Re: mlmmj upgrade
Looks good 02.05.2024 16:38:51 gil...@poolp.org: > Hello misc@, > > The mailing list software, mlmmj, has been upgraded to its latest version. > > I'd appreciate a couple answers to this mail to make sure it does not > introduce a regression ;-) > > Gilles
Silently reject mails
hi, i have not found a way to silently drop all mails to a domain. (yes there is a use case to run a mail server that does not store any mails without creating non deliverable notices) Is there a way to configure opensmpt for such a use case? Regards Hagen
Re: Changing Log Messages
Hi to all so I am a step further to get reporting via filter. I tried to register a lot of events and I get a lot of information but it seems that the event smtp failed-command command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command not supported" is not reported via the api. So although this was a interesting path that I certainly will be able to use in the future but for this case it does not seem to be successfull. Did I miss something? Regards Hagen on Thu, Jun 23, 2022 at 04:34:54PM +0200, Hagen Bauer wrote: Hi Mohamad, exactly thats it. Renaming it to auth-logger solved the "syntax error" Regards Hagen On Thu, Jun 23, 2022 at 06:36:46AM -0700, Mohamad Safadieh wrote: Hi Hagen, I'm pretty sure "auth" is a reserved keyword. Renaming your filter to something other than "auth" should fix it. Regards, Mohamad On Thu, Jun 23, 2022, at 6:23 AM, Pete wrote: Hi, it says right there in the message... Line 13 and 26 in /usr/local/etc/mail/smtpd.conf service smtpd restart Performing sanity check on smtpd configuration: /usr/local/etc/mail/smtpd.conf:13: syntax error /usr/local/etc/mail/smtpd.conf:26: syntax error - Any idea where the syntax error is created Regards Hagen.
Re: Changing Log Messages
Hi Mohamad, exactly thats it. Renaming it to auth-logger solved the "syntax error" Regards Hagen On Thu, Jun 23, 2022 at 06:36:46AM -0700, Mohamad Safadieh wrote: Hi Hagen, I'm pretty sure "auth" is a reserved keyword. Renaming your filter to something other than "auth" should fix it. Regards, Mohamad On Thu, Jun 23, 2022, at 6:23 AM, Pete wrote: Hi, it says right there in the message... Line 13 and 26 in /usr/local/etc/mail/smtpd.conf service smtpd restart Performing sanity check on smtpd configuration: /usr/local/etc/mail/smtpd.conf:13: syntax error /usr/local/etc/mail/smtpd.conf:26: syntax error - Any idea where the syntax error is created Regards Hagen.
Re: Changing Log Messages
Hi Reio,
this is my first filter plus my first go program so I might miss something.
This is what I did
pkg install go
git clone https://github.com/whataboutpereira/filter-auth.git
cd filter-auth/
go build filter-auth.go
cp filter-auth /usr/local/libexec/opensmtpd/opensmtpd-filter-auth
Add filter to the listen entry
vi /usr/local/etc/mail/smtpd.conf
...
filter auth proc-exec "opensmtpd-filter-auth"
...
listen on igb0 tls pki my.hostname.de hostname my.hostname.de filter {
rspamd, auth}
service smtpd restart
Performing sanity check on smtpd configuration:
/usr/local/etc/mail/smtpd.conf:13: syntax error
/usr/local/etc/mail/smtpd.conf:26: syntax error
-
Any idea where the syntax error is created
Regards
Hagen.
On Thu, Jun 23, 2022 at 08:17:02AM +0200, Hagen Bauer wrote:
Hi Reio,
great that looks like a solution for me. I will give it a try.
Regards
Hagen
On Wed, Jun 22, 2022 at 10:16:00PM +0300, Reio Remma wrote:
Filters are indeed the way to go.
I'm personally using a reporter to log failed authentications which
I'm feeding to fail2ban to block.
https://github.com/whataboutpereira/filter-auth
Good luck
Reio
On 22.06.2022 20:56, Pete wrote:
Hi,
the best is probably to implement a custom report ing filter that fits you
needs.
http://man.openbsd.org/man7/smtpd-filters.7
Hi,
i would like to use crowdsec to evaluate my mail logs. My current idea is to
block all users that try to login on port 25
```
smtp connected address=43.zzz.yy.xx host=
smtp failed-command command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command
not supported"
```
So the trigger is line 2 but the ip address is in line 1
Unfortunately there seems to be no way for crowdsec parser to evaluate 2 lines
Is there any chance or idea how I could change the logs to include the address
in line 2
Regards
Hagen Bauer
--
Re: Changing Log Messages
Hi Reio, great that looks like a solution for me. I will give it a try. Regards Hagen On Wed, Jun 22, 2022 at 10:16:00PM +0300, Reio Remma wrote: Filters are indeed the way to go. I'm personally using a reporter to log failed authentications which I'm feeding to fail2ban to block. https://github.com/whataboutpereira/filter-auth Good luck Reio On 22.06.2022 20:56, Pete wrote: Hi, the best is probably to implement a custom report ing filter that fits you needs. http://man.openbsd.org/man7/smtpd-filters.7 Hi, i would like to use crowdsec to evaluate my mail logs. My current idea is to block all users that try to login on port 25 ``` smtp connected address=43.zzz.yy.xx host= smtp failed-command command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command not supported" ``` So the trigger is line 2 but the ip address is in line 1 Unfortunately there seems to be no way for crowdsec parser to evaluate 2 lines Is there any chance or idea how I could change the logs to include the address in line 2 Regards Hagen Bauer --
Changing Log Messages
Hi, i would like to use crowdsec to evaluate my mail logs. My current idea is to block all users that try to login on port 25 ``` smtp connected address=43.zzz.yy.xx host= smtp failed-command command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command not supported" ``` So the trigger is line 2 but the ip address is in line 1 Unfortunately there seems to be no way for crowdsec parser to evaluate 2 lines Is there any chance or idea how I could change the logs to include the address in line 2 Regards Hagen Bauer
Re: Block mails from senders
Hi, great, I got it working now Thank you Regards Hagen On Fri, Aug 20, 2021 at 02:41:54PM +0200, Thomas Bohl wrote: Hello, i cant get mails rejected that come from a list of specific senders smtpd.conf table bad_guys file:/etc/mail/bad_guys match from mail-from reject Whats wrong? If you don't specify for whom the rule is it will default to local. So the current rule is: match from mail-from for local reject It will not match an incoming smtp connection. So you want: match from mail-from for any reject If that doesn't work use: match from any for any mail-from reject That is a line I use in production for years.
Block mails from senders
Hi i cant get mails rejected that come from a list of specific senders smtpd.conf table bad_guys file:/etc/mail/bad_guys match from mail-from reject /etc/mail/bad_guys a.validaddress@validdomain.validtld The reject match rule is the first rule in my list of match rules Whats wrong? Regards Hagen
Re: How to copy all outgoing mails based on sender definition
As a workaround I will use postfix as a "filter" I created a seperate jail with postfix. This postfix configuration is very simple. Just relayhost, sender_bcc list and hostname. Within opensmtp config I am forwarding all mails that are sent from users to this postfix. This postfix is using the sender_bcc list and forwarding all mails to the archive server and then relaying all mails back to opensmtpd. This is certainly no solution for all organisational sizes but for me it should work. The configuration overhead is very low and I can combine the simplicity of opensmtpd with the function of postfix. On Mon, Jun 07, 2021 at 08:52:39AM +0200, Hagen Bauer wrote: is this really not possible or planed? No way? I really like the way opensmtpd is configured and I would hate to move back to postfix but this is really critical Any ideas or hints? Regards Hagen Hi Due to german laws all businesses are required to implement a long term archiv of business related mails. A majority of mail archiving software is integrated vie a simple mail forward of all mails. In postfix this can be done via sender_bcc_maps / receiver_bcc_maps I have found a way to forward all incoming mails based on the receiver but I am failing to find a way to do this for outgoing mails So I have a list of users defined on a server and I want to copy all mails of users with a specific mail domain. Any way to implement this in opensmtpd without routing all mails through postfix? Regards Hagen
Re: How to copy all outgoing mails based on sender definition
is this really not possible or planed? No way? I really like the way opensmtpd is configured and I would hate to move back to postfix but this is really critical Any ideas or hints? Regards Hagen Hi Due to german laws all businesses are required to implement a long term archiv of business related mails. A majority of mail archiving software is integrated vie a simple mail forward of all mails. In postfix this can be done via sender_bcc_maps / receiver_bcc_maps I have found a way to forward all incoming mails based on the receiver but I am failing to find a way to do this for outgoing mails So I have a list of users defined on a server and I want to copy all mails of users with a specific mail domain. Any way to implement this in opensmtpd without routing all mails through postfix? Regards Hagen
How to copy all outgoing mails based on sender definition
Hi Due to german laws all businesses are required to implement a long term archiv of business related mails. A majority of mail archiving software is integrated vie a simple mail forward of all mails. In postfix this can be done via sender_bcc_maps / receiver_bcc_maps I have found a way to forward all incoming mails based on the receiver but I am failing to find a way to do this for outgoing mails So I have a list of users defined on a server and I want to copy all mails of users with a specific mail domain. Any way to implement this in opensmtpd without routing all mails through postfix? Regards Hagen
