Re: Example of smtpd-filters
On 2023/10/20 21:52:41 +0200, Sagar Acharya wrote: > I'm simply unable to start. > > I have to know where to get the mail from, format of text, which process to > give the return to, in what format, i.e. are there any standard return values > for accept or reject mail. I'd like to stress the point that a key difference of OpenSMTPD' filters is that they DO NOT EXIT. A filter is just a program (or a script) that is executed by smtpd at start and never exits. If a filter quits, it's a non-recoverable failure and smtpd dies too. The filter and smtpd talk via a simple protocol: smtpd writes lines to the filter standard input and the filter writes its responses to the standard output. Tassilo already shared some very sample code to get you started, for the rest you can refer to smtpd-filters[0] which describes the protocol. Feel free (of course!) to ask for clarification for any aspect not clearly covered in the manual page. Thanks, Omar Polo [0]: https://man.openbsd.org/smtpd-filters.7
smtpd.conf on OpenBSD: how to say "internal network"?
Hi folks,
hardwired constants in my smtpd.conf are causing problems with IPv6
prefix delegation, so I wonder if there is some abbr. for "internal
network"? Something like
# table localnet { 10.10.10.0/24 10.10.11.0/24 2001:db8:abcd:0012::/64 }
:
listen on intern tls pki $xname
listen on extern tls pki $xname
:
action "relay" relay
# match from src for any action "relay"
match from src (intern:network) for any action "relay"
:
(similar to pf.conf on OpenBSD)? "intern" would be the interface group
configured for all internal network interfaces.
I tried
# table localnet { 10.10.10.0/24 10.10.11.0/24 2001:db8:abcd:0012::/64 }
:
listen on intern tls pki $xname tag INTERN
listen on extern tls pki $xname tag EXTERN
:
action "relay" relay
# match from src for any action "relay"
match tag INTERN for any action "relay"
:
Doesn't work :-(. If I enable the old "localnet" lines, then it does.
Hopefully I am not too blind to see, but I haven't found this in
smtpd.conf(5). Every helpful comment is highly appreciated.
Regards
Harri
Re: smtpd.conf on OpenBSD: how to say "internal network"?
On Sat, Oct 21, 2023 at 01:18:34PM +0200, Harald Dunkel wrote:
[..]
>I tried
>
> # table localnet { 10.10.10.0/24 10.10.11.0/24 2001:db8:abcd:0012::/64 }
Try separating your networks with a comma, per the man page of smtpd.conf
table localnet { 10.10.10.0/24, 10.10.11.0/24, 2001:db8:abcd:0012::/64 }
Connecting client at 587
I am hosting with tls-require at port 587 listen on 0.0.0.0 tls-require port 587 pki pkname auth creds In creds, I have for user foo foo\t But when I authenticate using client Monocles mail, I get invalid username or password, with STARTTLS. Logs say smtp authentication user=foo result=permfail smtp failed-command command="AUTH PLAIN (...)" result="535 Authentication failed" What is the issue? Thanking you Sagar Acharya https://humaaraartha.in/selfdost/selfdost.html
Re: Connecting client at 587
I'm just guessing as you don't post your entire smtpd.conf: auth needs a table (in your case "creds", but it misses the <>), which you have to define beforehand and point to your file via the "table" keyword. At the end of smtpd.conf(5) you have examples. On Sat, Oct 21, 2023 at 09:07:04PM +0200, Sagar Acharya wrote: I am hosting with tls-require at port 587 listen on 0.0.0.0 tls-require port 587 pki pkname auth creds In creds, I have for user foo foo\t But when I authenticate using client Monocles mail, I get invalid username or password, with STARTTLS. Logs say smtp authentication user=foo result=permfail smtp failed-command command="AUTH PLAIN (...)" result="535 Authentication failed" What is the issue? Thanking you Sagar Acharya https://humaaraartha.in/selfdost/selfdost.html
