[2023-10-18 11:42] Omar Polo
> On 2023/10/18 08:40:14 +0100, Stuart Henderson wrote:
> > On 2023/10/17 22:27, Philipp wrote:
> > > [2023-10-17 17:32] Omar Polo
> > > > [...]
>
> > > But I don't think your proposed patch is a good solution, because the
> > > result depend on the order of the RR
ould prevent these.
Completely agree.
diff 2d025d839f99dc09ee525c11a4ed09a0f3bbe7d0
02bb94351d3865e61483023cab9fa02bcac2970d
commit - 2d025d839f99dc09ee525c11a4ed09a0f3bbe7d0
commit + 02bb94351d3865e61483023cab9fa02bcac2970d
blob - 4cf5d23d1d14b5400c6f4429dae0a4f6490073d4
blob + 552a5cf91154
On 2023/10/17 22:27, Philipp wrote:
> [2023-10-17 17:32] Omar Polo
> >
> > There is one part of the RFC7505 that I'd like to quote and discuss
> > with you however. The last paragraph of the section 3 says:
> >
> > : A domain that advertises a null MX MUST NOT advertise any other MX
> > : RR.
>
[2023-10-17 17:32] Omar Polo
> sorry for the terrifc delay.
>
> On 2023/10/01 14:59:15 +0200, Philipp wrote:
> > Hi
> >
> > Setting Null MX is a way for domainowners to indicate that the domain
> > does not accept mail. Currently a Null MX causes a tempfail and the
> > mail will be queued and
check for localhost in dns_dispatch_host too? ;)
Thanks,
Omar Polo
diff 2d025d839f99dc09ee525c11a4ed09a0f3bbe7d0
8d6138e5b1e0bc112ff2584d8528e6bc95a39b6f
commit - 2d025d839f99dc09ee525c11a4ed09a0f3bbe7d0
commit + 8d6138e5b1e0bc112ff2584d8528e6bc95a39b6f
blob - 4cf5d23d1d14b5400c6f4429dae0a4f649007
t; records like a Null MX.
Philipp
From 2970019967e967d98ec30f86549f38788bff6081 Mon Sep 17 00:00:00 2001
From: Philipp
Date: Sun, 2 Jul 2023 01:27:35 +0200
Subject: [PATCH 1/2] implement rfc 7505 (Null MX)
Null MX is to indicate that a domain does not accept mail.
---
usr.sbin/smtpd/dns.c | 28 +++-
us
On 2023/08/12 19:07, Marc Espie wrote:
> On Sat, Aug 12, 2023 at 03:21:00PM +, gil...@poolp.org wrote:
> > August 12, 2023 4:34 PM, "Theo Buehler" wrote:
> >
> > > On Sat, Aug 12, 2023 at 02:29:45PM +, gil...@poolp.org wrote:
> > >
> > >> Hello,
> > >>
> > >> Someone asked about
On Sat, Aug 12, 2023 at 03:21:00PM +, gil...@poolp.org wrote:
> August 12, 2023 4:34 PM, "Theo Buehler" wrote:
>
> > On Sat, Aug 12, 2023 at 02:29:45PM +, gil...@poolp.org wrote:
> >
> >> Hello,
> >>
> >> Someone asked about selectable curves in the OpenSMTPD portable tracker,
> >> and
August 12, 2023 4:34 PM, "Theo Buehler" wrote:
> On Sat, Aug 12, 2023 at 02:29:45PM +, gil...@poolp.org wrote:
>
>> Hello,
>>
>> Someone asked about selectable curves in the OpenSMTPD portable tracker,
>> and it turns out I had a diff for that among a few others.
>
> Why do they need
On Sat, Aug 12, 2023 at 02:29:45PM +, gil...@poolp.org wrote:
> Hello,
>
> Someone asked about selectable curves in the OpenSMTPD portable tracker,
> and it turns out I had a diff for that among a few others.
Why do they need this?
for tls_config_set_ecdhecurves(3)
in the
same way ciphers were made selectable.
I also have a couple other diffs which I'll clean and send.
Index: mta.c
===
RCS file: /cvs/src/usr.sbin/smtpd/mta.c,v
retrieving revision 1.245
diff -u -p -u -p -r1.245 mta.c
On Sat, Jun 24, 2023 at 08:40:01PM +0200, Theo Buehler wrote:
> On Sat, Jun 24, 2023 at 08:15:40PM +0200, Omar Polo wrote:
> > while talking about a related matter with tb and jsing, jsing noted
> > that ssl_init() in smtpd is completely useless. All its loading is
> > alrea
On Sat, Jun 24, 2023 at 08:15:40PM +0200, Omar Polo wrote:
> while talking about a related matter with tb and jsing, jsing noted
> that ssl_init() in smtpd is completely useless. All its loading is
> already done automatically by libcrypto at runtime, and judging by the
> im
while talking about a related matter with tb and jsing, jsing noted
that ssl_init() in smtpd is completely useless. All its loading is
already done automatically by libcrypto at runtime, and judging by the
implementation of the called functions there's no need to actually
force the initialization
On Fri, 23 Jun 2023 11:58:47 +0200, Omar Polo wrote:
> another diff from the -portable repo:
>
> https://github.com/OpenSMTPD/OpenSMTPD/pull/1150
>
> per rfc-5321 § 4.1.1.9 the NOOP command allows optionally one argument
> that we SHOULD ignore.
>
> The original diff set the check function
e rfc specifies only one optional string, while here for semplicity
> it's relaxed to allow anything.
>
> diff /usr/src
> commit - 8def1c1c2777f0b5175283f8116e1eaab1f1962a
> path + /usr/src
> blob - 1686f03e96deeb5e6ea8b065456e04c27c752c8c
> file + usr.sbin/smtpd/smtp_session.
- 8def1c1c2777f0b5175283f8116e1eaab1f1962a
path + /usr/src
blob - 1686f03e96deeb5e6ea8b065456e04c27c752c8c
file + usr.sbin/smtpd/smtp_session.c
--- usr.sbin/smtpd/smtp_session.c
+++ usr.sbin/smtpd/smtp_session.c
@@ -212,6 +212,7 @@ static int smtp_check_noparam(struct smtp_session *,
static int
On Wed, 21 Jun 2023 19:11:09 +0200, Omar Polo wrote:
> On 2023/06/20 14:38:37 -0600, Todd C. Miller wrote:
> > > qid = ep+1;
> > > - if ((ep = strchr(qid, '|')) == NULL)
> > > - fatalx("Missing reqid: %s", line);
> > > - ep[0] = '\0';
> > > -
> >
> > This is not a new problem but we
(strcmp(response, "disconnect") == 0)
> > + else if (strncmp(response, "disconnect|", 11) == 0)
> > filter_result_disconnect(reqid, parameter);
> > else
> > fatalx("Invalid directive: %s", line);
Hello,
sorry for the delay and thanks for the patch.
On 2023/02/28 12:16:17 +0100, Philipp wrote:
> Hi
>
> On github someone reported an issue[0] regarding localhost MX entries.
> Currently smtpd will just use the localhost relay. This leads to a
> loop. Here a patch filt
we now need to use a few strncmp, but I think it's
> worth it.
This seems like a good approach, minor comments inline.
- todd
> diff /usr/src
> commit - 5c586f5f5360442b12bbc4ea18ce006ea0c3d126
> path + /usr/src
> blob - a714446c26fee299f4450ff1ad40289b5b327824
> file
hello tech@,
this was reported some time ago on the OpenSMTPD-portable repository[0]
[0]: https://github.com/OpenSMTPD/OpenSMTPD/pull/1192
Filters can register to the data-line event to alter the mail content.
smtpd, when parsing the filter' output it first copies the received
line
On Sun, 18 Jun 2023 16:49:30 +0200, Omar Polo wrote:
> some imsg types are missing from the big switch in imsg_to_str(),
> noticed after a report in m...@opensmtpd.org. Tracing shows:
>
> : imsg: lka <- dispatcher: IMSG_??? (139) (len=42)
>
> (imsg #139 should be IMSG_REPORT_SMTP_FILTER_RESPONSE
lob - 0bd24de8a65d0655a9866c5d3e66ad82a152959a
file + usr.sbin/smtpd/smtpd.c
--- usr.sbin/smtpd/smtpd.c
+++ usr.sbin/smtpd/smtpd.c
@@ -2081,19 +2081,22 @@ imsg_to_str(int type)
CASE(IMSG_REPORT_SMTP_LINK_CONNECT);
CASE(IMSG_REPORT_SMTP_LINK_DISCONNECT);
- CASE(IMSG_REPORT_SMTP_LINK_
send a user with a '|' and, depending on the filter used, make smtpd
> exit. (if the filter dies, smtpd does too)
>
> This was reported on the OpenSMTPD-portable github repository with
> Gilles' opensmtpd-filter-rspamd:
>
> https://github.com/OpenSMTPD/OpenSMTPD/issues/1213
>
> Diff b
nce this is triggered by the `auth login' command, anyone could
> send a user with a '|' and, depending on the filter used, make smtpd
> exit. (if the filter dies, smtpd does too)
>
> This was reported on the OpenSMTPD-portable github repository with
> Gilles' opensmtpd-filter-rspamd:
On 2023/06/14 16:34:39 +0200, Omar Polo wrote:
> For opensmtpd-filter-rspamd I have a corresponding diff that I'll send
> to Gilles as it is off-topic for tech@, but here it is too if you want
> to play with it:
>
> https://paste.omarpolo.com/9jtli2w
apologize, this one has a stupid typo.
Hello,
the `link-auth' event hash the user first and the result of the
operation after; this breaks when a username has a '|' character in
it. Since this is triggered by the `auth login' command, anyone could
send a user with a '|' and, depending on the filter used, make smtpd
exit
On 2023/05/25 19:23:48 +0200, Omar Polo wrote:
> As far as I (and grep) can see, smtpd and the part it needs in libtls
> are the only user of ECDSA_METHOD in tree.
>
> What I've understood talking with tb (and apologizes if I'm making
> mistakes) is that ECDSA_METH
On Wed, 31 May 2023 11:00:37 +0200, Omar Polo wrote:
> After a report of a build fail with some old gcc on RHEL7 / Centos, I
> noticed that we're lacking the include time.h for time(3),
> clock_gettime(3) and localtime(3). Diff below adds it in all the
> missing files. I'm also including
- 79631e141468cced94e502d777a484fa0eb1f60f
path + /usr/src
blob - 61e7b037bd90d2397e98e52cbb68e2436478b9b2
file + usr.sbin/smtpd/bounce.c
--- usr.sbin/smtpd/bounce.c
+++ usr.sbin/smtpd/bounce.c
@@ -22,6 +22,7 @@
#include
#include
#include
+#include
#include
#include "smtpd.h&
On Thu, May 25, 2023 at 07:23:48PM +0200, Omar Polo wrote:
> As far as I (and grep) can see, smtpd and the part it needs in libtls
> are the only user of ECDSA_METHOD in tree.
Yes, nothing else should be using this anymore, including ports.
ECDSA_METHOD and ECDH_METHOD were
As far as I (and grep) can see, smtpd and the part it needs in libtls
are the only user of ECDSA_METHOD in tree.
What I've understood talking with tb (and apologizes if I'm making
mistakes) is that ECDSA_METHOD was replaced with EC_KEY_METHOD. "We"
inherited the former, it got use
red to avoid misuse.
>
> just to provide a quick example, with `listen on ... ciphers foobar':
>
> % doas smtpd -d
> info: OpenSMTPD 7.0.0 starting
> dispatcher: no ciphers for 'foobar': No such file or directory
> smtpd: process dispatcher socket closed
>
>
avoid misuse.
>
> just to provide a quick example, with `listen on ... ciphers foobar':
>
> % doas smtpd -d
> info: OpenSMTPD 7.0.0 starting
> dispatcher: no ciphers for 'foobar': No such file or directory
> smtpd: process dispatcher socket closed
>
> So chan
foobar':
% doas smtpd -d
info: OpenSMTPD 7.0.0 starting
dispatcher: no ciphers for 'foobar': No such file or directory
smtpd: process dispatcher socket closed
So change most of them to fatalx which doesn't append errno. While
here I'm also logging the actual error, via
On 2023/05/15 07:34:03 -0600, "Todd C. Miller" wrote:
> On Mon, 15 May 2023 13:54:35 +0200, Omar Polo wrote:
>
> > almost always (cast)var. I've adjusted the spacing in the line I was
> > touching, grepping for common types I could only find one instance of
> > a '(long long) src' in envelope.c
May 15, 2023 3:34 PM, "Todd C. Miller" wrote:
> On Mon, 15 May 2023 13:54:35 +0200, Omar Polo wrote:
>
>> almost always (cast)var. I've adjusted the spacing in the line I was
>> touching, grepping for common types I could only find one instance of
>> a '(long long) src' in envelope.c which I'm
On Mon, 15 May 2023 13:54:35 +0200, Omar Polo wrote:
> almost always (cast)var. I've adjusted the spacing in the line I was
> touching, grepping for common types I could only find one instance of
> a '(long long) src' in envelope.c which I'm not addressing here.
OK millert@. It would be nice
(long long int)curoff);
+ (long long)curoff);
if (lseek(fd, 0, SEEK_SET) == (off_t)-1) {
mwarn("temporary file: %s", strerror(errno));
goto bad;
Index: usr.sbin/smtpd/bounce.c
nst also the two arrays
> > > > > > day
> > > > > > and month?
> > > > >
> > > > > ok.
> > > > >
> > > > > The previous diff used (long long int) and this one now uses (long
> > > > >
gt;
> > > > The previous diff used (long long int) and this one now uses (long
> > > > long).
> > > > Would be nice to be consistent.
> > >
> > > Yes, indeed. smtpd uses `long long int', while for mail.local doesn't
> > > h
not in portable- instead
> > > > of "const"-ify only tz why don't mark as const also the two arrays day
> > > > and month?
> > >
> > > ok.
> > >
> > > The previous diff used (long long int) and this one now uses (long long).
>
't mark as const also the two arrays day
> > > and month?
> >
> > ok.
> >
> > The previous diff used (long long int) and this one now uses (long long).
> > Would be nice to be consistent.
>
> Yes, indeed. smtpd uses `long long int', while for mail.local
> + (long long int)tv.tv_sec, tv.tv_usec,
Please do not use that form. (long long) is enough.
On Wed, 10 May 2023 09:25:43 +0200, Omar Polo wrote:
> I forgot to include one off_t cast since it was in a different
> directory and -even if off topic because it's not in portable- instead
> of "const"-ify only tz why don't mark as const also the two arrays day
> and month?
Sure. OK millert@
s day
> > and month?
>
> ok.
>
> The previous diff used (long long int) and this one now uses (long long).
> Would be nice to be consistent.
Yes, indeed. smtpd uses `long long int', while for mail.local doesn't
have any. I'll go with `long long int' for consistency, typed `long
long' out of muscular memory.
thanks!
On Wed, May 10, 2023 at 09:25:43AM +0200, Omar Polo wrote:
> On 2023/05/09 19:41:51 -0600, "Todd C. Miller" wrote:
> > On Wed, 10 May 2023 00:55:54 +0200, Omar Polo wrote:
> >
> > > As per subject, here's a few misc nits that would reduce the
> > > difference with -portable. There's some
uot;, name, curoff);
+ (void)snprintf(biffmsg, sizeof biffmsg, "%s@%lld\n", name,
+ (long long)curoff);
if (lseek(fd, 0, SEEK_SET) == (off_t)-1) {
mwarn("temporary file: %s", strerror(errno));
goto bad;
blob - 6e340ccde1a5
On Wed, 10 May 2023 00:55:54 +0200, Omar Polo wrote:
> As per subject, here's a few misc nits that would reduce the
> difference with -portable. There's some printing of time_t via
> casting to long long, some missing includes (even if in tree it builds
> nevertheless) and a const for a variable
including that too.)
ok?
diff /usr/src
commit - a2d3cb1e480c37eb6fb14cee9f2946606a0346bc
path + /usr/src
blob - 52924139091915e80409892fbd92dad375ee602c
file + usr.sbin/smtpd/lka_filter.c
--- usr.sbin/smtpd/lka_filter.c
+++ usr.sbin/smtpd/lka_filter.c
@@ -933,13 +933,13 @@ filter_protocol_query
On 2023/03/19 08:11:27 -0600, Todd C. Miller wrote:
> The current code for extracting the token name from %{name} can be
> simplified by computing the token name length. The existing code
> copies "name}" to token[] using memcpy(), then strchr() to find the
> '}' and replace it with a NUL.
nate token.
This results in less code and is more easily audited.
I've also removed the duplicate check for *(pbuf+1) != '{'.
OK?
- todd
Index: usr.sbin/smtpd/mda_variables.c
===
RCS file: /cvs/src/usr.sbin/smtpd/mda_variables.c,v
retrieving re
Hi
On github someone reported an issue[0] regarding localhost MX entries.
Currently smtpd will just use the localhost relay. This leads to a
loop. Here a patch filtering localhost and localhost addresses for MX
requests.
As next step you could implement Null-MX (rfc 7505).
Philipp
[0] https
Hi,
This is another try to add table-procexec to smtpd. This allows for table
backends to communicate with smtpd with a very simple line protocol, similar to
filter proc-exec.
The code is simple enough and after a bit of time can be used as a replace for
table-proc (which uses imsg
Errata patches for LibreSSL libcrypto, X11 server, and smtpd have
been released for OpenBSD 7.1 and 7.2.
Binary updates for the amd64, i386 and arm64 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org
I took another look at this and it seems correct to me. We should
not really be using tx->evp.rcpt after the it has been added to the
tx->rcpts list.
I plan to commit it unless there are objections.
- todd
ccessful recipient but with a failed
>> rcpt to: command afterward generates an incorrect Received: header.
...
>> The following patch fixes the problem:
>> Index: smtp_session.c
>> ===
>> RCS file: /cvs/src/usr.sbin/smt
Two more, then all daemons in my accumulated `rcctl ls on' output should
be covered.
OK?
Index: smtpd
===
RCS file: /cvs/src/etc/rc.d/smtpd,v
retrieving revision 1.7
diff -u -p -r1.7 smtpd
--- smtpd 11 Jan 2018 19:52:12 -
but with a failed
>> rcpt to: command afterward generates an incorrect Received: header.
...
>> The following patch fixes the problem:
>> Index: smtp_session.c
>> ===
>> RCS file: /cvs/src/usr.sbin/smtpd/smtp_
with ESMTP id 8f9363cc for
; Sat, 8 Oct 2022 12:08:48 -0600 (MDT)
Message-ID:
test
The following patch fixes the problem:
Index: smtp_session.c
===
RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v
retrieving revision 1.432
Errata patches for smtpd have been released for OpenBSD 7.0 and 7.1.
Binary updates for the amd64, i386 and arm64 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata70.html
https://www.openbsd.org
A server that supports enhanced status codes must use them for all
replies.
---
usr.sbin/smtpd/bounce.c | 2 +-
usr.sbin/smtpd/lka_session.c | 4 ++--
usr.sbin/smtpd/smtp_session.c | 3 ++-
3 files changed, 5 insertions(+), 4 deletions(-)
diff --git usr.sbin/smtpd/bounce.c usr.sbin/smtpd
On Sat, Feb 12, 2022 at 02:49:46PM +0100, Eric Faurot wrote:
> On Sun, Jan 30, 2022 at 10:55:40AM +0100, Eric Faurot wrote:
> > Hi.
> >
> > This diff makes use of the new libtls signer api to simplify tls privsep.
>
> Updated diff after libtls signer api tweak by jsing@
ok tb
RCS file: /cvs/src/usr.sbin/smtpd/ca.c,v
retrieving revision 1.40
diff -u -p -r1.40 ca.c
--- ca.c14 Jun 2021 17:58:15 - 1.40
+++ ca.c12 Feb 2022 12:49:04 -
@@ -1,6 +1,7 @@
/* $OpenBSD: ca.c,v 1.40 2021/06/14 17:58:15 eric Exp $*/
/*
+ * Copyright (c) 2021 Er
Hi.
This diff makes use of the new libtls signer api to simplify tls privsep.
Eric.
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/smtpd/ca.c,v
retrieving revision 1.40
diff -u -p -r1.40 ca.c
--- ca.c14 Jun 2021 17:58:15 -
On Nov 25 01:38:35, h...@stare.cz wrote:
> On Nov 24 14:47:48, j...@maudlin.dev wrote:
> >
> > Jan Stary writes:
> > > smtpd just failed to parse a SMTP response (below),
> > > saying 'line too long'.
> > >
> > > Looking at the sourc
On Nov 24 14:47:48, j...@maudlin.dev wrote:
>
> Jan Stary writes:
> > smtpd just failed to parse a SMTP response (below),
> > saying 'line too long'.
> >
> > Looking at the source, this seems to be parse_smtp_response() in util.c,
> > which errors out
This is current/amd64 on a PC.
smtpd just failed to parse a SMTP response (below),
saying 'line too long'.
Looking at the source, this seems to be parse_smtp_response() in util.c,
which errors out right away with
if (len >= LINE_MAX)
return "line too long"
Crystal Kolipe [kolip...@exoticsilicon.com] wrote:
> On Mon, Nov 08, 2021 at 06:13:14PM +, Stuart Henderson wrote:
> > On 2021/11/08 14:52, Crystal Kolipe wrote:
> > > I'm not aware of a 'wiz' command in any SMTP related RFC.
> > This will become clear if you look into sendmail history :)
>
>
On Mon, Nov 08, 2021 at 06:13:14PM +, Stuart Henderson wrote:
> On 2021/11/08 14:52, Crystal Kolipe wrote:
> > I'm not aware of a 'wiz' command in any SMTP related RFC.
> This will become clear if you look into sendmail history :)
Got it :).
I assume that this won't be implemented in OpenBSD
On 2021/11/08 14:52, Crystal Kolipe wrote:
> src/usr.sbin/smtpd/smtp_session.c contains the following code:
>
> 1892static void
> 1893smtp_proceed_wiz(struct smtp_session *s, const char *args)
> 1894{
> 1895smtp_reply(s, "
src/usr.sbin/smtpd/smtp_session.c contains the following code:
1892 static void
1893 smtp_proceed_wiz(struct smtp_session *s, const char *args)
1894 {
1895 smtp_reply(s, "500 %s %s: this feature is not supported yet
;-)",
1896 esc_code(ESC_STATU
Hi
Crystal Kolipe wrote:
> I sent this to bugs@ a while back, but it seems to have been missed.
>
> smtpd-filters.7 is not installed by default.
>
> --- usr.sbin/smtpd/smtpd/Makefile.distWed Apr 21 04:54:10 2021
> +++ usr.sbin/smtpd/smtpd/Makefile Mon Oc
On Mon, Oct 25, 2021 at 04:12:17PM +0100, Larry Hynes wrote:
> Hi
>
> Crystal Kolipe wrote:
> > I sent this to bugs@ a while back, but it seems to have been missed.
> >
> > smtpd-filters.7 is not installed by default.
> >
> > --- usr.sbin/smtpd/smtpd/Make
I sent this to bugs@ a while back, but it seems to have been missed.
smtpd-filters.7 is not installed by default.
--- usr.sbin/smtpd/smtpd/Makefile.dist Wed Apr 21 04:54:10 2021
+++ usr.sbin/smtpd/smtpd/Makefile Mon Oct 25 11:54:39 2021
@@ -76,7 +76,7 @@
SRCS+= stat_ramstat.c
ibe the platform you are building on and
> show the compile errors.
Oh sorry, I currently work on Debian and FreeBSD.
Error on Debian 11.1 with clang-11:
==
clang-11 -DHAVE_CONFIG_H -I. -I../.. -I../../usr.sbin/smtpd
-I../../openbsd-compat -I../../o
;
> diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
> index 7de52a1c568..b1307c4daa6 100644
> --- a/usr.sbin/smtpd/parse.y
> +++ b/usr.sbin/smtpd/parse.y
> @@ -28,6 +28,8 @@
> #include
> #include
>
> +#include
> +#include
> #include
> #include
>
Hello
As said in the other mail I'm currently working on building OpenSMTPD
on other platforms. A problem I found is the workaround for
sin6_scope_id. The problem with the workaround is that FreeBSD don't
expose IN6_IS_ADDR_MC_INTFACELOCAL(). After a bit digging in the code
I found this
Hello
I'm currently working on getting OpenSMTPD-portable build. During this
I found some missing includes.
diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
index 7de52a1c568..b1307c4daa6 100644
--- a/usr.sbin/smtpd/parse.y
+++ b/usr.sbin/smtpd/parse.y
@@ -28,6 +28,8 @@
#include
October 11, 2021 4:44 PM, gil...@poolp.org wrote:
> October 8, 2021 11:34 PM, "aisha" wrote:
>
>> Hi all,
>> I am still working on the table-procexec for opensmtpd
>> and while there, I was thinking of how to do authentication
>> using LDAP, which the current table-ldap from ports does not
>>
October 8, 2021 11:34 PM, "aisha" wrote:
> Hi all,
> I am still working on the table-procexec for opensmtpd
> and while there, I was thinking of how to do authentication
> using LDAP, which the current table-ldap from ports does not
> support.
> The primary reason for that, I believe, is that
maller set of addresses.
>
> It should not affect any workflow, so testing from others
> would be appreciated.
>
> Cheers,
> Aisha
>
Same patch but change my horrible enums representation to bitshifts
diff --git a/usr.sbin/smtpd/aliases.c b/usr.sbin/smtpd/aliases.c
index a4
--git a/usr.sbin/smtpd/aliases.c b/usr.sbin/smtpd/aliases.c
index a473aeca189..8e3835f78a6 100644
--- a/usr.sbin/smtpd/aliases.c
+++ b/usr.sbin/smtpd/aliases.c
@@ -45,7 +45,7 @@ aliases_get(struct expand *expand, const char *username)
/* first, check if entry has a user-part tag
panded address ("dest") and not the original address ("rcpt").
> This diff should fix it.
>
> Eric.
>
>
> Index: lka_session.c
> ===
> RCS file: /cvs/src/usr.sbin/smtpd/lka_session.c,v
> retrieving
On Wed, 22 Sep 2021 15:46:13 +0200, Eric Faurot wrote:
> A user reported that decoded SRS addresses are not correctly evaluated
> against the ruleset. That's because the ruleset always matches against
> the expanded address ("dest") and not the original address ("rcpt").
> This diff should fix
Index: lka_session.c
===
RCS file: /cvs/src/usr.sbin/smtpd/lka_session.c,v
retrieving revision 1.95
diff -u -p -r1.95 lka_session.c
--- lka_session.c 14 Jun 2021 17:58:15 - 1.95
+++ lka_session.c 21 Sep 2021 19:21:18 -
@@ -280,19 +280,19
contexts.
>
> Index: table_db.c
> ===
> RCS file: /cvs/src/usr.sbin/smtpd/table_db.c,v
> retrieving revision 1.22
> diff -u -p -r1.22 table_db.c
> --- table_db.c 23 Jan 2021 16:11:11 - 1.22
> +++ table_db.
===
RCS file: /cvs/src/usr.sbin/smtpd/table_db.c,v
retrieving revision 1.22
diff -u -p -r1.22 table_db.c
--- table_db.c 23 Jan 2021 16:11:11 - 1.22
+++ table_db.c 29 Aug 2021 20:08:30 -
@@ -55,7 +55,9 @@ static char *table_db_get_entry_match(vo
struct table_backend table_backend_db
Hi,
Currently smtpd-filters.7 is not installed by default, which looks like an
oversight.
The patch below adds smtpd-filters.7 to usr.sbin/smtpd/smtpd/Makefile
untrusted comment: verify with signify key for exoticsilicon.com
RWRn5d3Yx35u06SleiMhZhW6FXYvG0NkGlXPEX94Q7SMqURZ
certificate
is not very useful in practice (handshake fails before if it was
required anyway), and it is even confusing for people.
I think it can go away.
Eric.
Index: smtp_session.c
===
RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v
On Wed, 30 Jun 2021 14:37:44 +0200, Eric Faurot wrote:
> Except for specific cases, SMTP servers do not expect client
> certificates for TLS sessions. The log message for missing certificate
> is not very useful in practice (handshake fails before if it was
> required anyway), and it is even
: smtp_session.c
===
RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v
retrieving revision 1.431
diff -u -p -r1.431 smtp_session.c
--- smtp_session.c 14 Jun 2021 17:58:16 - 1.431
+++ smtp_session.c 30 Jun 2021 08:09:29 -
>
> I am unsure what you mean by a handshake.
>
sure, so let's look at procexec for filters:
- when the server starts, it forks the filters and begins a handshake with each
of them,
emitting the following (for example):
config|smtpd-version|6.6.1
config|smtp-session-timeout|300
me issues, this is precisely so that there’s no
> > need to bump every other day as we already figured what was needed for
> > third party adding to interoperate with smtpd.
> > This also has the advantage that you can have a single parser handle these
> > different API instead of
; The protocol is based on the filter protocol, follows the same logic and line
> header to solve the same issues, this is precisely so that there’s no need to
> bump every other day as we already figured what was needed for third party
> adding to interoperate with smtpd.
> This als
> On 12 Jun 2021, at 18:57, Aisha Tammy wrote:
>
> On 6/12/21 9:15 AM, Eric Faurot wrote:
>> On Wed, Jun 09, 2021 at 05:41:36PM -0400, Aisha Tammy wrote:
>>> Hi,
>>> Here is the updated diff, which removes table_proc and adds
>>> table_procexec as the default backend when no backend name
On 6/12/21 9:15 AM, Eric Faurot wrote:
On Wed, Jun 09, 2021 at 05:41:36PM -0400, Aisha Tammy wrote:
Hi,
Here is the updated diff, which removes table_proc and adds table_procexec
as the default backend when no backend name matches.
Hi.
I'm not opposed to the idea, but I have a couple of
On Wed, Jun 09, 2021 at 05:41:36PM -0400, Aisha Tammy wrote:
> Hi,
> Here is the updated diff, which removes table_proc and adds table_procexec
> as the default backend when no backend name matches.
>
Hi.
I'm not opposed to the idea, but I have a couple of comments:
First, if the two
Hi,
Here is the updated diff, which removes table_proc and adds table_procexec as
the default backend when no backend name matches.
With this diff, I have the following configuration for smtpd:
# $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $
# This is the smtpd server
1 - 100 of 546 matches
Mail list logo
