Re: opensmtpd forwarding sent mail and extras-pgsql

2019-06-06 Thread Gilles Chehade
Howdie,

On Thu, Jun 06, 2019 at 08:17:52PM +, Benny wrote:
> First of all, I really appreciate your work on Opensmtpd. In the past few 
> days of planning and configurating(still working on it). I realize the beauty 
> in smtpd's simplicity.
> 

Thanks


> My quests were quite stupid as I didn't know imap mail clients send the 
> message to the smtp server and the imap as "Sent" for every outgoing email.
> 
> The man page from the port source was enough for my setup.
> 

I've seen more stupid quests so don't beat yourself up ;-)


> By the way, does Opensmtpd support milter for rspam now? I have seen blogs 
> about it being upstreamed, but found nothing from smtpd.conf(5).
> 

Since you're asking, I'll take the opportunity to provide details ;-)

OpenSMTPD supports a filtering interface that is different (and simpler)
than milters, so you won't be able to use the existing milter for rspamd
BUT writing a native filter is trivial (as in shell scripting trivial).

I wrote a native rspamd filter, with greylisting and dkim-signing logic,
all it took was an hour and a couple hundred lines of code. It won't get
released because it's just a proof-of-concept, lacking robustness, and I
don't feel like maintaining it, but there will surely be implementations
available soon after the release.

The code is already in current for the most part but there are still few
minor bugs to fix, things to change in the API, and you should stay away
of it if you can't write code at the moment.

Some people already wrote a few useful filters and are using them daily,
so this is more than usable at this point, my plan is for the filter API
to be made rock-solid for 6.6.


> Once again, thank you for this amazing piece of software.
> 

Thanks :-)


-- 
Gilles Chehade @poolpOrg

https://www.poolp.org tip me: https://paypal.me/poolpOrg



Move romp.html and testimonials.html to the Attic?

2019-06-06 Thread Edward
Files www/romp.html and www/testimonials.html are not linked to from
any other webpage of the OpenBSD website. May be they could be moved
to the Attic.

Edward



Re: opensmtpd forwarding sent mail and extras-pgsql

2019-06-06 Thread Benny
Thank you for your reply. I found the man page from source, that really helps.

Please forget the "Sent Mail" part, I didn't know enough. (Email clients send a 
copy to imap server for every outgoing mail)

On getting dovecot to work with smtpd, I found a blog detailing dovecot-lda MTA 
wrapped with rspamc.

qwerjkl

‐‐‐ Original Message ‐‐‐
On Wednesday, June 5, 2019 7:49 PM, Graeme Lee  wrote:

 On 6/06/2019 6:50 am, Gilles Chehade wrote:

  On Mon, Jun 03, 2019 at 05:44:41PM +, Benny wrote:
 
   Hi,
 
  Hi,
 
   I am planning a mail server of opensmtpd and dovecot. I'd be 
glad to know if there is any way to save a copy of mail to dovecot's "Sent" 
mail box before relaying them out.
 
  sorry, I don't know dovecot enough for tricks and hacks.
  it's possible that it's doable through some weird trick when smtpd 
would
  notify dovecot somehow of messages that were sent, but I doubt it and 
it
  is generally the mail user agent that does the link between mails it 
did
  send over SMTP and copies it stores through IMAP.
 
   I am also not about find any docs on opensmtpd-extra-pgsql. Is 
there any guide to link postgresql up with smtpd for virtual users?
 
  There's a man page but no guide no.
  There are several tutorials for using SQLite and MySQL if you google 
and
  they are pretty much identical in terms of configuration.

 Hi Benny.

 I use Cyrus and Postgresql with smtpd. Everything you need for 
virtual
 users is in table-sqlite(5), but you will
 want to use IDENTITY or SERIAL for the ID column. (There is a man page
 for table-postgres(5) in the source,
 but it isn't installed)

 I can't speak for Dovecot. But I use LMTP to deliver locally to the
 cyrus mailer. Two actions are needed (below)
 to route to the local mail store.  is /etc/mail/aliases,
  is the database table.

 incoming email

 ===

 action "cyrus" lmtp "127.0.0.1:2003" rcpt-to virtual 

 locally generated email (system /etc/mail/aliases - alias root to a

 

 some...@your.local.domain.com)
 action "cyrus_internal" lmtp "127.0.0.1:2003" rcpt-to alias 

 match from local for local action "cyrus_internal"
 match from any for domain  action "cyrus"





Re: opensmtpd forwarding sent mail and extras-pgsql

2019-06-06 Thread Benny
First of all, I really appreciate your work on Opensmtpd. In the past few days 
of planning and configurating(still working on it). I realize the beauty in 
smtpd's simplicity.

My quests were quite stupid as I didn't know imap mail clients send the message 
to the smtp server and the imap as "Sent" for every outgoing email.

The man page from the port source was enough for my setup.

By the way, does Opensmtpd support milter for rspam now? I have seen blogs 
about it being upstreamed, but found nothing from smtpd.conf(5).

Once again, thank you for this amazing piece of software.

qwejrkl

‐‐‐ Original Message ‐‐‐
On Wednesday, June 5, 2019 1:50 PM, Gilles Chehade  wrote:

> On Mon, Jun 03, 2019 at 05:44:41PM +, Benny wrote:
>
> > Hi,
>
> Hi,
>
> > I am planning a mail server of opensmtpd and dovecot. I'd be glad to know 
> > if there is any way to save a copy of mail to dovecot's "Sent" mail box 
> > before relaying them out.
>
> sorry, I don't know dovecot enough for tricks and hacks.
>
> it's possible that it's doable through some weird trick when smtpd would
> notify dovecot somehow of messages that were sent, but I doubt it and it
> is generally the mail user agent that does the link between mails it did
> send over SMTP and copies it stores through IMAP.
>
> > I am also not about find any docs on opensmtpd-extra-pgsql. Is there any 
> > guide to link postgresql up with smtpd for virtual users?
>
> There's a man page but no guide no.
>
> There are several tutorials for using SQLite and MySQL if you google and
> they are pretty much identical in terms of configuration.
>
> --
>
> Gilles Chehade @poolpOrg
>
> https://www.poolp.org tip me: https://paypal.me/poolpOrg




Re: exFAT devices not detected

2019-06-06 Thread Oriol Demaria

Working again with today's snapshot.

Regards,

---
Oriol Demaria
2FFED630C16E4FF8

On 31/05/2019 15:42, Oriol Demaria wrote:

I tested this before, even I have some hotplugd script to mount this
devices, but since some days ago exFAT formatted devices are not
detected and won't even appear on dmesg. Does anyone seen this
behaviour too?

Thanks.




Re: Behaviour of eval in sh(1) and ksh(1) in AND-OR list with set -e

2019-06-06 Thread Christian Weisgerber
On 2019-06-05, Andreas Kusalananda Kähäri  wrote:

> When running under set -e, why does
> eval false || echo ok
> terminate the script with the execution of eval?

I think that's a bug.

> then why does the below behave differently?
> eval ! true || echo ok

That's actually the documented, POSIX-specified behavior.  Somewhat
bizarrely, ! disables errexit.  The eval doesn't matter here.

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de



Re: SSL_ERROR_DECODE_ERROR_ALERT in Fedora 30 Firefox when connecting to some OpenBSD servers

2019-06-06 Thread kasak

Stuart Henderson писал 2019-06-05 17:10:

On 2019-06-05, Frank Groeneveld  wrote:

On Wed, Jun 5, 2019, at 08:07, Frank Groeneveld wrote:

After updating to Firefox 67.0 on Fedora 30 it seems some OpenBSD
servers cannot be reached over HTTPS anymore. The error produced is
SSL_ERROR_DECODE_ERROR_ALERT. I get this with some of my own servers,
but also with https://cvsweb.openbsd.org/
Anybody know what is going on? Chromium and openssl s_client on the
same system works fine and the same Firefox version in Ubuntu, Mac OS
and Windows don't have this problem.

Thanks in advance.


Sorry for the noise, apparently there is a bug in the Fedora side when 
connecting with newer versions of LibreSSL. Related bug report: 
https://bugzilla.redhat.com/show_bug.cgi?id=1713777


The bug is server-side not client, looks like it would have been 
introduced

around January, and fixed in lib/libssl/ssl_tlsext.c r1.49


revision 1.49
date: 2019/05/29 17:28:37;  author: jsing;  state: Exp;  lines: +2 -5;
 commitid: DLpHk0vyoFEK0Baa;
Relax parsing of TLS key share extensions on the server.

The RFC does not require X25519 and it also allows clients to send an 
empty
key share when the want the server to select a group. The current 
behaviour
results in handshake failures where the client supports TLS 1.3 and 
sends a

TLS key share extension that does not contain X25519.

Issue reported by Hubert Kario via github.

ok tb@



Excuse me, can this issue also break dovecot and latest thunderbird?
With the latest thunderbird 60.7.0 (on fedora) my dovecot (and 
opensmtpd) suddenly refuse to log me in.

Dovecot shows something like this in logs:

TLS handshaking: SSL_accept() failed: error:140270E3:SSL 
routines:ACCEPT_SR_CLNT_HELLO_C:parse tlsext


I found workarond for this, by switching from "STARTTLS" to SLL/TLS for 
imap. But OpenSMTPD still not working.
As I said, this behavior appeared in latest thunderbird 60.7.0. Older 
versions of thunderbird work.




Re: Filesystem corruption on OpenBSD routers after power outage?

2019-06-06 Thread Tom Smyth
Yeah Marko,
this blog did help me when I was resarching the issue ...
Cheers,


On Thu, 6 Jun 2019 at 10:07, Marko Cupać  wrote:

> On Tue, 04 Jun 2019 19:30:08 +
> Mogens Jensen  wrote:
>
> > Can anyone with experience running OpenBSD routers without UPS, tell
> > if filesystem corruption is going to be a problem after power
> > outages, or if there are any officially supported ways to make the
> > system resilient enough to not break after a power outage?
>
> I have described my !!!UNSUPPORTED!!! setup !!!WARNING, BLATANT
> SELF-PROMOTION!!! here:
>
>
> https://www.mimar.rs/blog/how-to-increase-openbsds-resilience-to-power-outages
>
> So far I have two 6.5's on PCengine's apu2d4 (~20 6.2-6.4's). The only
> "problem" I have since 6.4 is that I have to mount / rw when tcpdumping
> because unveil does not like ro /etc.
>
> HTH,
> --
> Before enlightenment - chop wood, draw water.
> After  enlightenment - chop wood, draw water.
>
> Marko Cupać
> https://www.mimar.rs/
>
>

-- 
Kindest regards,
Tom Smyth.


Re: Filesystem corruption on OpenBSD routers after power outage?

2019-06-06 Thread Marko Cupać
On Tue, 04 Jun 2019 19:30:08 +
Mogens Jensen  wrote:

> Can anyone with experience running OpenBSD routers without UPS, tell
> if filesystem corruption is going to be a problem after power
> outages, or if there are any officially supported ways to make the
> system resilient enough to not break after a power outage?

I have described my !!!UNSUPPORTED!!! setup !!!WARNING, BLATANT
SELF-PROMOTION!!! here:

https://www.mimar.rs/blog/how-to-increase-openbsds-resilience-to-power-outages

So far I have two 6.5's on PCengine's apu2d4 (~20 6.2-6.4's). The only
"problem" I have since 6.4 is that I have to mount / rw when tcpdumping
because unveil does not like ro /etc.

HTH,
-- 
Before enlightenment - chop wood, draw water.
After  enlightenment - chop wood, draw water.

Marko Cupać
https://www.mimar.rs/



Re: Xorg blanks until I switch to a TTY and back on 6.5

2019-06-06 Thread Norman Golisz
On Wed May  1 2019 14:53, Daniel Bolgheroni wrote:
> On Wed, May 01, 2019 at 04:43:09PM +, Jonathan Gray wrote:
> > On Wed, May 01, 2019 at 12:34:12PM -0300, Daniel Bolgheroni wrote:
> > > On Mon, Apr 29, 2019 at 07:05:25AM +, Jonathan Gray wrote:
> > > > Does this help?
> > > 
> > > It was already commited but fixed the problem here.
> > > 
> > > However, I still can't see the correct modes set for LVDS-1 and for the
> > > external monitor on HDMI-1. An ultrawide 2560x1080 monitor can see at most
> > > 1920x1080, but worked fine with the previous drm.
> > 
> > There is a change queued for the next 4.19 release which concerns the
> > modesetting xorg driver, I'm not sure if it is relevant:
> > 
> > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/plain/queue-4.19/revert-drm-i915-fbdev-actually-configure-untiled-displays.patch
> 
> It's not, I'm sorry. I will try the next iteractions.
> 
> Thank you for your work.

Someone opened a bug on freedesktop's bugzilla:

https://bugs.freedesktop.org/show_bug.cgi?id=110629



Re: Behaviour of eval in sh(1) and ksh(1) in AND-OR list with set -e

2019-06-06 Thread Andreas Kusalananda Kähäri
On Wed, Jun 05, 2019 at 08:05:48PM +0200, Andreas Kusalananda Kähäri wrote:
> When running under set -e, why does
> 
> eval false || echo ok

Just to clarify:

OpenBSD's sh(1) and ksh(1) make it impossible to run code like

set -e
if eval "$string"; then
echo ok
else
echo not ok
fi

where "$string" is a piece of code that returns a non-zero exit status.
This script would not output anything with string=false, for example,
even though the eval occurs as a test within a conditional statement.


> 
> terminate the script with the execution of eval?  As far as I know, the
> OpenBSD sh(1) and ksh(1) shells are the only ones doing that.
> 
> If we take termination of the script as a given in the above scenario
> (even if it feel a bit odd since it's in an AND-OR list), then why does
> the below behave differently?
> 
> eval ! true || echo ok
> 
> This would not terminate the shell regardless of set -e or not.
> 
> Is that a bug or is it a different interpretation of the standard?
> 
> 
> 
> -- 
> Kusalananda
> Sweden

-- 
Kusalananda
Sweden



Re: Flask and uWSGI on OpenBSD httpd

2019-06-06 Thread Максим
https://uwsgi.readthedocs.io/en/latest/OpenBSDhttpd.html?highlight=openbsd

-- 
Best regards
Maksim Rodin


06.06.2019, 09:02, "Tito Mari Francis Escaño" :
> Good day to everyone on misc,
> I’m trying to setup a Flask-based web application on OpenBSD 6.5 and I keep 
> encountering mention of uWSGI in integrating it with OpenBSD httpd, but I 
> found there were very few and vague resources online.
> I have already figured out what packages I should use, I used the provided 
> Python 3.6.8p0 and py3-flask package.
> Further I installed uwsgi thru “pip install uwsgi”, but there were no 
> references for integrating the uwsgi with httpd, what should be the 
> configuration of the httpd for this?
> Can somebody please point me to references I should look into to make this 
> happen?
> Would greatly appreciate your help.
> Thanks.



Flask and uWSGI on OpenBSD httpd

2019-06-06 Thread Tito Mari Francis Escaño
Good day to everyone on misc,
I’m trying to setup a Flask-based web application on OpenBSD 6.5 and I keep 
encountering mention of uWSGI in integrating it with OpenBSD httpd, but I found 
there were very few and vague resources online.
I have already figured out what packages I should use, I used the provided 
Python 3.6.8p0 and py3-flask package.
Further I installed uwsgi thru “pip install uwsgi”, but there were no 
references for integrating the uwsgi with httpd, what should be the 
configuration of the httpd for this?
Can somebody please point me to references I should look into to make this 
happen?
Would greatly appreciate your help.
Thanks.