Re: ^L causing DKIM validation errors with opensmtpd+rspamd

Okay even more minimal: RGF0ZTogTW9uLCAxMCBPY3QgMjAyMiAxNjoxOTozOSArMDIwMApGcm9tOiBqYXNvbkB6eDJjNC5j b20KVG86IGphc29uQHp4MmM0LmNvbQpTdWJqZWN0OiBvaCBubyBhbm90aGVyIG9uZSBvZiB0aGVz ZSB0ZXN0cwpNSU1FLVZlcnNpb246IDEuMApDb250ZW50LVR5cGU6IHRleHQvcGxhaW47IGNoYXJz

Re: ^L causing DKIM validation errors with opensmtpd+rspamd

It happens too with unix endings: RGF0ZTogTW9uLCAxMCBPY3QgMjAyMiAxNjoxOTozOSArMDIwMApGcm9tOiBqYXNvbkB6eDJjNC5j b20KVG86IGphc29uQHp4MmM0LmNvbQpTdWJqZWN0OiBvaCBubyBhbm90aGVyIG9uZSBvZiB0aGVz ZSB0ZXN0cwpNSU1FLVZlcnNpb246IDEuMApDb250ZW50LVR5cGU6IHRleHQvcGxhaW47IGNoYXJz

Re: ^L causing DKIM validation errors with opensmtpd+rspamd

Okay, I minimized it into a reproducer. Unbase64 this to see the full email: RGF0ZTogTW9uLCAxMCBPY3QgMjAyMiAxNjoxOTozOSArMDIwMA0KRnJvbTogamFzb25AengyYzQu Y29tDQpUbzogamFzb25AengyYzQuY29tDQpTdWJqZWN0OiBvaCBubyBhbm90aGVyIG9uZSBvZiB0

Re: ^L causing DKIM validation errors with opensmtpd+rspamd

Hi folks, It happened again. This time, I don't see a \x0c character in it that would have caused this, so I can't quite figure it out. But here's the failing message: https://lore.kernel.org/all/y0qp+%2fqbuneyi...@zx2c4.com/raw Any ideas why verification failed / why the generated signature is

Re: ^L causing DKIM validation errors with opensmtpd+rspamd

Hi Demi, On Sat, Jul 30, 2022 at 5:16 AM Demi Marie Obenour wrote: > > On 7/26/22 21:24, Jason A. Donenfeld wrote: > > This appears rather easy to reproduce. Just include the char 0x0c in a > > message, and the signature will be invalid. Playing with the resultant >

Re: ^L causing DKIM validation errors with opensmtpd+rspamd

This appears rather easy to reproduce. Just include the char 0x0c in a message, and the signature will be invalid. Playing with the resultant message, I can make it valid by removing the \x0c character, suggesting that it's being stripped from whatever rspamd receives for signing.

Re: ^L causing DKIM validation errors with opensmtpd+rspamd

I figure I should add the rspamd list to this thread. -- Original Message -- Hi, Using a fairly typical OpenSMTPD+rspamd setup, I'm finding that emails sent that have the ^L escape in them come out with an invalid DKIM signature. Something basic like: filter rspamd proc-exec "filter-rspamd"

^L causing DKIM validation errors with opensmtpd+rspamd

Hi, Using a fairly typical OpenSMTPD+rspamd setup, I'm finding that emails sent that have the ^L escape in them come out with an invalid DKIM signature. Something basic like: filter rspamd proc-exec "filter-rspamd" listen on ... filter rspamd Everything else is otherwise pretty default and

Re: Death of filters?

On Thu, Sep 21, 2017 at 5:09 PM, Gilles Chehade wrote: > we have something else which we will disclose shortly Cool, looking forward! -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Death of filters?

Hey, I noticed you've removed support for filters in the latest CVS. Does this mean that avenue of development is totally dead? Or do you have something else that will be released with the next version? Jason -- You received this mail because you are subscribed to misc@opensmtpd.org To

Re: OpenSMTPD SRS

Hey John, Great trick! Thanks a lot. Regards, Jason -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: latest snapshots break email gmail

On Wed, Jun 8, 2016 at 10:05 AM, Gilles Chehade wrote: > great, I'll publish a snapshot later on today Thanks. I'll look for it and publish new packages asap. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to:

Re: latest snapshots break email gmail

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b942fddbba8dc6102a52a372ea2a7301995b606 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: latest snapshots break email gmail

On Wed, Jun 8, 2016 at 8:26 AM, Gilles Chehade <gil...@poolp.org> wrote: > On Tue, Jun 07, 2016 at 07:10:16PM +0200, Jason A. Donenfeld wrote: > inet_net_pton() on your system doesn't support AF_INET6 according to the > man page for inet_net_pton(3) That really sucks. I wonder w

latest snapshots break email gmail

Jun 7 14:32:06 frisell smtpd[1928]: 7190a0a710a01bbb smtp event=connected address=IPv6:2607:f8b0:4001:c0b::233 host=mail-it0-x233.google.com Jun 7 14:32:06 frisell smtpd[1928]: 7190a0a710a01bbb smtp event=starttls ciphers=version=TLSv1.2, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128 Jun 7

Re: dkim simple canonicalization

On Tue, Jun 7, 2016 at 1:48 PM, Gilles Chehade wrote: > The RFC advice is the way to go. > > IIRC with dkimproxy you get to decide the canonicalization strategy and > this is where the filter should be going. Okay, thanks for the advice. I'll stick with dkimproxy until the

Re: dkim signing domain

On Tue, Jun 7, 2016 at 10:16 AM, Gilles Chehade wrote: > filter-dkim-signer is a work in progress. > > a diff from sunil@ that introduces multidomain support is being reviewed > currently. Cool, okay. So using d=A with an @B From would be a mistake then. I'll wait for sunil's

dkim signing domain

Hi again, dkimproxy allows a list of domains. For example in a config file: domain zx2c4.com,jasondonenfeld.com,legitops.com,edgesecurity.com,wireguard.io Then, it uses the From field of the email to select which domain from this list to use, and it then winds up in the d= part of the header.

dnsbl and ipv6

Hi folks, Thanks for all the hard work and recent releases. dnsbl filter works like a charm! One thing I encountered while playing with it is that emails from gmail aren't filtered. In trying to figure out why, I stumbled across this line: if (conn->remote.ss_family != AF_INET)

Re: filter-dnsbl and 5.7.3p2

This isn't related to the chroot bug. The above log happens with the extras snapshot as well as the extras release. What I'm wondering about is whether or not this is expected to be fixed in the opensmtpd snapshot.

Re: Hello and segfault

On Thu, Mar 3, 2016 at 11:23 AM, Jason A. Donenfeld <ja...@zx2c4.com> wrote: > I'll > open a Github issue about it, but not a PR, since the patch I made > yesterday most definitely you do not want to ship upstream. https://github.com/OpenSMTPD/OpenSMTPD/issues/662 Done. -

Re: Hello and segfault

On Thu, Mar 3, 2016 at 9:50 AM, Gilles Chehade wrote: > no ticket mentions this issue and as a matter of fact I had no idea that > gentoo was shipping with this patch. > > if you want it fixed, please open a PR so I have a look at this I just put libressl on my Gentoo machines

Re: Hello and segfault

Gentoo is now applying this very very ugly patch to work around the bug: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8146a1f86e72210919cd8a0020aaf19838da0637 Was there ever an upstream commit made to fix this? -- You received this mail because you are subscribed to misc@opensmtpd.org

forwarding email server & gmail

Hi guys, I've been running OpenSMTPD for a long time now forwarding mail to my gmail account. It's a pretty basic rig - there are just a series of forwarding rules, and different @somedomain.com emails get forwarded to different @gmail.com emails. I have DKIM, SPF, and even DMARC all set up

/var/run -> /run

Hi folks, Some distributions are using /run instead of /var/run. In the Gentoo package, somebody changed it recently to do this: sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c This isn't very pretty. Is there a switch to --configure for making this happen? And if

Re: /var/run -> /run

On Mon, Oct 5, 2015 at 11:12 AM, Gilles Chehade wrote: > yes, please fill a feature request on the tracker Done: https://github.com/OpenSMTPD/OpenSMTPD/issues/637 > > it won't be part of the release i'll do this morning. No problem; there's no rush for this. -- You received

Remotely triggerable buffer overflow in OpenSMTPD

Hi folks, I'm passing the gauntlet for anyone who wants to analyze this for impact etc. There's a remotely triggerable buffer overflow in OpenBSD's OpenSMTPD -- the latest version, 5.7.2 -- reachable by sending messages with huge header lines. Qualys recently published a result of a big audit,

CVE requests: Critical vulnerabilities in OpenSMTPD

Hello, See this excerpt from the release notes below. Quite a few bugs. Looks like at least one of them might invalidate the openbsd.org claim, "Only two remote holes in the default install, in a heck of a long time!". CCing the OpenSMTPD mailing list (low-volume; don't worry Solar!) in case

Re: [oss-security] CVE requests: Critical vulnerabilities in OpenSMTPD

I haven't looked at these commits yet but: If a local user sends a message to a remote address, does this outgoing connection open up this remote vulnerability vector? Jason -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to:

Re: [PATCH 4/4] Support selecting the right lua version

On May 31, 2015 6:10 PM, Gilles Chehade gil...@poolp.org wrote: What's the final decision on this ? Roll with what I've put, and if there are any serious objections, someone will submit a pull request. I suspect, though, nobody will take objection, because I implement the correct and expected

Re: [PATCH 4/4] Support selecting the right lua version

On May 30, 2015 8:59 AM, Joerg Jung m...@umaxx.net wrote: Am 29.05.2015 um 15:17 schrieb Jason A. Donenfeld ja...@zx2c4.com: I took some of your ideas into consideration with this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 This succeeds this earlier patch. I

Re: base64 build errors with extras

I went ahead and did that, removing the dependency on libresolv. This issue has been fixed by this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to:

Re: sha2.h requirement for dkim signer

Thanks for your guidance on this. I wound up using OpenSSL/LibreSSL for it. This issue has been fixed by this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to:

Re: Link issues with filter-dnsbl

This issue has been fixed by this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: UID_MAX/GID_MAX needed by table-passwd

This issue has been fixed by this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: [PATCH 0/4] extras: Scripting detection in autotools

This patch set has been superseded by: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: [PATCH 4/4] Support selecting the right lua version

Hi Joerg, I took some of your ideas into consideration with this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 This succeeds this earlier patch. Thanks, Jason -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to:

Re: Lua tied to 5.2

This issue has been fixed by this pull request: https://github.com/OpenSMTPD/OpenSMTPD-extras/pull/20 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: util.h needed by filter-regex

: Am 28.05.2015 um 13:12 schrieb Jason A. Donenfeld ja...@zx2c4.com: Looks like another openbsd-compat issue: x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../api -I../../../../openbsd-compat -I../../../../contrib/lib/libc/asr -I/usr/include -DNO_IO -DBUILD_FILTER -c

[PATCH 10/10] filter-lua: also support 5.1 and luajit

--- extras/wip/filters/filter-lua/filter_lua.c | 17 + 1 file changed, 17 insertions(+) diff --git a/extras/wip/filters/filter-lua/filter_lua.c b/extras/wip/filters/filter-lua/filter_lua.c index 8d1d600..17152c5 100644 --- a/extras/wip/filters/filter-lua/filter_lua.c +++

[PATCH 07/10] compat: add util.h

-compat/util.h b/openbsd-compat/util.h new file mode 100644 index 000..ea447f4 --- /dev/null +++ b/openbsd-compat/util.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2015 Jason A. Donenfeld ja...@zx2c4.com. All rights reserved. + * + * Redistribution and use in source and binary forms

[PATCH 04/10] Support selecting the right lua version

--- configure.ac | 72 +++ extras/wip/filters/filter-lua/Makefile.am | 5 +-- 2 files changed, 74 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index a1755c3..3394178 100644 --- a/configure.ac +++ b/configure.ac

[PATCH 05/10] Use compat's base64 implementation

As suggested in the mailing list, this avoids having to link every binary against resolv.h. --- api/util.c | 2 +- configure.ac | 7 --- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/api/util.c b/api/util.c index 9cc8030..bfb88c2 100644 --- a/api/util.c +++ b/api/util.c @@

[PATCH 00/10] Massive build system and include cleanup

opensmtpd-extras-5.4.5.201505291521.ebuild. Jason A. Donenfeld (10): Simplify README since there is only a single branch Fix help text of python Move perl checking logic to same place as python Support selecting the right lua version Use compat's base64 implementation dkim-signer: use

[PATCH 03/10] Move perl checking logic to same place as python

--- configure.ac | 48 +- extras/wip/filters/filter-perl/Makefile.am | 5 ++-- 2 files changed, 49 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index edb6a78..a1755c3 100644 --- a/configure.ac +++ b/configure.ac

[PATCH 08/10] table-passwd: include includes.h

This is required for UID_MAX and GID_MAX --- extras/wip/tables/table-passwd/table_passwd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/extras/wip/tables/table-passwd/table_passwd.c b/extras/wip/tables/table-passwd/table_passwd.c index 7f305b2..194b999 100644 ---

[PATCH 06/10] dkim-signer: use OpenSSL/LibreSSL's sha256

This avoids the dependency on having to fetch sha2.h from OpenSSH's OpenBSD-compat archive. Since this filter already uses OpenSSL/LibreSSL for RSA, using it for SHA256 adds no overhead. Additionally, the API is more or less the same, so this change is fairly trivial. ---

[PATCH 01/10] Simplify README since there is only a single branch

--- README.md | 52 +++- 1 file changed, 23 insertions(+), 29 deletions(-) diff --git a/README.md b/README.md index eb5dda9..7fd44b9 100644 --- a/README.md +++ b/README.md @@ -1,29 +1,23 @@ -# OpenSMTPD-extras -This is the mirror of the official

Lua tied to 5.2

This precludes the use of luajit, which is unfortunate, since that's the only performant way to use Lua. The extras Makefile reads: CFLAGS+=-I/usr/local/include/lua-5.2 LDFLAGS+= -L/usr/local/lib LDADD+= -llua5.2 -lm Check out what we do in cgit. It handles luajit, lua5.1,

Re: Lua tied to 5.2

Furthermore, the use of /usr/local obviously doesn't cut it, for the same reason it didn't work with Python. Check out that cgit example for the correct way to find the locations. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to:

UID_MAX/GID_MAX needed by table-passwd

More compat issues, perhaps: ../../../../extras/wip/tables/table-passwd/table_passwd.c: In function ‘parse_passwd_entry’: ../../../../extras/wip/tables/table-passwd/table_passwd.c:247:2: warning: implicit declaration of function ‘strtonum’ [-Wimplicit-function-declaration] pw-pw_uid =

Link issues with filter-dnsbl

Looks like it isn't linking against the OpenBSD compat libs: libtool: link: x86_64-pc-linux-gnu-gcc -DNO_IO -DBUILD_FILTER -o filter-dnsbl ../../../../api/filter_api.o ../../../../api/mproc.o ../../../../api/log.o ../../../../api/tree.o ../../../../api/util.o ../../../../api/iobuf.o

Re: base64 build errors with extras

Seems fine to me. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

[PATCH 4/4] Support selecting the right lua version

--- configure.ac | 72 1 file changed, 72 insertions(+) diff --git a/configure.ac b/configure.ac index a1755c3..13c71df 100644 --- a/configure.ac +++ b/configure.ac @@ -1923,6 +1923,7 @@ AC_ARG_WITH([filter-lua],

[PATCH 2/4] Fix help text of python

--- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index f8dc0a7..edb6a78 100644 --- a/configure.ac +++ b/configure.ac @@ -2281,7 +2281,7 @@ AM_CONDITIONAL([HAVE_SCHEDULER_PYTHON], [test $HAVE_SCHEDULER_PYTHON = yes])

purge dir requires different permissions

In 5.4.5 we have: /var/spool/smtpd/purge must be rwx-- (700) smtpd: error in purge directory setup In snapshots we have: /var/spool/smtpd/purge must be rwxr-x--- (750) smtpd: error in purge directory setup Why the change? -- You received this mail because you are subscribed to

[PATCH v2 4/4] Support selecting the right lua version

--- configure.ac | 72 +++ extras/wip/filters/filter-lua/Makefile.am | 5 +-- 2 files changed, 74 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index a1755c3..13c71df 100644 --- a/configure.ac +++ b/configure.ac

util.h needed by filter-regex

Looks like another openbsd-compat issue: x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../api -I../../../../openbsd-compat -I../../../../contrib/lib/libc/asr -I/usr/include -DNO_IO -DBUILD_FILTER -c -o ../../../../extras/wip/filters/filter-regex/filter_regex.o

libevent version define

Hi folks, I'm working on getting opensmtpd rolling again in Gentoo. There are issues with libevent during configure with 5.4.5p2: | #include stdio.h | #include string.h | #include event.h | #define DATA conftest.libeventincver | | int | main () | { | | FILE *fd; | int rc; | |

Re: libevent version define

Strange. Looks like this exists in 2.0.22 but not in 2.1.5. This must be distro related / upstream related. Sorry for the noise.

Re: libevent version define

Hi Gilles, See the attached patch. Thanks, Jason diff -ru opensmtpd-5.4.5p2/configure opensmtpd-5.4.5p2-fixed/configure --- opensmtpd-5.4.5p2/configure 2015-04-29 22:53:03.0 +0200 +++ opensmtpd-5.4.5p2-fixed/configure 2015-05-27 14:20:48.977763792 +0200 @@ -19667,7 +19667,7 @@ if(fd ==

[PATCH] Makefile.am: use more standard paths for python

Python is generally in /usr/lib and /usr/include, not the local varieties. --- extras/wip/filters/filter-python/Makefile.am | 4 ++-- extras/wip/queues/queue-python/Makefile.am | 4 ++-- extras/wip/schedulers/scheduler-python/Makefile.am | 4 ++--

Re: libevent version define

Also, the same patch should be applied to opensmtpd-extras. It applies cleanly to it. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: libevent version define

Okay, so actually, this is a OpenSMTPD issue. It should be using LIBEVENT_VERSION, which works across versions. _EVENT_VERSION was phased out in 2012.

[PATCH v2] Makefile.am: use more standard paths for python

Python can be discovered using python-config --- extras/wip/filters/filter-python/Makefile.am | 4 ++-- extras/wip/queues/queue-python/Makefile.am | 4 ++-- extras/wip/schedulers/scheduler-python/Makefile.am | 4 ++-- extras/wip/tables/table-python/Makefile.am | 4 ++-- 4

Re: man page formatting confusion

The new senders keyword: https://github.com/OpenSMTPD/OpenSMTPD/issues/227#issuecomment-68953594

Re: Extras not in snapshots but in releases?

On Thu, Jan 8, 2015 at 7:29 PM, Gilles Chehade gil...@poolp.org wrote: A bit of work is being done to make the extras repository in a state it can be snapshotted too. Cool! Looking forward.

missing grp.h header

Hi all, Gentoo ships with the attached patch for 5.4.4 to quiet build-time warnings. Would you upstream this? Thanks, Jason diff -ru opensmtpd-5.4.4p1/smtpd/ca.c opensmtpd-5.4.4p1-modified/smtpd/ca.c --- opensmtpd-5.4.4p1/smtpd/ca.c 2014-12-24 11:46:55.0 +0100 +++

tarballs with libasr?

Hi all, With 5.4.4 and latest snapshots requiring libasr, why does the smtpd/asr tree still exist in the tarballs? Thanks, Jason -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: attention, attention, changes !

On Tue, Jun 17, 2014 at 3:37 PM, Gilles Chehade gil...@poolp.org wrote: In a couple weeks, our snapshots will no longer ship asr and assume that the standalone library is a requirement so you should really consider to package the lib. Slightly more work but for a good cause :-) Could you tag a

Re: Bug (with full logs): Submitting blank messages to relaying servers

I should have specified: latest snapshot as of writing. On Jun 4, 2014 1:26 PM, Jason A. Donenfeld ja...@zx2c4.com wrote: Hi Gilles, I've encountered a strange bug. Recently, every time I send a message to more than one gmail user at a time, I get a bounce message, saying there was an error

Re: new privsep for rsa and ca [was: [OpenSMTPD] master snapshot opensmtpd-201405071639 available]

On Mon, May 12, 2014 at 5:19 PM, Gilles Chehade gil...@poolp.org wrote: We have abused the term privsep, in this particular case it's not really privileges separation but really vmem. space separation. The goal was to isolate that code from the network, it could be done in the lookup process

Re: new privsep for rsa and ca [was: [OpenSMTPD] master snapshot opensmtpd-201405071639 available]

On Thu, May 8, 2014 at 2:56 PM, Gilles Chehade gil...@poolp.org wrote: On Thu, May 08, 2014 at 05:08:36AM +0200, Jason A. Donenfeld wrote: no, no new UID/username required Curious, then, as to what kind of privsep this provides...

Useless and unprofessional process names.

Before: frisell ~ # ps aux|grep smtp root 836 0.0 0.1 41724 1744 ?Ss Apr30 0:00 smtpd: [priv] smtpq 837 0.0 0.2 43680 4164 ?SApr30 0:21 smtpd: queue smtpd 839 0.0 0.1 41788 1724 ?SApr30 0:17 smtpd: control smtpd 840 0.0

new privsep for rsa and ca [was: [OpenSMTPD] master snapshot opensmtpd-201405071639 available]

On Wed, May 7, 2014 at 4:43 PM, gil...@poolp.org wrote: - RSA engine privsep by reyk@ - ca process, by reyk Do these require new UIDs/usernames?

Reenable archives directory listing, SVP

Hi Gilles, https://www.opensmtpd.org/archives/ This used to give me a directory listing of all the packages. I use this in a notifier script to check if there's a new snapshot I should bump for Gentoo. Every couple of days or so I'm bored and I run it, and it tells me if I should put on my

git push --tags

Can you guys remember to do this? I like being able to see which commits each snapshot contains. Thanks, Jason -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Bounces without Bodies

Hi folks, Spammers have an easy trick against OpenSMTPD: they send a message that bounces for some reason (say, it's forwarded to another MTA that rejects it on on the basis of it being spam), and the bounce message then contains the original spam message. Egress spam filters on various hosting

Re: Bounces without Bodies

A ticket: https://github.com/poolpOrg/OpenSMTPD/issues/429 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Bounces without Bodies

On Mon, Mar 3, 2014 at 8:17 PM, Gilles Chehade gil...@poolp.org wrote: I understand the issue but the way you're presenting it makes it look like everyone is affected and can be abused by spammers, I'd like to clarify that this easy trick requires you to have a specific setup that involves

mysterious crash

The last few lines of the log, running the latest snapshot: Feb 12 13:45:40 frisell smtpd[1730]: smtp-out: Error on session 986a7ec4871b2d72: Connection closed unexpectedly Feb 12 13:46:01 frisell smtpd[1730]: smtp-out: Enabling route 192.95.5.64 - 5.9.185.238 (www.Argentina.net) Feb 12 13:46:26

Re: smtpscript

Would you mind giving a little description of it in the readme? I poked through the source and it looks like something that talks smtp using some sort of script, but I don't know beyond that, or what it's useful for, and I'm curious to know. -- You received this mail because you are subscribed

Re: [OpenSMTPD] portable snapshot opensmtpd-201401201010p1 available

On Mon, Jan 20, 2014 at 10:14 AM, gil...@poolp.org wrote: to help us spot where the issue is comming from. You can access all comming - coming -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Exit codes

Bump -- gilles? Has any behavior been explicitly defined or should I go hunting in the source?

Re: Exit codes

On Thu, Oct 31, 2013 at 1:28 PM, Gilles Chehade gil...@poolp.org wrote: As for smtpd, it's simpler: it shouldn't terminate unless it explicitely is terminated by root somehow. If it has terminated for any reason other than root killing it through killall or smtpctl stop (which is the same)

Exit codes

Hi all, Sorry if this question has previously been answered. I'm wondering about exit codes. Does OpenSMTPD have different exit codes for: - when it receives SIGTERM - when it receives SIGKILL - when one of the processes dies and then the main process as a result needs to exit - when smtpctl

Re: Memory Leaks

On Mon, Oct 21, 2013 at 3:51 PM, Gilles Chehade gil...@poolp.org wrote: I've never seen such a crap bug report, there's not a single information that we could possibly use to figure out what the issue is and help you. Yes, I know. The purpose of writing I'm not sure how I should even go about

Memory Leaks

Hi, I am now on bad terms and have a bit of a tarnished reputation with family, friends, and importantly, with clients. OpenSMTPD leaks. I don't know exactly where or how, but it does. I've been running it on a system with 256megs of ram, and seemingly randomly, it will eat up all the ram and

Re: CONFIG PR0N !?

frisell opensmtpd # cat smtpd.conf pki frisell.zx2c4.com certificate /etc/opensmtpd/certs/frisell.crt pki frisell.zx2c4.com key /etc/opensmtpd/certs/frisell.key pki frisell.zx2c4.com dhparams /etc/opensmtpd/certs/frisell.dh table smtpauth file:/etc/opensmtpd/auth.conf table hostmap { 127.0.0.1 =

Re: CONFIG PR0N !?

Thanks! Here we go. frisell opensmtpd # cat smtpd.conf pki frisell.zx2c4.com certificate /etc/opensmtpd/certs/frisell.crt pki frisell.zx2c4.com key /etc/opensmtpd/certs/frisell.key pki frisell.zx2c4.com dhparams /etc/opensmtpd/certs/frisell.dh table smtpauth file:/etc/opensmtpd/auth.txt table

Re: mailing list down for an hour

Specifically: accept from any for domain lists.zx2c4.com virtual { @lists.zx2c4.com = mailman } deliver to mda /var/lib/mailman/smtpd-deliver %{rcpt.user} Or in your case: accept from any for domain opensmtpd.org virtual { misc@opensmtpd.org = mjllm } deliver to mda /path/to/the/mjllmthing

Re: mailing list manager ?

I've had lots of success with mailman on lists.zx2c4.com. Here's my config for it: listen on eth0 hostname krantz.zx2c4.com accept from any for domain lists.zx2c4.com virtual { @lists.zx2c4.com = mailman } deliver to mda /var/lib/mailman/smtpd-deliver %{rcpt.user} Mailman is configured with the

Re: RE : Re: [PATCH] Control received lines via hide-received and mask-received

On Mon, Aug 26, 2013 at 7:26 PM, Gilles Chehade gilles.cheh...@gmail.com wrote: 3- The diff I committed was written in ten minutes after a discussion on IRC where someone suggested that we DON'T remove the Received line but simply skip part of it. This turned out to be acceptable as the line

Re: just a test, please disregard

Hey I'm sort of curious on what you're using for this mailing list. Presumably it's custom code? Would love to read the code of it, if you care to open source it! -- You received this email because you are subscribed to the misc@opensmtpd.org list To unsubscribe, send mail with subject:

Re: [PATCH] Allow MDA to bounce messages.

On Tue, Jun 11, 2013 at 11:04 PM, Gilles Chehade gil...@poolp.org wrote: Why don't you use the error: feature ? table vmap { f...@opensmtpd.org = error:530 not happening, \ b...@opensmtpd.org = error:421 not happening for now, \ gil...@opensmtpd.org =

Re: [PATCH] Allow MDA to bounce messages.

Okay this apparently doesn't work: accept from any for domain hjemli.net virtual { c...@hjemli.net = error:530 The CGit mailing list has changed homes. == Update your address book! == The cgit mailing list has changed to a new host, and you can subscribe to the new list here:

Re: last snapshots

On Tue, Jun 11, 2013 at 6:11 PM, Gilles Chehade gil...@poolp.org wrote: v6 uses a different notation: Right, so I have to duplicate my listen on lines to listen on all now? -- You received this email because you are subscribed to mailing list: misc@opensmtpd.org To unsubscribe, send mail with