se-gips > > 8) cat /etc/resolv.conf > what is the output of `hostname`, `hostname --fqdn` and `dnsdomainname` ? Your hostname whould be in fqdn format, not just the name of the host. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
tomaszdro...@interia.eu ha scritto: >Hallo opensmtpd mail list :-) > >I must say that I am "email server" greenhorn. >I also do not have much experience in net configuration. > >I want to have email server that will allow me to send emails from my >linux. >I search internet (sendmail, qmail, exim, postfix, ...) and luckily >found OPENSMTPD :-) >I have liked it just after seeing one configuration line with: "accept >from ...". >Way of configuring opensmtpd seams to me be modern, simple and easiest >of all smtp servers :-) > >As I wrote I am greenhorn and have problem. > > > >1) My system info: > >A) I run: >Operating System: Fedora 21 (Twenty One) >CPE OS Name: cpe:/o:fedoraproject:fedora:21 >Kernel: Linux 4.1.8-100.fc21.x86_64 >Architecture: x86-64 > >on Virtual box. > >B) dnf info opensmtpd > >Name: opensmtpd >Arch: x86_64 >Version : 5.7.1p1 >Release : 1.fc21 > >2) >A) iptables --list > >Chain INPUT (policy ACCEPT) >target prot opt source destination > >Chain FORWARD (policy DROP) >target prot opt source destination > >Chain OUTPUT (policy ACCEPT) >target prot opt source destination > >B) ip addr > >1: lo:mtu 65536 qdisc noqueue state UNKNOWN >group default >link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 >inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever >inet6 ::1/128 scope host > valid_lft forever preferred_lft forever >2: enp0s3: mtu 1500 qdisc pfifo_fast >state UP group default qlen 1000 >link/ether 08:00:27:6f:f9:22 brd ff:ff:ff:ff:ff:ff >inet 172.29.2.101/19 brd 172.29.31.255 scope global dynamic enp0s3 > valid_lft 570826sec preferred_lft 570826sec >inet6 fe80::a00:27ff:fe6f:f922/64 scope link > valid_lft forever preferred_lft forever >6: enp0s11u1: mtu 1500 qdisc >pfifo_fast state UNKNOWN group default qlen 1000 >link/ether 0c:5b:8f:27:9a:64 brd ff:ff:ff:ff:ff:ff > inet 192.168.8.100/24 brd 192.168.8.255 scope global dynamic enp0s11u1 > valid_lft 52421sec preferred_lft 52421sec >inet6 fe80::e5b:8fff:fe27:9a64/64 scope link > valid_lft forever preferred_lft forever > >3) My opensmtp: > >A) /etc/opensmtpd/smtpd.conf > >listen on lo >listen on enp0s3 >listen on enp0s11u1 > >accept from local for any relay > >expire 4h > >B) ls -laZ /var/log/maillog >-rw---. root root system_u:object_r:var_log_t:s0 /var/log/maillog > >C) ps -ef|grep smtpd > >root 11410 1 0 11:44 ?00:00:00 smtpd: [priv] >smtpq11411 11410 0 11:44 ?00:00:00 smtpd: queue >smtpd11412 11410 0 11:44 ?00:00:00 smtpd: control >smtpd11413 11410 0 11:44 ?00:00:00 smtpd: lookup >smtpd11414 11410 0 11:44 ?00:00:00 smtpd: scheduler >smtpd11415 11410 0 11:44 ?00:00:00 smtpd: pony express >smtpd11416 11410 0 11:44 ?00:00:00 smtpd: klondike > >4) mailx -s "hello" "tomaszdro...@interia.eu" > >5) Problems > >A) sudo smtpctl show queue > >c823c60ac80192be|local|mta|auth|@|tomek@se-gips|tomek@se-gips|1446115579|1446461179|0|8|invalid||Temporary >failure in MX lookup > >B) /var/log/maillog >is empty > >Why I can not send email ? >Why log file is empty ? > > >Please help if you can. >If you need more information I will provide it. Your server cannot resolve se-gips domain, check your host name and your resolver configuration. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
OpenSMTPD big deployments
Hi, in October I will give a talk at Linuxcon about OpenSMTPD, does anybody have some statistics about some big deployments ? Atm I have statistics only for my servers. Cheers Thanks Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Building dkimproxy on headless OpenBSD server with no X install sets
On 03/12/15 17:42, Gonzalo wrote: what are you talking about?? onzalo : /usr/ports sudo pkg_add -vi dkimproxy Password: Update candidates: quirks-2.54 - quirks-2.54 quirks-2.54 signed on 2015-03-08T12:33:05Z on 5.6 there is no package: revision 1.323 date: 2015/02/16 18:10:21; author: jasper; state: Exp; lines: +2 -1; commitid: L4dxY4PfIGmB6s3k; hookup dkimproxy which seems to have been forgotten when originally imported ok sthen@ Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: OpenSMTPD on OpenBSD 5.6 backend MySQL
On 02/10/15 16:20, Ultramedia Libertad wrote: Greetings friends, I read that OpenSMTPD already have the option of mysql backend, I would like to have an example of how to do it, As that previously used postfix with 3 virtual domains and 10 virtual users in total. by the time my mail server is stopped and l people without post until I learn how to work OpenSMTD with mysql backend. thank you for advance. OpenBSD 5.6 OpenSMTPD 5.4.3 Thank you for advance -- editor de sueños To be able to connect with MySQL you should install opensmtpd-extras port. It is available on current, I do not know if the current port will compile on 5.6 due to netdb.h change. Attached a couple of config files to start with, in mysql.conf you have to write your own sql queries. Cheers Giovanni # # Sample MySQL configuration file # hostlocalhost usernameuser passwordpass databasedb # Alias lookup query # # rows = 0 # fields == 1 (user varchar) # query_alias select destination from mail_valias where source=? # Domain lookup query # # rows == 1 # fields == 1 (domain varchar) # query_domainselect domain from mail_domain where domain=?; # User lookup query # # rows == 1 # fields == 3 (uid int, gid int, directory varchar) # query_userinfoselect uid,gid,maildir from mail_user where login=? # Credentials lookup query # # rows == 1 # fields == 2 (username varchar, password varchar) # query_credentialsselect login, password from mail_user where login=?; # Netaddr lookup query # # rows == 1 # fields == 1 (netaddr varchar) # #query_netaddrselect value from netaddr where value=$1; # $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all # listen on lo0 table vusers mysql:/tmp/mysql.conf table vdomains mysql:/tmp/mysql.conf table aliases mysql:/tmp/mysql.conf accept for domain vdomains userbase vusers virtual aliases deliver to maildir accept from local for any relay
Re: OpenSMTPD Extras and libasr
On 11/13/14 15:59, Emmanuel Vadot wrote: For 4, I think that for now smtpd uses ${PREFIX}/libexec/opensmtpd/ to look at custom tables/filters which will fail on OpenBSD if the user use the smtpd in base (PREFIX=/usr) and an extra via the packages (PREFIX=/usr/local IIRC). OpenBSD-current does provide extras via packages, just pkg_add opensmtpd-extras. Cheers Giovanni Bechis -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: What form should query_credentials return?
On 09/08/14 14:08, Nolan Darilek wrote: I'm struggling to get OpenSMTPD working with DBMail. Seems I'm almost there but not quite. Mail is arriving into my account, but I can't seem to authenticate against the database due to authentication failures. Currently DBMail is storing my password unencrypted, and it occurs to me that perhaps OpenSMTPD is expecting an encrypted password from query_credentials. Yes, I know this is a bad idea, and I fully intend to fix it, but my intent was to minimize moving parts. I found a link that seems to indicate query_credentials expects a password returned in encrypt(3) format. Is this accurate? If so, given this from DBMail's docs: -p pwtype Password type may be one of the following: plaintext, crypt, md5-hash, md5-digest, crypt-raw, md5-hash-raw, md5-digest-raw, md5-base64, md5-base64-raw. Which should I use such that query_credentials returns what OpenSMTPD expects? I think crypt would be a good choice since opensmtpd uses crypt(3) to check for passwords. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Postgres?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/05/14 15:19, Hugo Osvaldo Barrera wrote: Hi, For a while now I've been wanting to try the postgres support properly. I've finally sat down to do it, but haven't had much luck: # grep postgres smtpd.conf table postgres postgres://postgres.conf # smtpd -n fatal: table_create: backend postgres does not exist Do I need to do any special building? Am I using the wrong syntax? I'm using OpenBSD-current (updated like 2 weeks ago?). Thanks, This is still work-in-progress on OpenBSD, (see http://marc.info/?l=openbsd-portsm=140845596917927w=2), if interested I have a quite-working port. Cheers Giovanni -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJUCfCxAAoJEI7Sc79XDlKKVzwH/1timymhqZvNWuFxr2EvLKMI jtYXTyVkczE7QkWJQ01MlVPe7OVt0Fi2pZmPFg4eRBdMRauzU8eLIpwl+c3hlGHZ S600a7Hq1dv6GLnJ2suC5P+1EefUe0jR4t9QMIvbAJF8qcn069gfufgchNVBwl92 F7D/yft1WnwCwOj0dFvGA2ETGjnt6kM5Gp4L1se7CpUBw7ysOtGYlQ3u6yuuWKE/ z0nskJ1w7LVo/LKUxpa3BqBGgmNeG2WKHfj9sA2Qh5K1RL27FIhPM5MTfWGwXJt6 exDGCbaawm9KfB9PsuYF8X7uWI0U1KpBecKLZRlFKmoOhTLXXqyaTopp6w51Qng= =BKTt -END PGP SIGNATURE- -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Incomplete error messages from bounced emails?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/01/14 18:53, Hugo Osvaldo Barrera wrote: On 2014-09-01 11:46, Gilles Chehade wrote: On Sat, Aug 23, 2014 at 12:28:00PM -0300, Hugo Osvaldo Barrera wrote: On 2014-08-22 18:32, Giovanni Bechis wrote: On 08/22/14 14:30, Hugo Osvaldo Barrera wrote: I recently had some messages bounce from gmail.com. I went up to their forums to ask what's up, and on the replies, it was pointed out to my that gsmtpd actually sends a rather verbose explanation message when it bounces messages (eg: if it's spam, invalid return address, blacklisted address, etc). Here's the thread were this was pointed to me. I'm guessing that sending an email from a non-static IP range is enough to trigger a bounce harmelessly: https://productforums.google.com/forum/#!msg/gmail/SQQAbew5tfE/-ue8aO07sf8J Can somebody confirm if these explanations are being dropped by smtpd, if they're non-standard, or what's going on? gmail warnings are splitted in two or more lines and smtpd logs only one of them. See https://github.com/OpenSMTPD/OpenSMTPD/issues/365 for details. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org Looks like the devs were expecting this to make it to the list and it did not. Can we bring that up now? Are there any downsides to implementing this? Yes, we were waiting for the discussion to come up. There's a downside to implementing this: Imagine you create an account for me on your server. I then decide to go rogue and setup a remote MX which will reply with a HUGE response, say 1000s of lines. We need to log atomically so: a- log line can't be written until we're done reading response; b- session needs to remember every line of the response until done reading; Can't we not-log all of it, but keep the message and send it to the original sender? The logs could be something like: 550 Error... [25 more lines trimmed] I would like to have at maximum 5/6 lines of response on my log to be able to found if a problem is recurring and which could be the original cause. Cheers Giovanni -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJUCfFIAAoJEI7Sc79XDlKKIOgIAJUFm5US9HxXVPAsB8nGTwGH t7fDfqqbn+Uuhpnilh/zWznrjqmoA1QeJLdvSo31T/mu2hz3EJ8IauLscYnkvCA3 ZB0PjSGFDec1B6cJ3LoyWscSIn/cn1xn/4cUDDAupsyMelIdmfAL4xNOupm073wC hkEcFqPpqfnTU5aQMV3H/hG7Xs/1jMqjWtNF3IU+gVUfWfilYnu+QAwJq6YBVGFX lhJn4Eqj4rAOeQfr0jAY1qvbqBcsCDrpfgrHW4LYiNMjrDcfUQ8tkoWjfM+73FY2 iWVmEFvuyybanHjmTGysue4ssAOmrSmot3tw2pAWIRY9Gk0XlL6M17EvGgKhJPg= =/Zip -END PGP SIGNATURE- -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: [userbase] email in login field
On 09/01/14 11:56, Gilles Chehade wrote: we may want to support email addresses as login, this can be discussed it was not designed this way to start with because we didn't support !system auth but this has changed and the use case has come up a few times at the moment my setup it's working even if a bit hacky from a sql point-of-view, I haven't checked the code how difficult would be to support email addresses as login. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Incomplete error messages from bounced emails?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/22/14 14:30, Hugo Osvaldo Barrera wrote: I recently had some messages bounce from gmail.com. I went up to their forums to ask what's up, and on the replies, it was pointed out to my that gsmtpd actually sends a rather verbose explanation message when it bounces messages (eg: if it's spam, invalid return address, blacklisted address, etc). Here's the thread were this was pointed to me. I'm guessing that sending an email from a non-static IP range is enough to trigger a bounce harmelessly: https://productforums.google.com/forum/#!msg/gmail/SQQAbew5tfE/-ue8aO07sf8J Can somebody confirm if these explanations are being dropped by smtpd, if they're non-standard, or what's going on? gmail warnings are splitted in two or more lines and smtpd logs only one of them. See https://github.com/OpenSMTPD/OpenSMTPD/issues/365 for details. Cheers Giovanni -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJT93C6AAoJEI7Sc79XDlKKLWkH+we5rr8BJrF86lk81z01wTsf xNGjo/2lly6zuIwYlknmeRqoJLUNOgj5xJrKIMen3YkveOdcq/aLl3yxBLN4pH9j cU/60mLohNWAzpbX4KbFDPxlbpn7SMkxxZ3asfWgcRjPt7LX2MBO1l5qw9umk8VZ v60OCJGsSxv49ps+KyoBh0fDxqXJordR6aCmVix83Kc6rTCKeYcKzAyGSqSI3JqF DKFQra25z8lR/kvB6vuQmq+cFUejWDc7p0st0Rq4WGRUwq7ZpiEf7IjUSLhxbiYL 736oUdwW9MlRwr+GWPaK3UaCXXE6z2Tj4IxzW4WGbiWsDY0Y02SgcPpODMTp2GY= =9pqx -END PGP SIGNATURE- -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Can't deliver messages: connection closed unexpectedly
On 08/21/14 15:59, Fabio Riga wrote: Hi list, I run an OpenBSD 5.5 server on a VPS with OpenSMTPd. I get the message Connection closed unexpectedly and a TempFail for every message sent to every domain of a very big Italian ISP. The TempFail last 4 days, then the message expires. I don't know if the laconic message is an OpenSMTPd issue or a ISP one, but maybe somebody has a clue of the possible causes. I tryed as well to ask to the ISP, maybe I'll get an answer... Here it is a part of maillog: I think it could a network problem on their side, from Italy (OpenBSD 5.6) I cannot deliver (see log file), from outside Italy there are no problems. Cheers Giovanni Script started on Thu Aug 21 17:28:16 2014 $ sm sudo smtpd -dv debug: init ssl-tree info: OpenSMTPD 5.4.3 starting debug: bounce warning after 4h debug: using fs queue backend debug: using ramqueue scheduler backend debug: using ram stat backend info: startup [debug mode] debug: parent_send_config_ruleset: reloading debug: parent_send_config: configuring pony process debug: parent_send_config: configuring ca process debug: init ssl-tree debug: ca_engine_init: using RSAX engine support debug: smtp: listen on 127.0.0.1 port 25 flags 0x400 pki debug: smtp: listen on IPv6:fe80::1%lo0 port 25 flags 0x400 pki debug: smtp: listen on IPv6:::1 port 25 flags 0x400 pki debug: smtp: will accept at most 2037 clients debug: init private ssl-tree debug: queue: done loading queue into scheduler debug: smtpd: scanning offline queue... debug: smtpd: offline scanning done debug: smtp: new client on listener: 0x4536b769300 smtp: 0x4565257e000: STATE_NEW - STATE_CONNECTED smtp-in: New session aa25a6d9509a520a from host 1000@localhost [local] smtp: 0x4565257e000: 220 localhost ESMTP OpenSMTPD smtp: 0x4565257e000: EHLO localhost smtp: 0x4565257e000: STATE_CONNECTED - STATE_HELO smtp: 0x4565257e000: 250-localhost Hello localhost [local], pleased to meet you smtp: 0x4565257e000: 250-8BITMIME smtp: 0x4565257e000: 250-ENHANCEDSTATUSCODES smtp: 0x4565257e000: 250-SIZE 36700160 smtp: 0x4565257e000: 250 HELP smtp: 0x4565257e000: MAIL FROM:giova...@bigio.paclan.it smtp: 0x4565257e000: 250 2.0.0: Ok smtp: 0x4565257e000: RCPT TO:t...@staff.aruba.it smtp: 0x4565257e000: 250 2.1.5 Destination address valid: Recipient ok smtp: 0x4565257e000: DATA smtp: 0x4565257e000: STATE_HELO - STATE_BODY smtp: 0x4565257e000: 354 Enter mail, end with . on a line by itself [MSG] From: Giovanni Bechis giova...@bigio.paclan.it [MSG] Date: Thu, 21 Aug 2014 17:28:35 +0200 (CEST) [MSG] Message-Id: 5588509546345635123.enqu...@bigio.paclan.it [MSG] To: t...@staff.aruba.it [MSG] Subject: test [MSG] [MSG] test debug: 0x4565257e000: end of message, msgflags=0x smtp: 0x4565257e000: 250 2.0.0: e8eb560f Message accepted for delivery smtp-in: Accepted message e8eb560f on session aa25a6d9509a520a: from=giova...@bigio.paclan.it, to=t...@staff.aruba.it, size=196, ndest=1, proto=ESMTP debug: scheduler: evp:e8eb560f60257862 scheduled (mta) smtp: 0x4565257e000: STATE_BODY - STATE_HELO smtp: 0x4565257e000: QUIT smtp: 0x4565257e000: 221 2.0.0: Bye smtp: 0x4565257e000: STATE_HELO - STATE_QUIT smtp-in: Closing session aa25a6d9509a520a debug: smtp: 0x4565257e000: deleting session: done debug: mta: received evp:e8eb560f60257862 for t...@staff.aruba.it debug: mta: draining [relay:staff.aruba.it] refcount=1, ntask=1, nconnector=0, nconn=0 debug: mta: querying MX for [relay:staff.aruba.it]... debug: mta: [relay:staff.aruba.it] waiting for MX debug: MXs for domain staff.aruba.it: 62.149.157.49 preference 10 debug: mta: ... got mx (0x45611e38220, staff.aruba.it, [relay:staff.aruba.it]) debug: mta: draining [relay:staff.aruba.it] refcount=1, ntask=1, nconnector=0, nconn=0 debug: mta: querying source for [relay:staff.aruba.it]... debug: mta: ... got source for [relay:staff.aruba.it]: [] debug: mta: new [connector:[]-[relay:staff.aruba.it],0x1] debug: mta: connecting with [connector:[]-[relay:staff.aruba.it],0x0] debug: mta-routing: searching new route for [connector:[]-[relay:staff.aruba.it],0x0]... debug: mta-routing: selecting candidate route [] - 62.149.157.49 debug: mta-routing: spawning new connection on [] - 62.149.157.49 debug: mta: 0x45666484000: spawned for relay [relay:staff.aruba.it] debug: mta: connecting with [connector:[]-[relay:staff.aruba.it],0x0] debug: mta: cannot use [relay:staff.aruba.it] before 2s debug: mta-routing: no route available for [connector:[]-[relay:staff.aruba.it],0x0]: must wait a bit debug: mta: retrying to connect on [connector:[]-[relay:staff.aruba.it],0x0] in 2s... debug: mta: draining [relay:staff.aruba.it] refcount=3, ntask=1, nconnector=1, nconn=1 debug: mta: scheduling relay [relay:staff.aruba.it] in 1s... smtp-out: Connecting to smtp+tls://62.149.157.49:25 (staff.aruba.it) on session aa25a6dc79081475... smtp-out: Connected on session aa25a6dc79081475 debug: mta: ... timeout for [relay:staff.aruba.it] debug: mta: draining
Re: Can't deliver messages: connection closed unexpectedly
On 08/21/14 17:33, Giovanni Bechis wrote: On 08/21/14 15:59, Fabio Riga wrote: Hi list, I run an OpenBSD 5.5 server on a VPS with OpenSMTPd. I get the message Connection closed unexpectedly and a TempFail for every message sent to every domain of a very big Italian ISP. The TempFail last 4 days, then the message expires. I don't know if the laconic message is an OpenSMTPd issue or a ISP one, but maybe somebody has a clue of the possible causes. I tryed as well to ask to the ISP, maybe I'll get an answer... Here it is a part of maillog: I think it could a network problem on their side, from Italy (OpenBSD 5.6) I cannot deliver (see log file), from outside Italy there are no problems. Cheers Giovanni Discard the message, my connection is in Spamhaus, from outside Italy I can confirm I can deliver to aruba.it. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
[userbase] email in login field
Hi, I am trying to configure an smtpd server with mysql as userbase, on my database the mailbox schema is the following (simplified): id 1 login giova...@paclan.it email giova...@paclan.it uid 5000 gid 5000 maildir /var/vmail/paclan.it/giovanni With the following conf the table_lookup tries to find a record with login=giovanni instead of login=giova...@paclan.it, is there a way to tell that the login field contains an email ? Thanks Giovanni # # Sample PostgreSQL configuration file # # This is an example configuration file for using OpenSMTPD with the PostgreSQL # backend for lookups. OpenSMTPD does not have hardcoded tables and you may # # hostlocalhost usernameuser passwordpass databasedb # Alias lookup query # # rows = 0 # fields == 1 (user varchar) # query_aliasselect destination from mail_forwarding where source=?; # Domain lookup query # # rows == 1 # fields == 1 (domain varchar) # query_domainselect domain from mail_domain where domain=?; # User lookup query # # rows == 1 # fields == 3 (uid int, gid int, directory varchar) # query_userinfoselect uid,gid,maildir from mail_user where login=? and server_id=6; # Credentials lookup query # # rows == 1 # fields == 2 (username varchar, password varchar) # query_credentialsselect login, password from mail_user where login=?; # Netaddr lookup query # # rows == 1 # fields == 1 (netaddr varchar) # #query_netaddrselect value from netaddr where value=$1; # $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all # listen on lo0 table vusers mysql:/tmp/mysql.conf table vdomains mysql:/tmp/mysql.conf table aliases mysql:/tmp/mysql.conf accept for domain vdomains userbase vusers alias aliases deliver to maildir accept from local for any relay smtp-in: New session fa16849c56bf0dd1 from host localhost [127.0.0.1] lookup: check 127.0.0.1 as NETADDR in table static:localhost - found lookup: check paclan.it as DOMAIN in table proc:vdomains - found lookup: lookup giovanni as ALIAS in table proc:aliases - 0 lookup: lookup giovanni as USERINFO in table proc:vusers - 0 smtp-in: Failed command on session fa16849c56bf0dd1: RCPT TO: giova...@paclan.it = 550 Invalid recipient
Re: [userbase] email in login field
On 08/20/14 11:27, Martijn van Duren wrote: Hello Giovanni, When doing a login the username is always stripped from its domain part. For my setup (sqlite-based) I worked around this in the following manner (only important sections): I have to think if it is possible for me, I want to switch to opensmtpd only one node of my postfix cluster for the moment; my user database must be postfix-compatible for some time. Cheers Thanks Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: [userbase] email in login field
On 08/20/14 14:16, Martijn van Duren wrote: query_alias select COALESCE(destination, REPLACE(maddr, '@', '_')), ? as maddr from mail_forwarding where source=maddr; And of course I was a bit too fast with this one (column aliases can't be used in other columns), so if something should work it would be: query_alias SET @maddr = ?; SELECT COALESCE(destination, REPLACE(@maddr, '@', '_')) from mail_forwarding where source=@maddr; I've tested this one as a proof of concept, yet not in an table_mysql.conf setup. I am curious if this works, so keep me posted. :) nope, syntax error in query alias, anyway in my alias table I haven't all users, just real aliases, so the query won't match. Thanks Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org