Re: opensmtpd forwarding sent mail and extras-pgsql
Howdie, On Thu, Jun 06, 2019 at 08:17:52PM +, Benny wrote: > First of all, I really appreciate your work on Opensmtpd. In the past few > days of planning and configurating(still working on it). I realize the beauty > in smtpd's simplicity. > Thanks > My quests were quite stupid as I didn't know imap mail clients send the > message to the smtp server and the imap as "Sent" for every outgoing email. > > The man page from the port source was enough for my setup. > I've seen more stupid quests so don't beat yourself up ;-) > By the way, does Opensmtpd support milter for rspam now? I have seen blogs > about it being upstreamed, but found nothing from smtpd.conf(5). > Since you're asking, I'll take the opportunity to provide details ;-) OpenSMTPD supports a filtering interface that is different (and simpler) than milters, so you won't be able to use the existing milter for rspamd BUT writing a native filter is trivial (as in shell scripting trivial). I wrote a native rspamd filter, with greylisting and dkim-signing logic, all it took was an hour and a couple hundred lines of code. It won't get released because it's just a proof-of-concept, lacking robustness, and I don't feel like maintaining it, but there will surely be implementations available soon after the release. The code is already in current for the most part but there are still few minor bugs to fix, things to change in the API, and you should stay away of it if you can't write code at the moment. Some people already wrote a few useful filters and are using them daily, so this is more than usable at this point, my plan is for the filter API to be made rock-solid for 6.6. > Once again, thank you for this amazing piece of software. > Thanks :-) -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
Move romp.html and testimonials.html to the Attic?
Files www/romp.html and www/testimonials.html are not linked to from any other webpage of the OpenBSD website. May be they could be moved to the Attic. Edward
Re: opensmtpd forwarding sent mail and extras-pgsql
Thank you for your reply. I found the man page from source, that really helps. Please forget the "Sent Mail" part, I didn't know enough. (Email clients send a copy to imap server for every outgoing mail) On getting dovecot to work with smtpd, I found a blog detailing dovecot-lda MTA wrapped with rspamc. qwerjkl ‐‐‐ Original Message ‐‐‐ On Wednesday, June 5, 2019 7:49 PM, Graeme Lee wrote: On 6/06/2019 6:50 am, Gilles Chehade wrote: On Mon, Jun 03, 2019 at 05:44:41PM +, Benny wrote: Hi, Hi, I am planning a mail server of opensmtpd and dovecot. I'd be glad to know if there is any way to save a copy of mail to dovecot's "Sent" mail box before relaying them out. sorry, I don't know dovecot enough for tricks and hacks. it's possible that it's doable through some weird trick when smtpd would notify dovecot somehow of messages that were sent, but I doubt it and it is generally the mail user agent that does the link between mails it did send over SMTP and copies it stores through IMAP. I am also not about find any docs on opensmtpd-extra-pgsql. Is there any guide to link postgresql up with smtpd for virtual users? There's a man page but no guide no. There are several tutorials for using SQLite and MySQL if you google and they are pretty much identical in terms of configuration. Hi Benny. I use Cyrus and Postgresql with smtpd. Everything you need for virtual users is in table-sqlite(5), but you will want to use IDENTITY or SERIAL for the ID column. (There is a man page for table-postgres(5) in the source, but it isn't installed) I can't speak for Dovecot. But I use LMTP to deliver locally to the cyrus mailer. Two actions are needed (below) to route to the local mail store. is /etc/mail/aliases, is the database table. incoming email === action "cyrus" lmtp "127.0.0.1:2003" rcpt-to virtual locally generated email (system /etc/mail/aliases - alias root to a some...@your.local.domain.com) action "cyrus_internal" lmtp "127.0.0.1:2003" rcpt-to alias match from local for local action "cyrus_internal" match from any for domain action "cyrus"
Re: opensmtpd forwarding sent mail and extras-pgsql
First of all, I really appreciate your work on Opensmtpd. In the past few days of planning and configurating(still working on it). I realize the beauty in smtpd's simplicity. My quests were quite stupid as I didn't know imap mail clients send the message to the smtp server and the imap as "Sent" for every outgoing email. The man page from the port source was enough for my setup. By the way, does Opensmtpd support milter for rspam now? I have seen blogs about it being upstreamed, but found nothing from smtpd.conf(5). Once again, thank you for this amazing piece of software. qwejrkl ‐‐‐ Original Message ‐‐‐ On Wednesday, June 5, 2019 1:50 PM, Gilles Chehade wrote: > On Mon, Jun 03, 2019 at 05:44:41PM +, Benny wrote: > > > Hi, > > Hi, > > > I am planning a mail server of opensmtpd and dovecot. I'd be glad to know > > if there is any way to save a copy of mail to dovecot's "Sent" mail box > > before relaying them out. > > sorry, I don't know dovecot enough for tricks and hacks. > > it's possible that it's doable through some weird trick when smtpd would > notify dovecot somehow of messages that were sent, but I doubt it and it > is generally the mail user agent that does the link between mails it did > send over SMTP and copies it stores through IMAP. > > > I am also not about find any docs on opensmtpd-extra-pgsql. Is there any > > guide to link postgresql up with smtpd for virtual users? > > There's a man page but no guide no. > > There are several tutorials for using SQLite and MySQL if you google and > they are pretty much identical in terms of configuration. > > -- > > Gilles Chehade @poolpOrg > > https://www.poolp.org tip me: https://paypal.me/poolpOrg
Re: exFAT devices not detected
Working again with today's snapshot. Regards, --- Oriol Demaria 2FFED630C16E4FF8 On 31/05/2019 15:42, Oriol Demaria wrote: I tested this before, even I have some hotplugd script to mount this devices, but since some days ago exFAT formatted devices are not detected and won't even appear on dmesg. Does anyone seen this behaviour too? Thanks.
Re: Behaviour of eval in sh(1) and ksh(1) in AND-OR list with set -e
On 2019-06-05, Andreas Kusalananda Kähäri wrote: > When running under set -e, why does > eval false || echo ok > terminate the script with the execution of eval? I think that's a bug. > then why does the below behave differently? > eval ! true || echo ok That's actually the documented, POSIX-specified behavior. Somewhat bizarrely, ! disables errexit. The eval doesn't matter here. -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: SSL_ERROR_DECODE_ERROR_ALERT in Fedora 30 Firefox when connecting to some OpenBSD servers
Stuart Henderson писал 2019-06-05 17:10: On 2019-06-05, Frank Groeneveld wrote: On Wed, Jun 5, 2019, at 08:07, Frank Groeneveld wrote: After updating to Firefox 67.0 on Fedora 30 it seems some OpenBSD servers cannot be reached over HTTPS anymore. The error produced is SSL_ERROR_DECODE_ERROR_ALERT. I get this with some of my own servers, but also with https://cvsweb.openbsd.org/ Anybody know what is going on? Chromium and openssl s_client on the same system works fine and the same Firefox version in Ubuntu, Mac OS and Windows don't have this problem. Thanks in advance. Sorry for the noise, apparently there is a bug in the Fedora side when connecting with newer versions of LibreSSL. Related bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1713777 The bug is server-side not client, looks like it would have been introduced around January, and fixed in lib/libssl/ssl_tlsext.c r1.49 revision 1.49 date: 2019/05/29 17:28:37; author: jsing; state: Exp; lines: +2 -5; commitid: DLpHk0vyoFEK0Baa; Relax parsing of TLS key share extensions on the server. The RFC does not require X25519 and it also allows clients to send an empty key share when the want the server to select a group. The current behaviour results in handshake failures where the client supports TLS 1.3 and sends a TLS key share extension that does not contain X25519. Issue reported by Hubert Kario via github. ok tb@ Excuse me, can this issue also break dovecot and latest thunderbird? With the latest thunderbird 60.7.0 (on fedora) my dovecot (and opensmtpd) suddenly refuse to log me in. Dovecot shows something like this in logs: TLS handshaking: SSL_accept() failed: error:140270E3:SSL routines:ACCEPT_SR_CLNT_HELLO_C:parse tlsext I found workarond for this, by switching from "STARTTLS" to SLL/TLS for imap. But OpenSMTPD still not working. As I said, this behavior appeared in latest thunderbird 60.7.0. Older versions of thunderbird work.
Re: Filesystem corruption on OpenBSD routers after power outage?
Yeah Marko, this blog did help me when I was resarching the issue ... Cheers, On Thu, 6 Jun 2019 at 10:07, Marko Cupać wrote: > On Tue, 04 Jun 2019 19:30:08 + > Mogens Jensen wrote: > > > Can anyone with experience running OpenBSD routers without UPS, tell > > if filesystem corruption is going to be a problem after power > > outages, or if there are any officially supported ways to make the > > system resilient enough to not break after a power outage? > > I have described my !!!UNSUPPORTED!!! setup !!!WARNING, BLATANT > SELF-PROMOTION!!! here: > > > https://www.mimar.rs/blog/how-to-increase-openbsds-resilience-to-power-outages > > So far I have two 6.5's on PCengine's apu2d4 (~20 6.2-6.4's). The only > "problem" I have since 6.4 is that I have to mount / rw when tcpdumping > because unveil does not like ro /etc. > > HTH, > -- > Before enlightenment - chop wood, draw water. > After enlightenment - chop wood, draw water. > > Marko Cupać > https://www.mimar.rs/ > > -- Kindest regards, Tom Smyth.
Re: Filesystem corruption on OpenBSD routers after power outage?
On Tue, 04 Jun 2019 19:30:08 + Mogens Jensen wrote: > Can anyone with experience running OpenBSD routers without UPS, tell > if filesystem corruption is going to be a problem after power > outages, or if there are any officially supported ways to make the > system resilient enough to not break after a power outage? I have described my !!!UNSUPPORTED!!! setup !!!WARNING, BLATANT SELF-PROMOTION!!! here: https://www.mimar.rs/blog/how-to-increase-openbsds-resilience-to-power-outages So far I have two 6.5's on PCengine's apu2d4 (~20 6.2-6.4's). The only "problem" I have since 6.4 is that I have to mount / rw when tcpdumping because unveil does not like ro /etc. HTH, -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
Re: Xorg blanks until I switch to a TTY and back on 6.5
On Wed May 1 2019 14:53, Daniel Bolgheroni wrote: > On Wed, May 01, 2019 at 04:43:09PM +, Jonathan Gray wrote: > > On Wed, May 01, 2019 at 12:34:12PM -0300, Daniel Bolgheroni wrote: > > > On Mon, Apr 29, 2019 at 07:05:25AM +, Jonathan Gray wrote: > > > > Does this help? > > > > > > It was already commited but fixed the problem here. > > > > > > However, I still can't see the correct modes set for LVDS-1 and for the > > > external monitor on HDMI-1. An ultrawide 2560x1080 monitor can see at most > > > 1920x1080, but worked fine with the previous drm. > > > > There is a change queued for the next 4.19 release which concerns the > > modesetting xorg driver, I'm not sure if it is relevant: > > > > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/plain/queue-4.19/revert-drm-i915-fbdev-actually-configure-untiled-displays.patch > > It's not, I'm sorry. I will try the next iteractions. > > Thank you for your work. Someone opened a bug on freedesktop's bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=110629
Re: Behaviour of eval in sh(1) and ksh(1) in AND-OR list with set -e
On Wed, Jun 05, 2019 at 08:05:48PM +0200, Andreas Kusalananda Kähäri wrote: > When running under set -e, why does > > eval false || echo ok Just to clarify: OpenBSD's sh(1) and ksh(1) make it impossible to run code like set -e if eval "$string"; then echo ok else echo not ok fi where "$string" is a piece of code that returns a non-zero exit status. This script would not output anything with string=false, for example, even though the eval occurs as a test within a conditional statement. > > terminate the script with the execution of eval? As far as I know, the > OpenBSD sh(1) and ksh(1) shells are the only ones doing that. > > If we take termination of the script as a given in the above scenario > (even if it feel a bit odd since it's in an AND-OR list), then why does > the below behave differently? > > eval ! true || echo ok > > This would not terminate the shell regardless of set -e or not. > > Is that a bug or is it a different interpretation of the standard? > > > > -- > Kusalananda > Sweden -- Kusalananda Sweden
Re: Flask and uWSGI on OpenBSD httpd
https://uwsgi.readthedocs.io/en/latest/OpenBSDhttpd.html?highlight=openbsd -- Best regards Maksim Rodin 06.06.2019, 09:02, "Tito Mari Francis Escaño" : > Good day to everyone on misc, > I’m trying to setup a Flask-based web application on OpenBSD 6.5 and I keep > encountering mention of uWSGI in integrating it with OpenBSD httpd, but I > found there were very few and vague resources online. > I have already figured out what packages I should use, I used the provided > Python 3.6.8p0 and py3-flask package. > Further I installed uwsgi thru “pip install uwsgi”, but there were no > references for integrating the uwsgi with httpd, what should be the > configuration of the httpd for this? > Can somebody please point me to references I should look into to make this > happen? > Would greatly appreciate your help. > Thanks.
Flask and uWSGI on OpenBSD httpd
Good day to everyone on misc, I’m trying to setup a Flask-based web application on OpenBSD 6.5 and I keep encountering mention of uWSGI in integrating it with OpenBSD httpd, but I found there were very few and vague resources online. I have already figured out what packages I should use, I used the provided Python 3.6.8p0 and py3-flask package. Further I installed uwsgi thru “pip install uwsgi”, but there were no references for integrating the uwsgi with httpd, what should be the configuration of the httpd for this? Can somebody please point me to references I should look into to make this happen? Would greatly appreciate your help. Thanks.
