Requesting a feature at OpenSMTPD. Date: 8 Sept 2023, 14:50 From: sagaracha...@tutanota.com To: b...@opensmtpd.org Subject: FWD: Re: Setting personal mailserver
> I request a feature from all the devs. > > This would enable users of smtpd to host an email server at any port instead > of standard 25. > > More details can be read at later parts of debate between Stuart and me at > misc mailing list. > > I await your reply. > > Thanking you > Sagar Acharya > https://humaaraartha.in > > > > Date: 8 Sept 2023, 11:21 > From: sagaracha...@tutanota.com > To: stua...@longlandclan.id.au > Cc: m...@opensmtpd.org > Subject: Re: Setting personal mailserver > > >> Thank you Stuart. That is very helpful. >> >> SRV records would get port, like >> >> https://xmpp.org/extensions/xep-0368.html >> >> The logic would be like, say there is opensmtpd on the other server too. >> >> dig _mail._smtp.humaaraartha.in. SRV >> get_port_from_SRV() >> if found_different_port() try_port() >> else try_25() >> >> Caching can also be done for future requests. >> >>> You and I are small fish. I've been mucking around with mail servers pretty >>> much this whole century so far. >>> >> >> OpenBSD and suckless are moving forward and providing solutions. Which >> mailserver do you use? If we can establish that any software be run on any >> port, then blocking ports won't make sense. Besides, they can block any >> domains and they already do if they find spam there. SPAM is just an excuse. >> Thanking you >> Sagar Acharya >> https://humaaraartha.in >> >> >> >> 8 Sept 2023, 03:55 by stua...@longlandclan.id.au: >> >>> On 7/9/23 20:44, Sagar Acharya wrote: >>> >>>> Let the mail providers have their setups. Is it possible to have a >>>> configuration where I have 2 servers, example.com example2.com where I can >>>> send and receive emails on ports say, 777 on plaintext, starttls optional >>>> and port 778 with smtps? >>>> >>>> Give me a configuration for such a thing. >>>> >>>> humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" >>>> humaaraartha.in. TXT "resports:777,778" >>>> >>> humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. >>> >>>> humaaraartha.in. A {myipv4address} >>>> That is all you have, nothing more for both servers. Can you help me send >>>> and recieve mails on ports 777,778 with just above DNS and smtpd? I can >>>> add SRV records for detection of ports 777, 778 if you want. >>>> >>> >>> Okay, not quite sure what the "resports" TXT record is achieving (a quick >>> search on the topic didn't reveal any documentation on how it was supposed >>> to work or correct syntax). I won't labour the point about outgoing port >>> 25 traffic since others have covered this already. >>> >>> You can of course use different ports between servers on an agreed-upon >>> manner. e.g. say we have a server, bnemx.vk4msl.com, running OpenSMTPD: >>> >>>> vk4msl-bne# cat /etc/mail/smtpd.conf >>>> # $OpenBSD: >>>> smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $ >>>> >>>> # This is the smtpd server system-wide configuration file. >>>> # See smtpd.conf(5) for more information. >>>> >>>> #table aliases file:/etc/mail/aliases >>>> table virtualdomains file:/etc/mail/virtualdomains >>>> table virtualusers file:/etc/mail/virtualusers >>>> >>>> pki bnemx cert "/etc/ssl/bnemx.vk4msl.com.fullchain.pem" >>>> pki bnemx key "/etc/ssl/private/bnemx.vk4msl.com.key" >>>> pki bnemx dhe auto >>>> >>>> listen on socket >>>> listen on all tls pki bnemx >>>> >>> … etc, I won't post the full config. >>> >>> Those `listen` lines are the key, from smtpd.conf manpage: >>> >>>> listen on interface [family] [options] >>>> Listen on the interface for incoming connections, using the same >>>> syntax as ifconfig(8). The interface parameter may also be an >>>> interface group, an IP address, or a domain name. Listening can >>>> optionally be restricted to a specific address family, which can >>>> be either inet4 or inet6. >>>> >>> >>> In amongst the options: >>> >>>> port [port] >>>> Listen on the given port instead of the default port 25. >>>> >>> >>> So if I chose to, I could add: >>> >>> listen on all port 777 >>> >>> and then re-start smtpd, I'd now be listening on port 777. >>> >>> You could then tell your SMTP server to send to port 777 when sending to my >>> domain. >>> >>> But doing so would be useless: >>> - no one else would bother using port 777/tcp: they would most likely use >>> port 25 >>> - you wouldn't be able to send to any other server, unless they too, chose >>> to use port 777/tcp. >>> >>> If you have a good proposal for how such alternative ports could be >>> advertised (maybe via DNS TXT record), perhaps you could propose that as a >>> Request For Comment to the Internet Engineering Task Force… and maybe if >>> enough people thought it was a good idea, it would be adopted with its own >>> official RFC number (like RFC-821, later replaced by RFC-2821 and RFC-5321). >>> >>> That though, won't mean instant ability to pick your own port number. The >>> "alternate port number" feature would then need to be added to the various >>> SMTP servers out there. Then sysadmins would need to install that version. >>> >>> This may take years, or even never happen in some cases. (Qmail is still >>> IPv4-only because the author believes IPv6 is unnecessary.) >>> >>> Regardless of what you think of spam or how to fight it, the truth is the >>> small fish don't make the rules in this game. You and I are small fish. >>> I've been mucking around with mail servers pretty much this whole century >>> so far. >>> >>> I started with trialling something over dial-up (ever seen a 56kbps modem >>> screaming under the strain of an outbound mail queue stuffed with spam? I >>> have!)… moved to using Sendmail on an old Slackware server hosted on ADSL >>> with 2GB SCSI disks and a self-signed HTTPS certificate for webmail in >>> 2001. Been running my own server ever since. >>> >>> It's not impossible to do it yourself, and dealing with spam is a constant >>> cat-and-mouse game. Things have become more complex out of necessity (I >>> didn't bother with DKIM until Google started mandating it for example), but >>> even then, not overly difficult. >>> >>> The minimum standard however has changed over the years as requirements >>> changed. That includes: >>> >>> - outbound SMTP unblocked -- pretty much since forever since that's how >>> TCP/IP works >>> - static IPv4 -- dynamic IPv4 has not been possible since ~2004 or so >>> - SPF DNS records -- since ~2010 or so >>> - DKIM signing and DMARC policies -- since ~2020 >>> >>> Some day, IPv6 may be a requirement as the IPv4 address space dries up. >>> >>> It's no good "wishing" it to be different. In the future it may become >>> impossible for me to run my own server on the home connection, and I may >>> have to look into alternate mail arrangements. >>> >>> At least you don't have to ask for your chosen host name to be added to the >>> "master" /etc/hosts file. We have this thing called "DNS". >>> >>> Unless you can convince some very high-profile SMTP server operators, many >>> of whom do not read this list (e.g. the admins of Gmail, Office365, etc), >>> nothing much will change. >>> -- >>> Stuart Longland (aka Redhatter, VK4MSL) >>> >>> I haven't lost my mind... >>> ...it's backed up on a tape somewhere. >>>
