Re: FAQ question

2017-10-30 Thread Chris Eidem 
Mea cup, mea maxima culpa…

Thank you for the swat with the clue stick.

> On Oct 30, 2017, at 9:54 AM, Bruno Pagani  wrote:
> Both. A passwd table is a passwd table, an auth table is an auth table. The 
> latter is the standard format for OpenSMTPd, the former is a classical format 
> that OpenSMTPd support through the file driver of the same name.
> 
> 

It was the error that Joris pointed out with the {BLF-CRYPT} in the passwd file.

> You’ve missed one line: “A standard OpenBSD installation as well as a recent 
> installation of OpenSMTPD-extras including: table-passwd […] is assumed”.
> 
> Regards,
> Bruno

I did indeed and that was carelessness on my part.  Again, thanks all for the 
correction.

smime.p7s
Description: S/MIME cryptographic signature

Re: FAQ question

2017-10-30 Thread Bruno Pagani 
Hi,

Le 30/10/2017 à 15:23, Chris Eidem a écrit :

> I’m attempting to create a multi-domain opensmtpd+dovecot set up.  I have a 
> question about the FAQ example.  In it you have the following line in the 
> config:
>
> listen on egress port 587 tls-require pki mail.example.com auth 
>
> and you have the passwd table in the dovecot as follows:
>
> j...@example.com:$2b$...encrypted...password...::
> u...@example.net:$2b$...encrypted...password...::userdb_quota_rule=*:storage=1G
>
> But in tables.5 it is stated that auth tables are in this format:
>
> Credentials tables are mappings of credentials. They can be used in two 
> contexts:
> listen on tls [...] auth  
>
> In a listener context, the credentials are a mapping of username and 
> encrypted passwords:
> user1 $2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe 
> user2 $2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>
> I am getting failures attempting to connect to my submission port.  The part 
> of my config relevant is:
> listen on lo0
> listen on egress port 25 tls pki mail.ceidem.com
> listen on egress port 465 tls-require pki mail.ceidem.com
> listen on egress port 587 tls-require pki mail.ceidem.com auth 
>
> with the passwd file:
>
> cei...@ceidem.com:{BLF-CRYPT}$2a$05$...encrypted...password...::
>
> Which is correct?  What have I missed?

Both. A passwd table is a passwd table, an auth table is an auth table.
The latter is the standard format for OpenSMTPd, the former is a
classical format that OpenSMTPd support through the file driver of the
same name.

To understand your issue, we would need to know the table you have defined.
You should have something like `table passwd passwd:/etc/mail/passwd`
pointing toward your passwd file.

Also, are you trying to connect to 587 or 465? If the latter, note that
you’re missing the auth part on this line, so this might only be used to
deliver mail to local recipients.

In any case, please give more details about “failures attempting to
connect”, what kind of failures ?

> Also, in the FAQ, you have the following config section:
>
> # tables setup
> table aliases file:/etc/mail/aliases
> table domains file:/etc/mail/domains
> table passwd passwd:/etc/mail/passwd
> table virtuals file:/etc/mail/virtuals
>
> But is it never mentioned that the passwd file driver is included in 
> opensmtpd-extras.  Took me a bit to figure that out.

You’ve missed one line: “A standard OpenBSD installation as well as a
recent installation of OpenSMTPD-extras including: table-passwd […] is
assumed”.

Regards,
Bruno


signature.asc
Description: OpenPGP digital signature

Re: FAQ question

2017-10-30 Thread Joris Vanhecke 
I suggest reading the FAQ again.

On Mon, 30 Oct 2017, at 03:23 PM, Chris Eidem wrote:
> I’m attempting to create a multi-domain opensmtpd+dovecot set up.  I have
> a question about the FAQ example.  In it you have the following line in
> the config:
> 
> listen on egress port 587 tls-require pki mail.example.com auth 
> 
> and you have the passwd table in the dovecot as follows:
> 
> j...@example.com:$2b$...encrypted...password...::
> u...@example.net:$2b$...encrypted...password...::userdb_quota_rule=*:storage=1G
> 
> But in tables.5 it is stated that auth tables are in this format:
> 
> Credentials tables are mappings of credentials. They can be used in two
> contexts:
> listen on tls [...] auth  

Yes but this is table-passwd.5
It's OpenSMTPD-extras feature.

> 
> In a listener context, the credentials are a mapping of username and
> encrypted passwords:
> user1   $2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe 
> user2   $2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
> 
> I am getting failures attempting to connect to my submission port.  The
> part of my config relevant is:
> listen on lo0
> listen on egress port 25 tls pki mail.ceidem.com
> listen on egress port 465 tls-require pki mail.ceidem.com
> listen on egress port 587 tls-require pki mail.ceidem.com auth 
> 
> with the passwd file:
> 
> cei...@ceidem.com:{BLF-CRYPT}$2a$05$...encrypted...password...::

Did you try what is exactly in the FAQ? 
Without the {BLF-CRYPT} part?

> 
> Which is correct?  What have I missed?
> 
> Also, in the FAQ, you have the following config section:
> 
> # tables setup
> table aliases file:/etc/mail/aliases
> table domains file:/etc/mail/domains
> table passwd passwd:/etc/mail/passwd
> table virtuals file:/etc/mail/virtuals
> 
> But is it never mentioned that the passwd file driver is included in
> opensmtpd-extras.  Took me a bit to figure that out.  

Yes it is.

> 
> Thank you for your time,
> Chris
> Email had 1 attachment:
> + smime.p7s
>   3k (application/pkcs7-signature)

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org