Re: OpenSMTPd + Dovecot + mlmmj infinite loop while sending messages from localhost to any remote addresses

2020-03-10 Thread Martin
Update: signing by DKIM proxy must be the latest rule to prevent looping. Below 
is updated correct rules order.

listen on lo0 port 1030 tag DKIM_OUT
action "dkim-sign" relay host smtp://127.0.0.1:1030

match tag DKIM_OUT for any action "outbound"
match from local for any action "dkim-sign"

Martin

‐‐‐ Original Message ‐‐‐
On Tuesday, March 10, 2020 6:13 PM, Martin  wrote:

> Finally fixed smtpd looping behavior.
>
> /etc/dkimproxy_out.conf points to message signing keys which have 
> insufficient permissions to read.
>
> Affected rules:
>
> listen on lo0 port 1030 tag DKIM_OUT
> action "dkim-sign" relay host smtp://127.0.0.1:1030
>
> match from local for any action "dkim-sign"
>
> match tag DKIM_OUT for any action "outbound"
>
> Martin
>
> ‐‐‐ Original Message ‐‐‐
> On Tuesday, March 10, 2020 1:46 PM, Reio Remma  wrote:
>
>> Try running 'smtpd -d -T rules' and see what rule you're hitting.
>>
>> Or alternatively 'smtpctl trace rules' and look at maillog and later turn it 
>> off with 'smtpctl untrace rules'.
>>
>> match auth most likely doesn't work at all if you submit to port 25 without 
>> authentication.
>>
>> Good luck,
>> Reio
>>
>> On 10/03/2020 15:35, Martin wrote:
>>
>>> table reject-subnet
>>> file:/etc/mail/reject-subnet
>>> (contains 192.168.2.0/24)
>>> table reject-domain
>>> file:/etc/mail/reject-domain
>>> (contains nothing)
>>> table reject-domain
>>> file:/etc/mail/reject-domain-helo
>>> (contains nothing)
>>>
>>> action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
>>> action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to alias 
>>> action "spampd-in" relay host
>>> smtp://127.0.0.1:10025
>>> action "dkim-sign" relay host
>>> smtp://127.0.0.1:1027
>>> action "outbound" relay src  helo-src 
>>>
>>> match from src  for any reject
>>> match from any mail-from  for any reject
>>> match from any helo  for any reject
>>>
>>> match from local for local action "local-aliases"
>>> match tag SPAM_IN fro local action "local-aliases"
>>> match from any for domain  action "virtual-users"
>>> match tag SPAM_IN from any for domain  action "virtual-users"
>>>
>>> match tag DKIM_OUT for any action "outbound"
>>> match auth from any for any action "outbound"
>>>
>>> ‐‐‐ Original Message ‐‐‐
>>> On Tuesday, March 10, 2020 1:22 PM, Reio Remma
>>> [](mailto:r...@mrstuudio.ee)
>>> wrote:
>>>
 On 10/03/2020 15:18, Martin wrote:

> Hello list,
> Undefined problem with mail infinite looping if I send messages from mail
> server's localhost to any domains outside.
> If I sent mail from mail server itself (from localhost) to aliased
> addresses and virtuals on the same mail's server domain, all the
> messages delivered fine even sent from localhost.
> In two sentences:
> Sending from localhost to 'remote' addresses > infinite loop
> Sending from localhost to 'local' aliases and virtual users > all
> works fine
> In both ways I'm using Mutt locally on mail server. Mutt connects to
> 127.0.0.1:25 in clear without any auth.
> $ cat /etc/smtpd.conf
> ...
> table aliases db:/etc/mail/aliases.db
> table virtuals db:/etc/mail/virtuals.db
> listen on lo0 tls pki smtp.domain.tld mask-src no-dsn hostname
>  tag SMTP
> action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
> action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
> action "outbound" relay src  helo-src 
> match auth from any for any action "outbound"

 What are your other match rules (in correct order)?

 Reio
>>
>> --
>> Tervitades
>> Reio Remma
>>
>> MR Stuudio OÜ
>> Tondi 17b, 11316, Tallinn
>> Tel +372 650 4808
>> Mob +372 56 22 00 33
>> r...@mrstuudio.ee
>> www.mrstuudio.ee

Re: OpenSMTPd + Dovecot + mlmmj infinite loop while sending messages from localhost to any remote addresses

2020-03-10 Thread Martin
Finally fixed smtpd looping behavior.

/etc/dkimproxy_out.conf points to message signing keys which have insufficient 
permissions to read.

Affected rules:

listen on lo0 port 1030 tag DKIM_OUT
action "dkim-sign" relay host smtp://127.0.0.1:1030
   
match from local for any action "dkim-sign"
   
match tag DKIM_OUT for any action "outbound"

Martin

‐‐‐ Original Message ‐‐‐
On Tuesday, March 10, 2020 1:46 PM, Reio Remma  wrote:

> Try running 'smtpd -d -T rules' and see what rule you're hitting.
>
> Or alternatively 'smtpctl trace rules' and look at maillog and later turn it 
> off with 'smtpctl untrace rules'.
>
> match auth most likely doesn't work at all if you submit to port 25 without 
> authentication.
>
> Good luck,
> Reio
>
> On 10/03/2020 15:35, Martin wrote:
>
>> table reject-subnet
>> file:/etc/mail/reject-subnet
>> (contains 192.168.2.0/24)
>> table reject-domain
>> file:/etc/mail/reject-domain
>> (contains nothing)
>> table reject-domain
>> file:/etc/mail/reject-domain-helo
>> (contains nothing)
>>
>> action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
>> action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to alias 
>> action "spampd-in" relay host
>> smtp://127.0.0.1:10025
>> action "dkim-sign" relay host
>> smtp://127.0.0.1:1027
>> action "outbound" relay src  helo-src 
>>
>> match from src  for any reject
>> match from any mail-from  for any reject
>> match from any helo  for any reject
>>
>> match from local for local action "local-aliases"
>> match tag SPAM_IN fro local action "local-aliases"
>> match from any for domain  action "virtual-users"
>> match tag SPAM_IN from any for domain  action "virtual-users"
>>
>> match tag DKIM_OUT for any action "outbound"
>> match auth from any for any action "outbound"
>>
>> ‐‐‐ Original Message ‐‐‐
>> On Tuesday, March 10, 2020 1:22 PM, Reio Remma
>> [](mailto:r...@mrstuudio.ee)
>> wrote:
>>
>>> On 10/03/2020 15:18, Martin wrote:
>>>
 Hello list,
 Undefined problem with mail infinite looping if I send messages from mail
 server's localhost to any domains outside.
 If I sent mail from mail server itself (from localhost) to aliased
 addresses and virtuals on the same mail's server domain, all the
 messages delivered fine even sent from localhost.
 In two sentences:
 Sending from localhost to 'remote' addresses > infinite loop
 Sending from localhost to 'local' aliases and virtual users > all
 works fine
 In both ways I'm using Mutt locally on mail server. Mutt connects to
 127.0.0.1:25 in clear without any auth.
 $ cat /etc/smtpd.conf
 ...
 table aliases db:/etc/mail/aliases.db
 table virtuals db:/etc/mail/virtuals.db
 listen on lo0 tls pki smtp.domain.tld mask-src no-dsn hostname
  tag SMTP
 action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
 action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
 action "outbound" relay src  helo-src 
 match auth from any for any action "outbound"
>>>
>>> What are your other match rules (in correct order)?
>>>
>>> Reio
>
> --
> Tervitades
> Reio Remma
>
> MR Stuudio OÜ
> Tondi 17b, 11316, Tallinn
> Tel +372 650 4808
> Mob +372 56 22 00 33
> r...@mrstuudio.ee
> www.mrstuudio.ee

Re: OpenSMTPd + Dovecot + mlmmj infinite loop while sending messages from localhost to any remote addresses

2020-03-10 Thread Martin
table reject-subnet file:/etc/mail/reject-subnet (contains 192.168.2.0/24)
table reject-domain file:/etc/mail/reject-domain (contains nothing)
table reject-domain file:/etc/mail/reject-domain-helo (contains nothing)

action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "spampd-in" relay host smtp://127.0.0.1:10025
action "dkim-sign" relay host smtp://127.0.0.1:1027
action "outbound" relay src  helo-src 

match from src  for any reject
match from any mail-from  for any reject
match from any helo  for any reject

match from local for local action "local-aliases"
match tag SPAM_IN fro local action "local-aliases"
match from any for domain  action "virtual-users"
match tag SPAM_IN from any for domain  action "virtual-users"

match tag DKIM_OUT for any action "outbound"
match auth from any for any action "outbound"

Martin

> > On 10/03/2020 15:18, Martin wrote:
> >
> > > Hello list,
> > > Undefined problem with mail infinite looping if I send messages from mail
> > > server's localhost to any domains outside.
> > > If I sent mail from mail server itself (from localhost) to aliased
> > > addresses and virtuals on the same mail's server domain, all the
> > > messages delivered fine even sent from localhost.
> > > In two sentences:
> > > Sending from localhost to 'remote' addresses > infinite loop
> > > Sending from localhost to 'local' aliases and virtual users > all
> > > works fine
> > > In both ways I'm using Mutt locally on mail server. Mutt connects to
> > > 127.0.0.1:25 in clear without any auth.
> > > $ cat /etc/smtpd.conf
> > > ...
> > > table aliases db:/etc/mail/aliases.db
> > > table virtuals db:/etc/mail/virtuals.db
> > > listen on lo0 tls pki smtp.domain.tld mask-src no-dsn hostname
> > >  tag SMTP
> > > action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
> > > action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
> > > action "outbound" relay src  helo-src 
> > > match auth from any for any action "outbound"
> >
> > What are your other match rules (in correct order)?
> > Reio





Re: OpenSMTPd + Dovecot + mlmmj infinite loop while sending messages from localhost to any remote addresses

2020-03-10 Thread Reio Remma

Try running 'smtpd -d -T rules' and see what rule you're hitting.

Or alternatively 'smtpctl trace rules' and look at maillog and later 
turn it off with 'smtpctl untrace rules'.


match auth most likely doesn't work at all if you submit to port 25 
without authentication.


Good luck,
Reio

On 10/03/2020 15:35, Martin wrote:

table reject-subnet file:/etc/mail/reject-subnet (contains 192.168.2.0/24)
table reject-domain file:/etc/mail/reject-domain (contains nothing)
table reject-domain file:/etc/mail/reject-domain-helo (contains nothing)

action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "spampd-in" relay host smtp://127.0.0.1:10025
action "dkim-sign" relay host smtp://127.0.0.1:1027
action "outbound" relay src  helo-src 

match from src  for any reject
match from any mail-from  for any reject
match from any helo  for any reject

match from local for local action "local-aliases"
match tag SPAM_IN fro local action "local-aliases"
match from any for domain  action "virtual-users"
match tag SPAM_IN from any for domain  action "virtual-users"

match tag DKIM_OUT for any action "outbound"
match auth from any for any action "outbound"


‐‐‐ Original Message ‐‐‐
On Tuesday, March 10, 2020 1:22 PM, Reio Remma  wrote:


On 10/03/2020 15:18, Martin wrote:


Hello list,
Undefined problem with mail infinite looping if I send messages from mail
server's localhost to any domains outside.
If I sent mail from mail server itself (from localhost) to aliased
addresses and virtuals on the same mail's server domain, all the
messages delivered fine even sent from localhost.
In two sentences:
Sending from localhost to 'remote' addresses > infinite loop
Sending from localhost to 'local' aliases and virtual users > all
works fine
In both ways I'm using Mutt locally on mail server. Mutt connects to
127.0.0.1:25 in clear without any auth.
$ cat /etc/smtpd.conf
...
table aliases db:/etc/mail/aliases.db
table virtuals db:/etc/mail/virtuals.db
listen on lo0 tls pki smtp.domain.tld mask-src no-dsn hostname
 tag SMTP
action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
action "outbound" relay src  helo-src 
match auth from any for any action "outbound"

What are your other match rules (in correct order)?

Reio





--
Tervitades
Reio Remma

*MR Stuudio OÜ*
Tondi 17b, 11316, Tallinn
Tel +372 650 4808
Mob +372 56 22 00 33
r...@mrstuudio.ee
www.mrstuudio.ee





Re: OpenSMTPd + Dovecot + mlmmj infinite loop while sending messages from localhost to any remote addresses

2020-03-10 Thread Reio Remma

On 10/03/2020 15:18, Martin wrote:

Hello list,

Undefined problem with mail infinite looping if I send messages from mail
server's localhost to any domains outside.

If I sent mail from mail server itself (from localhost) to aliased
addresses and virtuals on the same mail's server domain, all the
messages delivered fine even sent from localhost.

In two sentences:
Sending from localhost to 'remote' addresses > infinite loop
Sending from localhost to 'local' aliases and virtual users > all 
works fine


In both ways I'm using Mutt locally on mail server. Mutt connects to 
127.0.0.1:25 in clear without any auth.


$ cat /etc/smtpd.conf
...
table aliases db:/etc/mail/aliases.db
table virtuals db:/etc/mail/virtuals.db

listen on lo0 tls pki smtp.domain.tld mask-src no-dsn hostname
 tag SMTP

action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
action "outbound" relay src  helo-src 

match auth from any for any action "outbound"


What are your other match rules (in correct order)?

Reio



OpenSMTPd + Dovecot + mlmmj infinite loop while sending messages from localhost to any remote addresses

2020-03-10 Thread Martin
Hello list,

Undefined problem with mail infinite looping if I send messages from mail
server's localhost to any domains outside.

If I sent mail from mail server itself (from localhost) to aliased
addresses and virtuals on the same mail's server domain, all the
messages delivered fine even sent from localhost.

In two sentences:
Sending from localhost to 'remote' addresses > infinite loop
Sending from localhost to 'local' aliases and virtual users > all works fine

In both ways I'm using Mutt locally on mail server. Mutt connects to 
127.0.0.1:25 in clear without any auth.

$ cat /etc/smtpd.conf
...
table aliases db:/etc/mail/aliases.db
table virtuals db:/etc/mail/virtuals.db

listen on lo0 tls pki smtp.domain.tld mask-src no-dsn hostname
 tag SMTP

action "local-aliases" lmtp "/var/dovecot/lmtp" rcpt-to alias 
action "virtual-users" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
action "outbound" relay src  helo-src 

match auth from any for any action "outbound"