Re: smtp-out constantly enabling and disabling routes
Hi, On 06.06.2018 17:40, Vijay Sankar wrote: Hi, Wondering if someone can help me with this (this is on OpenBSD 6.2; not -current or 6.3) I get the following type of messages constantly in /var/log/maillog Jun 6 10:33:34 server1 smtpd[28001]: smtp-out: Enabling route [] <-> 188.130.133.7 (188.130.133.7) Jun 6 10:33:35 server1 smtpd[28001]: 06bb61896ae727a9 mta event=connecting address=smtp+tls://188.130.133.34:25 host=188.130.133.34 Jun 6 10:33:35 server1 smtpd[28001]: 06bb61896ae727a9 mta event=error reason=IO Error: Connection refused Jun 6 10:33:35 server1 smtpd[28001]: smtp-out: Disabling route [] <-> 188.130.133.34 (188.130.133.34) for 15s Looked into /var/spool/smtpd and there were no messages with the id 06bb61896ae727a9 in any of the directories there. Restarted the server but the message still continues. smtpctl show message 06bb61896ae727a9 does not find the file. What can I do to remove this message delivery attempt? Please let me know. This is pretty annoying as the normal smtpctl commands do not remove the message from the queue. I have this situation when somebody sends mails to aol.de. For some reason they deny my messages and I have the mail stuck in my queue unless I do the following procedure. What does smtpctl show queue give you? However, everytime I run into a situation like this I have to do the following to reliably remove a message from the queue. BTW: I am on OpenBSD 6.3 1 - stop smtpd with rcctl stop smtpd 2 - start smtpd from the commandline with the -P option to pause all subsystems - smtpctl -f -P mda -P mta -P smtp 3 -look into the queue to identify the message that is stuck - smtpctl show queue 4 - remove the message with - smtpctl remove 5 - when the message is removed from the queue, stop the running smtpd process from commandline and restart the regular smtpd with - rcctl start smtpd The message should now be gone and those message should be gone as well. For whatever reason you cannot remove the message with smtpctl remove in a running smtpd. It just stays in the queue whatever you do. Only the described procedure above helps me to reliably remove it. Hope it helps Lars -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Tables syntax in new config
Hi, I am trying to convert an existing smtpd configuration to the new syntax in 6.4 snapshot from last week or so and have a question about that. The configuration has been converted but not actively tested yet. All I do right now is 'smtpd -f /etc/mail/newconfig -n' and I am getting the following reply back: /etc/mail/smtpd.conf_new:30: table "unwantedsenders" may not be used for mail-from lookups /etc/mail/smtpd.conf_new:32: table "vdomains" may not be used for 'for' lookups /etc/mail/smtpd.conf_new:34: table "vdomains" may not be used for 'for' lookups The config looks as follows: 'a few pki lines for certs' . . . table aliases file:/etc/mail/aliases table vusers file:/etc/mail/vusers table vdomains file:/etc/mail/vdomains table unwantedsenders file:/etc/mail/unwantedsenders table recipients file:/etc/mail/recipients listen on lo0 listen on lo0 port 10026 tag SPAM_CHECKED mask-src #after spamassassin check listen on lo0 port 10028 tag DKIM_POST mask-src #for outbound emails after DKIM signing listen on egress tls pki domain1 auth-optional listen on egress port submission tls-require pki domain1 auth mask-src action "lmtp" lmtp "/var/dovecot/lmtp" action "lmtp-vusers" lmtp "/var/dovecot/lmtp" virtual action "lmtp-alias" lmtp "/var/dovecot/lmtp" alias action "relay_dkim" relay host smtp://127.0.0.1:10027 #send to dkim for signing action "check_spam" relay host smtp://127.0.0.1:10025 #send to spamassassin action "relay" relay match from any mail-from for any reject match from local for local action "lmtp" match tag SPAM_CHECKED for domain action "lmtp-vusers" match tag SPAM_CHECKED for local action "lmtp-alias" match from any for domain rcpt-to action "check_spam" match tag DKIM_POST for any action "relay" match auth from any for any action "relay_dkim" The man pages state for the mail-from option of a match rule: [!] mail-from sender | Specify that transactions's MAIL FROM should match the string or list table sender. or similarily the 'for domain' part: [!] for domain domain | Specify that session may address the string or list table domain. Also Gille is using the same rules in his example config on https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/ So, why do I get a message that the tables 'may' not be used? I assume they will be used, but why the message? Are they deprecated? Another change coming? On a general note I am having trouble getting my head around the new config style. It was possible for me using the method outlined by Gille in his blog post. But if I had to start from scratch - I would likely give up. The problem for me is that I am not constantly working on the smtpd config. So I forget things and have to work hard to get my head back how this is supposed to work. This new config style doesn't make it easier in my opinion. I will stick with opensmtpd for now and probably see the things differently in a year. Let's see... regards Lars -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Tables syntax in new config
Hi Gille, thanks for taking the time to answer personally. On Tue, 27 Nov 2018 17:01:07 +0100 Gilles Chehade wrote: > > I don't know what's in your tables but file tables but see man table(5), > it is very likely that you're not using the proper format, smtpd detects > that the table is not of the proper type and warns you that it can't use > them. > > Can you show the content of table vdomains for instance ? > How is a facepalm working in ascii? Of course it was the tables! I just created emtpy files while the originals were lying in a subfolder - I forgot to copy them in place :-( Now everything is fine > > I genuinely don't understand this. > > The logic is essentially the same except that where you used to have the > action part of the rule, you know have the action declared and the rules > refer to them: > > accept [...] deliver to mbox > > action bleh mbox > match [...] action bleh > > You write your rules the same way, they are evaluated in the same order, > there are a few minor keyword changes but quite frankly I don't see what > is so complex. > > Anyways, the change was mandatory to move forward so there's not much we > can do about it and there will be changes in the future again, hopefully > not too soon, because we want to continue moving forward. > I probably didn't make it clear enough. I understand and support that the project is moving on and adjustments need to be made because of technical difficulties or because otheriwse filters would be entirely impossible with the existing codebase. It is also possible that I will be embarrassed in a year from now to have written this mail because it might just click in my brain and everything will fall into place in there. Maybe it is just the reason that right now I don't have the time to put my head into this but have to, and it is not going quickly enough - who knows. Please don't read too much into. I just wanted to let you know that right now I find the new way more difficult. If this new mailserver is just running and behaving like the old one, I am going to be happy again :-) Peace Lars -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org