[6.4] New Syntax is running well...
Hello all. I just upgraded to OpenBSD 6.4 with OpenSMTPD 6.4. The previous configuration file was built according to : http://technoquarter.blogspot.com/ https://frozen-geek.net/openbsd-email-server-1/ It works and seems to respect the objectives : Incoming mail: pf -> relay to spamd -> send to opensmtpd on lo0 -> relay untagged mail to clamsmtpd on port 10025 -> relay to clamd on port 3310 -> return to clamsmtpd -> return to opensmtpd on lo0 port 10026 and tag it CLAM_IN -> -relay tagged CLAM_IN mail to spampd on port 10035 -> run it through SpamAssassin -> return to opensmtpd on lo0 port 10036 and tag it SPAM_IN -> deliver to dovecot/lmtp Outoing mail: opensmtpd on lo0 -> relay untagged mail to clamsmtpd on port 10027 -> relay to clamd on port 3310 -> return to clamsmtpd -> return to opensmtpd on lo0 port 10028 and tag it CLAM_OUT -> relay to dkimproxy on port 10029 -> add DKIM headers -> return to opensmtpd on lo0 port 10030 and tag it DKIM_OUT -> relay out However, maybe the rules are too permissive. Please could you provide feedback in this way ? Thanks. Olivier. Prerequisities : opensmtpd-extras-201703132115p1 opensmtpd-extras-pgsql-201703132115p1 ### # # ## See smtpd.conf(5) for more information.# # # ### # ## Queue compression queue compression queue encryption encryptedkey ### # ## Define PKI # pki mailsrv.domain.tld key "/some/where/private/srv.domain.tld.key" pki mailsrv.domain.tld cert "/some/where/srv.domain.tld.crt" ### # ## Define Table # table aliases db:/etc/mail/aliases.db table vdomains postgres:/etc/mail/pgsql.conf table passwdpostgres:/etc/mail/pgsql.conf table valiases postgres:/etc/mail/pgsql.conf ## Options # smtp max-message-size 50M ### # ## Declare interface : treatment depends from the flow (&port) # # Manage flow listen on lo0 listen on lo0 port 10026 tag CLAM_IN# incoming email to deliver(from spampd) listen on lo0 port 10028 tag CLAM_OUT # outgoing email to DKIM listen on lo0 port 10036 tag SPAM_IN# incoming email to deliver listen on lo0 port 10030 tag DKIM_OUT # outgoing email to another MTA # # Inbound listen on egress tls pki srv.domain.tld auth-optional listen on egress smtps srv.domain.tld auth listen on egress port submission tls-require pki srv.domain.tld auth ## # ## Define actions # action "local" mbox alias action "relay" relay action deliver lmtp "/var/dovecot/lmtp" rcpt-to virtual #deliver via lmtp action to-spampdrelay host smtp://127.0.0.1:10035 # to spampd action to-dkim_out relay host smtp://127.0.0.1:10029 # send to dkimproxy_out action to-clamd_out relay host smtp://127.0.0.1:10027 # send to clamd via clamsmtpd_out action to-clamd_in relay host smtp://127.0.0.1:10025 # send to clamd via clamsmtpd_in # ## Manage flows (match and) # # Allow to deliver match for local action "local" # Tagged mail returned from DKIM match tag DKIM_OUT for any action "relay" match auth from any for any action to-dkim_out # tagged mail returned from spampd deliver to maildir match tag SPAM_IN for domain action deliver match for any action to-spampd # tagged mail returned from clamsmtp either send to spampd or dkimproxy_out match tag CLAM_IN for any action to-spampd match tag CLAM_OUT for any action to-dkim_out # Start here (inbound) match from any for domain action to-clamd_in match from local for any action to-clamd_out -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
aliases with + filtering
Hi, My conf is basically table aliases db:/etc/mail/aliases.db action "local" maildir alias match from any for domain "chown.me" action "local" Previously it was table aliases db:/etc/mail/aliases.db accept for local alias deliver to maildir accept from any for domain chown.me alias deliver to maildir I use the + filtering both directly, and with aliases. If I send an email (from another machine) to foo+bar@, the mail goes correctly in the bar folder (which is OK). If I send an email (from another machine) to wtvaliases@ which is listed as foo+...@chown.me in my /etc/mail/aliases, it goes in my inbox and not in my bar directory (which is not ok and worked until now). Is there a way to get back this behaviour I had before 6.4? Cheers, Daniel -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: upgrade to 6.4
How many users do you have on your server, Edgar? I've found the best solution to be simple text files. On Sun, Nov 4, 2018 at 3:37 PM Edgar Pettijohn III wrote: > > > On 11/4/18 2:32 PM, Bryan Harris wrote: > > I made the exact same mistake of not using “from any” on my relay rule. > > Scratching my head reading the rule trace was a good learning experience. > > > > I still don’t understand how to correctly setup virtuals like you’re doing. > > Instead I’m using aliases. Can you share your virtual match rule? > > > > V/r, > > Bryan > > > I'm using mysql tables. It makes everything so simple. > > > Edgar > > > Sent from my iPhone > > > >> On Nov 4, 2018, at 10:01 AM, Edgar Pettijohn III > >> wrote: > >> > >> I hadn't upgraded to 6.4 yet, because I was scared of the new config > >> changes. However, it was relatively painless. Here are the two mistakes I > >> made and the corrected versions in case it helps others. > >> > >> wrong: > >> > >> action act01 virtual maildir "/path/to/maildir" > >> > >> right: > >> > >> action act01 maildir "/path/to/maildir" virtual > >> > >> wrong: > >> > >> match for any action act02 # relay rule > >> > >> right: > >> > >> match auth from any for any action act02 # needed the auth keyword and > >> apparently from any > >> > >> > >> thanks, > >> > >> > >> Edgar > >> > >> > >> -- > >> You received this mail because you are subscribed to misc@opensmtpd.org > >> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > >> > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: upgrade to 6.4
On 11/4/18 2:32 PM, Bryan Harris wrote: I made the exact same mistake of not using “from any” on my relay rule. Scratching my head reading the rule trace was a good learning experience. I still don’t understand how to correctly setup virtuals like you’re doing. Instead I’m using aliases. Can you share your virtual match rule? V/r, Bryan I'm using mysql tables. It makes everything so simple. Edgar Sent from my iPhone On Nov 4, 2018, at 10:01 AM, Edgar Pettijohn III wrote: I hadn't upgraded to 6.4 yet, because I was scared of the new config changes. However, it was relatively painless. Here are the two mistakes I made and the corrected versions in case it helps others. wrong: action act01 virtual maildir "/path/to/maildir" right: action act01 maildir "/path/to/maildir" virtual wrong: match for any action act02 # relay rule right: match auth from any for any action act02 # needed the auth keyword and apparently from any thanks, Edgar -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: upgrade to 6.4
I made the exact same mistake of not using “from any” on my relay rule. Scratching my head reading the rule trace was a good learning experience. I still don’t understand how to correctly setup virtuals like you’re doing. Instead I’m using aliases. Can you share your virtual match rule? V/r, Bryan Sent from my iPhone > On Nov 4, 2018, at 10:01 AM, Edgar Pettijohn III > wrote: > > I hadn't upgraded to 6.4 yet, because I was scared of the new config changes. > However, it was relatively painless. Here are the two mistakes I made and the > corrected versions in case it helps others. > > wrong: > > action act01 virtual maildir "/path/to/maildir" > > right: > > action act01 maildir "/path/to/maildir" virtual > > wrong: > > match for any action act02 # relay rule > > right: > > match auth from any for any action act02 # needed the auth keyword and > apparently from any > > > thanks, > > > Edgar > > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
upgrade to 6.4
I hadn't upgraded to 6.4 yet, because I was scared of the new config changes. However, it was relatively painless. Here are the two mistakes I made and the corrected versions in case it helps others. wrong: action act01 virtual maildir "/path/to/maildir" right: action act01 maildir "/path/to/maildir" virtual wrong: match for any action act02 # relay rule right: match auth from any for any action act02 # needed the auth keyword and apparently from any thanks, Edgar -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org