Re: Sendmail reporting 421 4.3.0 Temporary Error

2020-01-06 Thread gilles 
for the record, solved off-list on IRC:

permission on directories within the queue had been altered.


January 6, 2020 2:19 AM, "jrmu"  wrote:

> Greetings,
> 
> I am running OpenBSD 6.6 GENERIC#3 amd64 and getting an
> inexplicable 421 4.3.0 Temporary Error when using 
> sendmail with opensmtpd.
> 
> Here is my current mail setup:
> 
> Inside bnc3.ircnow.org, I have /etc/mail/smtpd.conf:
> 
> table aliases file:/etc/mail/aliases
> table secrets file:/etc/mail/secrets
> 
> listen on lo0
> 
> action "local_mail" mbox alias 
> action "outbound" relay host smtp+tls://supp...@ircnow.org:587 \
> auth 
> 
> match for local action "local_mail"
> match for any action "outbound"
> 
> Inside /etc/mail/secrets:
> 
> support supp...@ircnow.org:PASSWORD
> 
> I am using ircnow.org as a mail relay. Here is its 
> /etc/mail/smtpd.conf:
> 
> pki mail.ircnow.org cert "/etc/ssl/ircnow.org.fullchain.pem"
> pki mail.ircnow.org key "/etc/ssl/private/ircnow.org.key"
> 
> # tables setup
> table aliases file:/etc/mail/aliases
> table domains file:/etc/mail/domains
> table passwd passwd:/etc/mail/passwd
> table virtuals file:/etc/mail/virtuals
> table hosts file:/etc/mail/hosts
> 
> listen on lo0 mask-src
> listen on lo0 port 10028 tag DKIM mask-src
> listen on egress port 25 tls pki mail.ircnow.org mask-src
> listen on egress port 587 tls-require pki mail.ircnow.org auth  
> mask-src 
> action "lmtp" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
> action "relay" relay
> action "relay_dkim" relay host smtp://127.0.0.1:10027
> 
> match from any for domain  action "lmtp"
> match tag DKIM for any action "relay"
> match from src  for any action "relay_dkim"
> match auth from any for any action "relay_dkim"
> 
> On bnc3.ircnow.org, I run this command:
> 
> $ /usr/sbin/sendmail -tv -F support -f support < samplemail
> 
> samplemail contains this message:
> 
> From: support  
> To: u...@example.com 
> Subject: Welcome to IRCNow! 
> MIME-Version: 1.0 
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline 
> 
> Welcome to IRCNow!
> 
> When running the above command, I get this output:
> 
> <<< 220 bnc3.ircnow.org ESMTP OpenSMTPD
> 
>> EHLO localhost
> 
> <<< 250-bnc3.ircnow.org Hello localhost [local], pleased to meet you
> <<< 250-8BITMIME
> <<< 250-ENHANCEDSTATUSCODES
> <<< 250-SIZE 36700160
> <<< 250 HELP
>> MAIL FROM:
> 
> <<< 421 4.3.0 Temporary Error
> sendmail: command failed: 421 4.3.0 Temporary Error
> 
> On bnc3.ircnow.org, I see this in /var/log/maillog:
> 
> Jan 3 08:26:27 bnc3 smtpd[]: smtp disconnected reason=quit
> Jan 3 08:38:36 bnc3 smtpd[]: smtp connected address=local host=bnc3.ircnow.org
> Jan 3 08:38:36 bnc3 smtpd[]: smtp failed-command command="MAIL 
> FROM: "
> result="421 4.3.0 Temporary Error"
> Jan 3 08:38:36 bnc3 smtpd[]: smtp disconnected reason=quit
> 
> The mail relay (ircnow.org) never even sees the email, since
> bnc3.ircnow.org is not sending it. Instead, the mail is discarded.
> 
> I then tried running $ nc localhost 25:
> 
> 220 bnc3.ircnow.org ESMTP OpenSMTPD
> ehlo bnc3
> 250-bnc3.ircnow.org Hello bnc3 [127.0.0.1], pleased to meet you
> 250-8BITMIME
> 250-ENHANCEDSTATUSCODES
> 250-SIZE 36700160
> 250-DSN
> 250 HELP
> mail from: 
> 421 4.3.0 Temporary Error
> 
> About 50-70% of the time, I get the above message. Could opensmtpd
> be greylisting sendmail from localhost?
> 
> I tried enabling debugging:
> 
> # smtpd -dv
> 
> Then, I attempt to use sendmail:
> 
> $ /usr/sbin/sendmail -tv -F support -f support < samplemail
> 
> mta delivery evpid= from= to= 
> rcpt=<->
> source="209.141.50.204" relay="209.141.46.110 (mail.ircnow.org)" delay=0s 
> result="Ok" stat="250
> 2.0.0 Message accepted for delivery"
> debug: mta: : no task for relay 
> [relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx]
> mta: debug: last connection: hanging on for 10s
> debug: mta: flush for (-> u...@example.com)
> debug: mta: ... timeout for 
> [relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx]
> debug: mta: draining 
> [relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx] refcount=2,
> ntask=0, nconnector=1, nconn=1
> debug: mta: all done for 
> [relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx]
> smtp connected address=local host=bnc3.ircnow.org smtp failed-command 
> command="MAIL
> FROM: " result="421 4.3.0 Temporary Error"
> smtp disconnected reason=quit
> debug: control -> client: pipe closed
> debug: clearing p=client, fd=11, pid=0
> mta: timeout for session hangon
> 
> I tried adding tracing:
> 
> # smtpd -dv -T all
> 
> Then calling:
> 
> $ /usr/sbin/sendmail -tv -F support -f support < samplemail
> 
> mproc: lka -> pony: enabled
> debug: smtpd: scanning offline queue...
> debug: smtpd: offline scanning done
> mproc: control -> client-proc: enabled
> ramstat: increment: control.session
> ramstat: control.session (0x): 0 -> 1
> mproc: control -> pony : 4 IMSG_CTL_SMTP_SESSION
> imsg: pony <- control: IMSG_CTL_SMTP_SESSION (len=4)
> smtp: 0x: connected to listener 0x [hostn

Sendmail reporting 421 4.3.0 Temporary Error

2020-01-05 Thread jrmu 
Greetings,

I am running OpenBSD 6.6 GENERIC#3 amd64 and getting an
inexplicable 421 4.3.0 Temporary Error when using 
sendmail with opensmtpd.

Here is my current mail setup:

Inside bnc3.ircnow.org, I have /etc/mail/smtpd.conf:

table aliases file:/etc/mail/aliases
table secrets file:/etc/mail/secrets

listen on lo0

action "local_mail" mbox alias 
action "outbound" relay host smtp+tls://supp...@ircnow.org:587 \
auth 

match for local action "local_mail"
match for any action "outbound"

Inside /etc/mail/secrets:

support supp...@ircnow.org:PASSWORD

I am using ircnow.org as a mail relay. Here is its 
/etc/mail/smtpd.conf:

pki mail.ircnow.org cert "/etc/ssl/ircnow.org.fullchain.pem"
pki mail.ircnow.org key "/etc/ssl/private/ircnow.org.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals
table hosts file:/etc/mail/hosts

listen on lo0 mask-src
listen on lo0 port 10028 tag DKIM mask-src
listen on egress port 25 tls pki mail.ircnow.org mask-src
listen on egress port 587 tls-require pki mail.ircnow.org auth  
mask-src 
action "lmtp" lmtp "/var/dovecot/lmtp" rcpt-to virtual 
action "relay" relay
action "relay_dkim" relay host smtp://127.0.0.1:10027

match from any for domain  action "lmtp"
match tag DKIM for any action "relay"
match from src  for any action "relay_dkim"
match auth from any for any action "relay_dkim"

On bnc3.ircnow.org, I run this command:

$ /usr/sbin/sendmail -tv -F support -f support < samplemail

samplemail contains this message:

From: support 
To: u...@example.com   
Subject: Welcome to IRCNow!   
MIME-Version: 1.0  
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline   
 
Welcome to IRCNow!

When running the above command, I get this output:

<<< 220 bnc3.ircnow.org ESMTP OpenSMTPD
>>> EHLO localhost 
<<< 250-bnc3.ircnow.org Hello localhost [local], pleased to meet you  
<<< 250-8BITMIME  
<<< 250-ENHANCEDSTATUSCODES   
<<< 250-SIZE 36700160 
<<< 250 HELP   
>>> MAIL FROM:  
<<< 421 4.3.0 Temporary Error 
sendmail: command failed: 421 4.3.0 Temporary Error   

On bnc3.ircnow.org, I see this in /var/log/maillog:

Jan  3 08:26:27 bnc3 smtpd[]: smtp disconnected reason=quit
Jan  3 08:38:36 bnc3 smtpd[]: smtp connected address=local host=bnc3.ircnow.org
Jan  3 08:38:36 bnc3 smtpd[]: smtp failed-command command="MAIL 
FROM:  " result="421 4.3.0 Temporary Error"
Jan  3 08:38:36 bnc3 smtpd[]: smtp disconnected reason=quit

The mail relay (ircnow.org) never even sees the email, since 
bnc3.ircnow.org is not sending it. Instead, the mail is discarded.

I then tried running $ nc localhost 25:

220 bnc3.ircnow.org ESMTP OpenSMTPD
ehlo bnc3
250-bnc3.ircnow.org Hello bnc3 [127.0.0.1], pleased to meet you
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-SIZE 36700160
250-DSN
250 HELP
mail from: 
421 4.3.0 Temporary Error

About 50-70% of the time, I get the above message. Could opensmtpd 
be greylisting sendmail from localhost?

I tried enabling debugging:

# smtpd -dv

Then, I attempt to use sendmail:

$ /usr/sbin/sendmail -tv -F support -f support < samplemail 

mta delivery evpid= from= to= 
rcpt=<-> source="209.141.50.204" relay="209.141.46.110 (mail.ircnow.org)" 
delay=0s result="Ok" stat="250 
2.0.0  Message accepted for delivery" 
debug: mta: : no task for relay 
[relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx]

mta: debug: last connection: hanging on for 10s   
debug: mta: flush for  (-> u...@example.com)   
debug: mta: ... timeout for 
[relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx]

debug: mta: draining 
[relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx] refcount=2, 
ntask=0, nconnector=1, nconn=1
debug: mta: all done for 
[relay:ircnow.org,port=587,smtp+tls,auth=secrets:support,mx]
   
 smtp connected address=local host=bnc3.ircnow.org smtp failed-command 
command="MAIL FROM:  " result="421 4.3.0 Temporary 
Error" 
smtp disconnected reason=quit
debug: control -> client: pipe closed
debug: clearing p=client, fd=11, pid=0
mta: timeout for session hangon

I tried adding tracing:

# smtpd -dv -T all

Then calling:

$ /usr/sbin/sendmail -tv -F support -f support < samplemail 

mproc: lka -> pony: enabled   
debug: smtpd: scanning offline queue...   
debug: smtpd: offli