Re: New config syntax
Sorry sent too fast, wanted to add that debugging configuration without logs is difficultLe 27 oct. 2018 06:48, Gilles Chehade a écrit :This can mean you have a loop of some sort in aliases expansion, or maybe in .forward b«yÇ¢½çm+)[yÆ®±ì¨¹ªÞ²æìr¸yÛh+¢§²kivàN§²æìr¸zǧu©[h+úéì¹»®&Þ¢§²kivà
Re: OpenSMTPD 6.4 - "Invalid recipient" with external mail client (thunderbird)
Actually it makes sense having both from local and auth rules
Re: New config syntax
This can mean you have a loop of some sort in aliases expansion, or maybe in .forward
Re: OpenSMTPD 6.4 - "Invalid recipient" with external mail client (thunderbird)
Change your match for any action relay_dkim to match auth from any for any action relay_dkim. On Fri, Oct 26, 2018 at 7:10 PM Jesper Wallin wrote: > > Hi, > > You need to specify “from any” to your relay_dkim match rule. If not > specified, it defaults to “from local”, which now is different from “auth”. > > > Regards, > Jesper Wallin > > > On 27 Oct 2018, at 01:06, wrote: > > > > Hello, > > > > I recently upgraded my server to OpenBSD 6.4. But I have a problem with the > > new > > configuartion of OpenSMTPD: > > > > When I send a mail with Thunderbird from an external IP, my server always > > returns > > the error message "invalid recipient". > > > > When I connect to the server through SSH and send a mail via the local > > client mutt, > > everything works. > > > > This is my configuration: > > --- > > queue compression > > queue encryption ad8004f927bd2b00a672c30704e3de11 > > > > pki mx1.example.com.pki cert "/etc/ssl/mx1.example.com.crt" > > pki mx1.example.com.pki key "/etc/ssl/private/mx1.example.com.key" > > > > table aliases file:/etc/mail/aliases > > table vdomains file:/etc/mail/vdomains > > table vusers file:/etc/mail/vusers > > > > listen on lo0 > > listen on lo0 port 10028 tag DKIM > > listen on egress tls pki mx1.example.com.pki auth-optional > > listen on egress smtps pki mx1.example.com.pki auth > > listen on egress port submission tls-require pki mx1.example.com.pki auth > > > > action "local" mbox alias > > action "relay" relay > > action "domain" lmtp "/var/dovecot/lmtp" virtual > > action relay_dkim relay host smtp://127.0.0.1:10027 > > > > match from local for local action "local" > > match tag DKIM for any action "relay" > > match from any for domain action "domain" > > match for any action relay_dkim > > --- > > > > Is there something wrong in my current configuration? > > > > Thanks in advance! > > > > Cheers > > Johannes > > > > > > -- > > You received this mail because you are subscribed to misc@opensmtpd.org > > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > > > > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: OpenSMTPD 6.4 - "Invalid recipient" with external mail client (thunderbird)
Hi, You need to specify “from any” to your relay_dkim match rule. If not specified, it defaults to “from local”, which now is different from “auth”. Regards, Jesper Wallin > On 27 Oct 2018, at 01:06, wrote: > > Hello, > > I recently upgraded my server to OpenBSD 6.4. But I have a problem with the > new > configuartion of OpenSMTPD: > > When I send a mail with Thunderbird from an external IP, my server always > returns > the error message "invalid recipient". > > When I connect to the server through SSH and send a mail via the local > client mutt, > everything works. > > This is my configuration: > --- > queue compression > queue encryption ad8004f927bd2b00a672c30704e3de11 > > pki mx1.example.com.pki cert "/etc/ssl/mx1.example.com.crt" > pki mx1.example.com.pki key "/etc/ssl/private/mx1.example.com.key" > > table aliases file:/etc/mail/aliases > table vdomains file:/etc/mail/vdomains > table vusers file:/etc/mail/vusers > > listen on lo0 > listen on lo0 port 10028 tag DKIM > listen on egress tls pki mx1.example.com.pki auth-optional > listen on egress smtps pki mx1.example.com.pki auth > listen on egress port submission tls-require pki mx1.example.com.pki auth > > action "local" mbox alias > action "relay" relay > action "domain" lmtp "/var/dovecot/lmtp" virtual > action relay_dkim relay host smtp://127.0.0.1:10027 > > match from local for local action "local" > match tag DKIM for any action "relay" > match from any for domain action "domain" > match for any action relay_dkim > --- > > Is there something wrong in my current configuration? > > Thanks in advance! > > Cheers > Johannes > > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
OpenSMTPD 6.4 - "Invalid recipient" with external mail client (thunderbird)
Hello, I recently upgraded my server to OpenBSD 6.4. But I have a problem with the new configuartion of OpenSMTPD: When I send a mail with Thunderbird from an external IP, my server always returns the error message "invalid recipient". When I connect to the server through SSH and send a mail via the local client mutt, everything works. This is my configuration: --- queue compression queue encryption ad8004f927bd2b00a672c30704e3de11 pki mx1.example.com.pki cert "/etc/ssl/mx1.example.com.crt" pki mx1.example.com.pki key "/etc/ssl/private/mx1.example.com.key" table aliases file:/etc/mail/aliases table vdomains file:/etc/mail/vdomains table vusers file:/etc/mail/vusers listen on lo0 listen on lo0 port 10028 tag DKIM listen on egress tls pki mx1.example.com.pki auth-optional listen on egress smtps pki mx1.example.com.pki auth listen on egress port submission tls-require pki mx1.example.com.pki auth action "local" mbox alias action "relay" relay action "domain" lmtp "/var/dovecot/lmtp" virtual action relay_dkim relay host smtp://127.0.0.1:10027 match from local for local action "local" match tag DKIM for any action "relay" match from any for domain action "domain" match for any action relay_dkim --- Is there something wrong in my current configuration? Thanks in advance! Cheers Johannes -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: New config syntax
Hello, > In my aliases table I have entries like: > > admin:fred, f...@crowsons.net Is crowsons.net the hostname of the server? > > but with my new smtpd.conf [1] I'm getting the following error: > > 524 5.2.4 Mailing list expansion problem What is the full line in /var/log/maillog? -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Announce: OpenSMTPD 6.4.0 released
Hello, This is our latest major release which holds some notable changes: 1- this is the first release that depends on LibreSSL We spent the years trying to accomodate both LibreSSL and OpenSSL but it does not work for us and it prevents us from moving towards libtls which would help us simplify the code and avoid traps caused by the complexity of the libssl API. There used to be issues with having both LibreSSL and OpenSSL installed, which is why we wanted to support both, but now they are no longer valid and I did build and run a LibreSSL OpenSMTPD on FreeBSD, Ubuntu, Debian, CentOS, ArchLinux and Fedora. At this point, we believe there's no reason not to have OpenSMTPD depend on LibreSSL and if some distros absolutely want to keep having it depend on OpenSSL, fair enough but they get the extra work with patches. 2- this release has a complete refactor of the configuration Most configuration files are trivial to convert and new features are now available thanks to the new config, make sure to prepare your upgrade so you don't get surprised when you install, restart and get syntax errors. The mailing list is a perfect place to discuss configuration files and a lot of users can help and benefit from discussions. 3- sadly this release was not well tested on other systems We need key users who want to help us ensure that OpenSMTPD is always in a good shape outside of the OpenBSD world, right now we don't have these and the testing on !OpenBSD systems is quite random. Final words for this mail, The six months cycle starting now will be focused on two areas: 1- portability cleanup: the portable compat layer is confusing and needs to be completely reworked which will require months of efforts. A lot has been done already and some branches exist to continue but we will need some active people to detect regressions at runtime, while we're already equiped to detect regressions at build time. 2- filters: code is already available for the most part, i've started to split it into smaller diffs that I'll commit separately over the next few weeks so they can be tested in development. I'll explain the plan for filters in an upcoming mail but now is time to drink and celebrate the end of the week :-) Gilles -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Announce: OpenSMTPD 6.4.0 released
OpenSMTPD 6.4.0 has just been released. OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions. It allows ordinary machines to exchange e-mails with systems speaking the SMTP protocol. It implements a fairly large part of RFC5321 and can already cover a large range of use-cases. It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD and Linux. The archives are now available from the main site at www.OpenSMTPD.org We would like to thank the OpenSMTPD community for their help in testing the snapshots, reporting bugs, contributing code and packaging for other systems. This is a major release with many breaking changes. Changes in this release (since 6.0.3): == - the configuration file syntax has been completely reworked, breaking compatibility with previous configuration files. - mda wrappers allow defining a command to pre-process mail before the mda write them to mailboxes. - OpenSMTPD now depends on LibreSSL as an SSL library and efforts will no longer be done to accomodate both OpenSSL and LibreSSL. - an SMTP client is now shipped with OpenSMTPD. - documentation has been reworked for the most part. - a lot of minor bug fixes and cleanups have been introduced. Checksums: == SHA256 (opensmtpd-6.4.0.tar.gz) = a14c7486557c0f6202efb800f509b418e56e9976a931473ebfaae2f0c5a24fbd SHA256 (opensmtpd-6.4.0p1.tar.gz) = 0857c14b5b4150daa4312cb0a85f41209792c83080beafc84ed0ddaaa985bde3 Verify: === Starting with version 5.7.1, releases are signed with signify(1). You can obtain the public key from our website, check with our community that it has not been altered on its way to your machine. $ wget https://www.opensmtpd.org/archives/opensmtpd-20181026.pub Once you are confident the key is correct, you can verify the release as described below: 1- download both release tarball and matching signature file to same directory: for OpenBSD version: $ wget https://www.opensmtpd.org/archives/opensmtpd-6.4.0.sum.sig $ wget https://www.opensmtpd.org/archives/opensmtpd-6.4.0.tar.gz for portable version: $ wget https://www.opensmtpd.org/archives/opensmtpd-6.4.0p1.sum.sig $ wget https://www.opensmtpd.org/archives/opensmtpd-6.4.0p1.tar.gz 2- use `signify` to verify that signature file is properly signed and that the checksum matches the release tarball you downloaded: for OpenBSD version: $ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-6.4.0.sum.sig Signature Verified opensmtpd-6.4.0.tar.gz: OK for portable version: $ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-6.4.0p1.sum.sig Signature Verified opensmtpd-6.4.0p1.tar.gz: OK If you don't get an OK message, then something is not right and you should not install without first understanding why it failed. Support: You are encouraged to register to our general purpose mailing-list: http://www.opensmtpd.org/list.html The "Official" IRC channel for the project is at: #OpenSMTPD @ irc.freenode.net Reporting Bugs: === Please read http://www.opensmtpd.org/report.html Security bugs should be reported directly to secur...@opensmtpd.org Other bugs may be reported to b...@opensmtpd.org -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: New config syntax
On Oct 26, 2018 4:46 AM, Fred Crowson wrote: > > Hi, > > In my aliases table I have entries like: > > admin: fred, f...@crowsons.net > > but with my new smtpd.conf [1] I'm getting the following error: > > 524 5.2.4 Mailing list expansion problem > > this worked with my old config [2]. > > What am I doing wrong? > > Thanks > > Fred I don't know, but my relay credentials table isnt working anymore either and I can't seem to find the solution either. > > [1] New Config: > # pki setup > pki mx.crowsons.com cert "/etc/ssl/mx.crowsons.com.crt" > pki mx.crowsons.com key "/etc/ssl/private/mx.crowsons.com.key" > > table sources { 46.235.226.153 } > table helonames { 46.235.226.153 = mx.crowsons.com } > table aliases file:/etc/mail/aliases > table passwd passwd:/etc/mail/passwd > table secrets file:/etc/mail/cc.sec > table domains file:/etc/mail/domains > > #listen on vio0 > listen on egress port 25 tls pki mx.crowsons.com > listen on egress port 587 tls-require pki mx.crowsons.com auth > > #actions > action "local" mbox alias > action "relay" relay > action "c.net" relay host tls+auth://usern...@smtp.mail.com auth > > # allow local messages > match for local action "local" > match from any for domain action "local" > match for domain crowsons.net action "c.net" > > [2] Old Config: > # pki setup > pki mx.crowsons.com certificate "/etc/ssl/mx.crowsons.com.crt" > pki mx.crowsons.com key "/etc/ssl/private/mx.crowsons.com.key" > > table aliases file:/etc/mail/aliases > table passwd passwd:/etc/mail/passwd > > #listen on vio0 > listen on egress port 25 tls pki mx.crowsons.com > listen on egress port 587 tls-require pki mx.crowsons.com auth > > accept from any for domain "crowsons.com" alias deliver to mbox > accept for local alias deliver to mbox > # allow local messages > accept from local for any relay > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org >
New config syntax
Hi, In my aliases table I have entries like: admin:fred, f...@crowsons.net but with my new smtpd.conf [1] I'm getting the following error: 524 5.2.4 Mailing list expansion problem this worked with my old config [2]. What am I doing wrong? Thanks Fred [1] New Config: # pki setup pki mx.crowsons.com cert "/etc/ssl/mx.crowsons.com.crt" pki mx.crowsons.com key "/etc/ssl/private/mx.crowsons.com.key" table sources { 46.235.226.153 } table helonames { 46.235.226.153 = mx.crowsons.com } table aliases file:/etc/mail/aliases table passwd passwd:/etc/mail/passwd table secrets file:/etc/mail/cc.sec table domains file:/etc/mail/domains #listen on vio0 listen on egress port 25 tls pki mx.crowsons.com listen on egress port 587 tls-require pki mx.crowsons.com auth #actions action "local" mbox alias action "relay" relay action "c.net" relay host tls+auth://usern...@smtp.mail.com auth # allow local messages match for local action "local" match from any for domain action "local" match for domain crowsons.net action "c.net" [2] Old Config: # pki setup pki mx.crowsons.com certificate "/etc/ssl/mx.crowsons.com.crt" pki mx.crowsons.com key "/etc/ssl/private/mx.crowsons.com.key" table aliases file:/etc/mail/aliases table passwd passwd:/etc/mail/passwd #listen on vio0 listen on egress port 25 tls pki mx.crowsons.com listen on egress port 587 tls-require pki mx.crowsons.com auth accept from any for domain "crowsons.com" alias deliver to mbox accept for local alias deliver to mbox # allow local messages accept from local for any relay -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org