Relay own domain via IP - not local delivery.

2017-10-18 Thread Lars Bonnesen 
I have a setup where I need all mails to be delivered via DNS - except
malis for openSMTPd own domain (abc.com)

My smtpd.conf says:


table aliases file:/etc/mail/aliases
table relayhosts file:/etc/mail/relayhosts

listen on lo0
listen on em0

accept from any for domain "abc.com" relay via smtp://10.77.1.106
# accept for local alias  deliver to mbox
# accept from local for any relay
accept from source  for any relay

but they keep getting stuck in the local queue:

499ff3598c541f9c|local|mta|auth|m...@abc.com|m...@abc.com|m...@abc.com|1508330164|1508675764|1508331539|2|inflight|7|Network
error on destination MXs

/etc/mail/relayhosts contains the IP 10.77.1.104 - and this can relay
nicely via DNS.

I am able to telnet to 10.77.1.106 on port 25 and deliver mails that way...
so no network error as reported.

What is needed in smtpd.conf for this to work?

Regards, Lars.

OpenSMTPd as mx bsckup

2018-11-13 Thread Lars Bonnesen 
Anyone can post a working smtpd.conf for OpenSMTPd on OpenBSD 6.4?

Lets say I want OpenSMTPd to backup for the domain "donald.duck" with a
primary mail server as "mail.donald.duck"

Thanks, Lars.

Re: OpenSMTP as mx backup

2018-11-14 Thread Lars Bonnesen 
I managed to figure it out. Seems quite simple. What does the trick is:

action "disney" relay backup mx mxbackup.donald.duck
> match from any for domain "donald.duck" action "disney"


When the primare mx are down, I can see mails being queued up with:

smtpctl show queue

and mail shows up ending with:

|pending|417|Network error on destination MXs


For how long will they stay in the queue by default and how do I change
this to say... 90 days?

Regards, Lars.


On Tue, Nov 13, 2018 at 3:01 PM Lars Bonnesen 
wrote:

> Anyone can post a working smtpd.conf for OpenSMTP on OpenBSD 6.4?
>
> Lets say I want OpenSMTP to backup for the domain "donald.duck" with a
> primary mail server as "mail.donald.duck"
>
> Regards, Lars.
>

Re: OpenSMTP as mx backup

2018-11-25 Thread Lars Bonnesen 
Hi all of you. Thanks for the input. 90 days are just an example.

But I agree with you, My backup MX is more reliable than my primary MX. The
is a test home setup running on an xDSL - line, and the last month, this
xDSL has been running insanely unstable.

Even though it is a test mail, I do receive important mails on it from time
to time, and I am able to view these mails on the backup mx by issuing:

smtpctl show queue
smtpctl show message 

Yes, I agree... stupid. But it gets me where I wan.

But the backup MX actually does send out notifications. It sends "could
not delivers mails within 4 hours. trying for x days". I actually thought
that a backup MX would just keep it and process it silently.

How to change what is says - and change the interval it sends the
notifications?

Regards, Lars.


On Sun, Nov 25, 2018 at 3:49 PM Gilles Chehade  wrote:

> On Wed, Nov 14, 2018 at 10:41:44AM +0100, Lars Bonnesen wrote:
> > I managed to figure it out. Seems quite simple. What does the trick is:
> >
> > action "disney" relay backup mx mxbackup.donald.duck
> > > match from any for domain "donald.duck" action "disney"
> >
> >
> > When the primare mx are down, I can see mails being queued up with:
> >
> > smtpctl show queue
> >
> > and mail shows up ending with:
> >
> > |pending|417|Network error on destination MXs
> >
> >
> > For how long will they stay in the queue by default and how do I change
> > this to say... 90 days?
> >
>
> from man page smtpd.conf(5):
>
>queue ttl delay
>  Set the default expiration time for temporarily
>  undeliverable messages, given as a positive
>  decimal integer followed by a unit s, m, h, or d.
>  The default is four days (4d).
>
>
> what you want is:
>
>queue ttl 90d
>
>
> note that this is not really a very good idea ...
>
> it assumes your primary MX can be down for up to 90 days, whereas your
> secondary MX is going to be up for that long, in which case you might
> want to reconsider and swap both ;-)
>
> the value should be long enough so mail is not lost while your primary
> MX is down, but it should still be the lowest possible because senders
> will not know you didn't actually receive the mail since one of your
> servers have accepted it.
>
> clearly if you have a secondary MX that keeps your mail for longer
> than 4 days, which is already quite long, it means that you have more
> trust in the reliability of your secondary MX than your primary MX and
> this essentially means your setup is wrong.
>
> if you still want to do that, you should consider also looking at the
> bounce warn-interval option so at the very least your senders know
> that you didn't receive the mail for real yet.
>
> Cheers,
>
> --
> Gilles Chehade @poolpOrg
>
> https://www.poolp.org tip me: https://paypal.me/poolpOrg
>