sysupdate and space check

[Peter Fraser]

I make a stupid mistake; I didn't check partition sizes before doing a 
sysupgrade.
sysupgrade ran out of space or /usr in the middle of the upgrade.
I know I should have checked first but it would be nice if sysupgrade did warn 
me.
The site was a 20-minute drive away, and their down time was a lot longer then 
I expected.

Picking out going IP address for smtp

[Peter Fraser]

On a compute with multiple IP addresses I wanted to pick the IP address used 
for outgoing smtp packets.

I tried to used

action "relay" relay src 10.1.1.7

Which did set the outgoing address, but it then created a different problem.

I was using a

match from src 10.1.1.0/24  for any action "relay"

to allow the computer on the local subnet to relay without authentication..

If the "src" option is used in the relay, the "src" in the match tests against 
it rather than the origin address in the incoming smtp packet

Since incoming external smtp session were allowed I accidentally created an 
open relay.

Rspamd or other such programs

[Peter Fraser]

Using  clamsmtpd  and the instructions in

http://technoquarter.blogspot.ca/2015/02/openbsd-mail-server-part-3-clamav-and.html

I was able to smtpd to interface with clamd.

Is there a similar procedure to get rspamd or similar to work with smtpd?

smtpd failing and a work around

[Peter Fraser]

Trying again to get the line feeds. Microsoft outlook seems intent on deleting 
them.
I apologize for mistake

opensmtpd has a bug, that I know is being worked on. It leave streams open that 
should be closed and will eventually stop listening for new connections.

The only fix I know at the moment is to restart opensmtpd.

My first attempt to mitigate this problem was to use timeout to see if "telnet 
mail 25" responded.
If I didn't get the 2220 mail.thinkage.ca ESMTP OpenSMTPD. I knew it was time 
to restart smtpd

When I was doing this I did miss the timeout command that linux has 
(https://www.gnu.org/software/coreutils/manual/html_node/timeout-invocation.html)

But knowing that it was the total number of stream that were open that cause 
the problem enabled a simple solution.
I used the following shell script under a nohup

#ksh
while true ;do
  p=`pgrep -f "smtpd: pony express"`
  i=`fstat -p $p |grep -c " stream "`
  m=""
  if test  $i -ge 100 ; then
 /etc/rc.d/smtpd restart
 m=restarted
  fi
  logger smtpd - pony express streams $i $m
  sleep 600
done

all the smtpd processes seem to leave extra streams open. 
"pony express" seems to leave the most open.

This generates output in /var/log/messages on my system and you can see how the 
number streams build.

Since I have running this I have not had a problem will smtpd hanging, although 
I recognize that it is crude work around



Jun 12 12:25:30 gateway root: smtpd - pony express streams 23 

Jun 12 12:35:32 gateway root: smtpd - pony express streams 25 

Jun 12 12:45:33 gateway root: smtpd - pony express streams 26 

Jun 12 12:55:33 gateway root: smtpd - pony express streams 25 

Jun 12 13:05:33 gateway root: smtpd - pony express streams 25 

Jun 12 13:15:33 gateway root: smtpd - pony express streams 27 

Jun 12 13:25:33 gateway root: smtpd - pony express streams 29 

Jun 12 13:35:33 gateway root: smtpd - pony express streams 29 

Jun 12 13:45:33 gateway root: smtpd - pony express streams 31 

Jun 12 13:55:33 gateway root: smtpd - pony express streams 33 

Jun 12 14:05:33 gateway root: smtpd - pony express streams 34 

Jun 12 14:15:33 gateway root: smtpd - pony express streams 33 

Jun 12 14:25:33 gateway root: smtpd - pony express streams 33 

Jun 12 14:35:33 gateway root: smtpd - pony express streams 33 

Jun 12 14:45:33 gateway root: smtpd - pony express streams 33 

Jun 12 14:55:33 gateway root: smtpd - pony express streams 33 

Jun 12 15:05:33 gateway root: smtpd - pony express streams 33 

Jun 12 15:15:33 gateway root: smtpd - pony express streams 37 

Jun 12 15:25:33 gateway root: smtpd - pony express streams 43 

Jun 12 15:35:33 gateway root: smtpd - pony express streams 43 

Jun 12 15:45:33 gateway root: smtpd - pony express streams 44 

Jun 12 15:55:33 gateway root: smtpd - pony express streams 43 

Jun 12 16:05:33 gateway root: smtpd - pony express streams 43 

Jun 12 16:15:33 gateway root: smtpd - pony express streams 43 

Jun 12 16:25:33 gateway root: smtpd - pony express streams 43 

Jun 12 16:35:33 gateway root: smtpd - pony express streams 49 

Jun 12 16:45:34 gateway root: smtpd - pony express streams 49 

Jun 12 16:55:34 gateway root: smtpd - pony express streams 49 

Jun 12 17:05:34 gateway root: smtpd - pony express streams 51 

Jun 12 17:15:34 gateway root: smtpd - pony express streams 51 

Jun 12 17:25:34 gateway root: smtpd - pony express streams 51 

Jun 12 17:35:34 gateway root: smtpd - pony express streams 51 

Jun 12 17:45:34 gateway root: smtpd - pony express streams 54 

Jun 12 17:55:34 gateway root: smtpd - pony express streams 53 

Jun 12 18:05:34 gateway root: smtpd - pony express streams 53 

Jun 12 18:15:34 gateway root: smtpd - pony express streams 53 

Jun 12 18:25:34 gateway root: smtpd - pony express streams 53 

Jun 12 18:35:34 gateway root: smtpd - pony express streams 53 

Jun 12 18:45:34 gateway root: smtpd - pony express streams 53 

Jun 12 18:55:34 gateway root: smtpd - pony express streams 53 

Jun 12 19:05:34 gateway root: smtpd - pony express streams 53 

Jun 12 19:15:34 gateway root: smtpd - pony express streams 55 

Jun 12 19:25:34 gateway root: smtpd - pony express streams 55 

Jun 12 19:35:34 gateway root: smtpd - pony express streams 55 

Jun 12 19:45:34 gateway root: smtpd - pony express streams 55 

Jun 12 19:55:34 gateway root: smtpd - pony express streams 56 

Jun 12 20:05:34 gateway root: smtpd - pony express streams 56 

Jun 12 20:15:34 gateway root: smtpd - pony express streams 55 

Jun 12 20:25:35 gateway root: smtpd - pony express streams 55 

Jun 12 20:35:35 gateway root: smtpd - pony express streams 57 

Jun 12 20:45:35 gateway root: smtpd - pony express streams 58 

Jun 12 20:55:35 gateway root: smtpd - pony express streams 57 

Jun 12 21:05:35 gateway root: smtpd - pony express streams 57 

Jun 12 21:15:35 gateway root: smtpd - pony express streams 57 

Jun 12 21:25:35 gateway root: smtpd - pony express streams 57 

Jun 12 21:35:35 gateway 

opensmtd failing and a work a round

[Peter Fraser]

I apologize for the missing newlines in the earlier messages 

opensmtpd has a bug, that I know is being worked on. It leave streams open that 
should be closed and will eventually stop listening for new connections.

The only fix I know at the moment is to restart opensmtpd.

My first attempt to mitigate this problem was to use timeout to see if "telnet 
mail 25" responded.
If I didn't get the 2220 mail.thinkage.ca ESMTP OpenSMTPD. I knew it was time 
to restart smtpd

When I was doing this I did miss the timeout command that linux has 
(https://www.gnu.org/software/coreutils/manual/html_node/timeout-invocation.html)

But knowing that it was the total number of stream that were open that cause 
the problem enabled a simple solution.
I used the following shell script under a nohup

#ksh
while true ;do
  p=`pgrep -f "smtpd: pony express"`
  i=`fstat -p $p |grep -c " stream "`
  m=""
  if test  $i -ge 100 ; then
 /etc/rc.d/smtpd restart
 m=restarted
  fi
  logger smtpd - pony express streams $i $m
  sleep 600
done

all the smtpd processes seem to leave extra streams open. 
"pony express" seems to leave the most open.

This generates output in /var/log/messages on my system and you can see how the 
number streams build.

Since I have running this I have not had a problem will smtpd hanging, although 
I recognize that it is crude work around


Jun 12 12:25:30 gateway root: smtpd - pony express streams 23 
Jun 12 12:35:32 gateway root: smtpd - pony express streams 25 
Jun 12 12:45:33 gateway root: smtpd - pony express streams 26 
Jun 12 12:55:33 gateway root: smtpd - pony express streams 25 
Jun 12 13:05:33 gateway root: smtpd - pony express streams 25 
Jun 12 13:15:33 gateway root: smtpd - pony express streams 27 
Jun 12 13:25:33 gateway root: smtpd - pony express streams 29 
Jun 12 13:35:33 gateway root: smtpd - pony express streams 29 
Jun 12 13:45:33 gateway root: smtpd - pony express streams 31 
Jun 12 13:55:33 gateway root: smtpd - pony express streams 33 
Jun 12 14:05:33 gateway root: smtpd - pony express streams 34 
Jun 12 14:15:33 gateway root: smtpd - pony express streams 33 
Jun 12 14:25:33 gateway root: smtpd - pony express streams 33 
Jun 12 14:35:33 gateway root: smtpd - pony express streams 33 
Jun 12 14:45:33 gateway root: smtpd - pony express streams 33 
Jun 12 14:55:33 gateway root: smtpd - pony express streams 33 
Jun 12 15:05:33 gateway root: smtpd - pony express streams 33 
Jun 12 15:15:33 gateway root: smtpd - pony express streams 37 
Jun 12 15:25:33 gateway root: smtpd - pony express streams 43 
Jun 12 15:35:33 gateway root: smtpd - pony express streams 43 
Jun 12 15:45:33 gateway root: smtpd - pony express streams 44 
Jun 12 15:55:33 gateway root: smtpd - pony express streams 43 
Jun 12 16:05:33 gateway root: smtpd - pony express streams 43 
Jun 12 16:15:33 gateway root: smtpd - pony express streams 43 
Jun 12 16:25:33 gateway root: smtpd - pony express streams 43 
Jun 12 16:35:33 gateway root: smtpd - pony express streams 49 
Jun 12 16:45:34 gateway root: smtpd - pony express streams 49 
Jun 12 16:55:34 gateway root: smtpd - pony express streams 49 
Jun 12 17:05:34 gateway root: smtpd - pony express streams 51 
Jun 12 17:15:34 gateway root: smtpd - pony express streams 51 
Jun 12 17:25:34 gateway root: smtpd - pony express streams 51 
Jun 12 17:35:34 gateway root: smtpd - pony express streams 51 
Jun 12 17:45:34 gateway root: smtpd - pony express streams 54 
Jun 12 17:55:34 gateway root: smtpd - pony express streams 53 
Jun 12 18:05:34 gateway root: smtpd - pony express streams 53 
Jun 12 18:15:34 gateway root: smtpd - pony express streams 53 
Jun 12 18:25:34 gateway root: smtpd - pony express streams 53 
Jun 12 18:35:34 gateway root: smtpd - pony express streams 53 
Jun 12 18:45:34 gateway root: smtpd - pony express streams 53 
Jun 12 18:55:34 gateway root: smtpd - pony express streams 53 
Jun 12 19:05:34 gateway root: smtpd - pony express streams 53 
Jun 12 19:15:34 gateway root: smtpd - pony express streams 55 
Jun 12 19:25:34 gateway root: smtpd - pony express streams 55 
Jun 12 19:35:34 gateway root: smtpd - pony express streams 55 
Jun 12 19:45:34 gateway root: smtpd - pony express streams 55 
Jun 12 19:55:34 gateway root: smtpd - pony express streams 56 
Jun 12 20:05:34 gateway root: smtpd - pony express streams 56 
Jun 12 20:15:34 gateway root: smtpd - pony express streams 55 
Jun 12 20:25:35 gateway root: smtpd - pony express streams 55 
Jun 12 20:35:35 gateway root: smtpd - pony express streams 57 
Jun 12 20:45:35 gateway root: smtpd - pony express streams 58 
Jun 12 20:55:35 gateway root: smtpd - pony express streams 57 
Jun 12 21:05:35 gateway root: smtpd - pony express streams 57 
Jun 12 21:15:35 gateway root: smtpd - pony express streams 57 
Jun 12 21:25:35 gateway root: smtpd - pony express streams 57 
Jun 12 21:35:35 gateway root: smtpd - pony express streams 57 
Jun 12 21:45:35 gateway root: smtpd - pony express streams 57 

smtpd failing and a work around.

[Peter Fraser]

opensmtpd has a bug, that I know is being worked on. It leave streams open that 
should be closed and will eventually
stop listening for new connections.

The only fix I know at the moment is to restart opensmtpd.

My first attempt to mitigate this problem was to use timeout to see if "telnet 
mail 25" responded.
If I didn't get the 2220 mail.thinkage.ca ESMTP OpenSMTPD. I knew it was time 
to restart smtpd

When I was doing this I did miss the timeout command that linux has 
(https://www.gnu.org/software/coreutils/manual/html_node/timeout-invocation.html)

But knowing that it was the total number of stream that were open that cause 
the problem enabled a simple solution.
I used the following shell script under a nohup

#ksh
while true ;do
  p=`pgrep -f "smtpd: pony express"`
  i=`fstat -p $p |grep -c " stream "`
  m=""
  if test  $i -ge 100 ; then
 /etc/rc.d/smtpd restart
 m=restarted
  fi
  logger smtpd - pony express streams $i $m
  sleep 600
done

all the smtpd processes seem to leave extra streams open. 
"pony express" seems to leave the most open.

This generates output in /var/log/messages on my system and you can see how the 
number streams build.

Since I have running this I have not had a problem will smtpd hanging, although 
I recognize that it is crude work around

Jun 12 12:25:30 gateway root: smtpd - pony express streams 23
Jun 12 12:35:32 gateway root: smtpd - pony express streams 25
Jun 12 12:45:33 gateway root: smtpd - pony express streams 26
Jun 12 12:55:33 gateway root: smtpd - pony express streams 25
Jun 12 13:05:33 gateway root: smtpd - pony express streams 25
Jun 12 13:15:33 gateway root: smtpd - pony express streams 27
Jun 12 13:25:33 gateway root: smtpd - pony express streams 29
Jun 12 13:35:33 gateway root: smtpd - pony express streams 29
Jun 12 13:45:33 gateway root: smtpd - pony express streams 31
Jun 12 13:55:33 gateway root: smtpd - pony express streams 33
Jun 12 14:05:33 gateway root: smtpd - pony express streams 34
Jun 12 14:15:33 gateway root: smtpd - pony express streams 33
Jun 12 14:25:33 gateway root: smtpd - pony express streams 33
Jun 12 14:35:33 gateway root: smtpd - pony express streams 33
Jun 12 14:45:33 gateway root: smtpd - pony express streams 33
Jun 12 14:55:33 gateway root: smtpd - pony express streams 33
Jun 12 15:05:33 gateway root: smtpd - pony express streams 33
Jun 12 15:15:33 gateway root: smtpd - pony express streams 37
Jun 12 15:25:33 gateway root: smtpd - pony express streams 43
Jun 12 15:35:33 gateway root: smtpd - pony express streams 43
Jun 12 15:45:33 gateway root: smtpd - pony express streams 44
Jun 12 15:55:33 gateway root: smtpd - pony express streams 43
Jun 12 16:05:33 gateway root: smtpd - pony express streams 43
Jun 12 16:15:33 gateway root: smtpd - pony express streams 43
Jun 12 16:25:33 gateway root: smtpd - pony express streams 43
Jun 12 16:35:33 gateway root: smtpd - pony express streams 49
Jun 12 16:45:34 gateway root: smtpd - pony express streams 49
Jun 12 16:55:34 gateway root: smtpd - pony express streams 49
Jun 12 17:05:34 gateway root: smtpd - pony express streams 51
Jun 12 17:15:34 gateway root: smtpd - pony express streams 51
Jun 12 17:25:34 gateway root: smtpd - pony express streams 51
Jun 12 17:35:34 gateway root: smtpd - pony express streams 51
Jun 12 17:45:34 gateway root: smtpd - pony express streams 54
Jun 12 17:55:34 gateway root: smtpd - pony express streams 53
Jun 12 18:05:34 gateway root: smtpd - pony express streams 53
Jun 12 18:15:34 gateway root: smtpd - pony express streams 53
Jun 12 18:25:34 gateway root: smtpd - pony express streams 53
Jun 12 18:35:34 gateway root: smtpd - pony express streams 53
Jun 12 18:45:34 gateway root: smtpd - pony express streams 53
Jun 12 18:55:34 gateway root: smtpd - pony express streams 53
Jun 12 19:05:34 gateway root: smtpd - pony express streams 53
Jun 12 19:15:34 gateway root: smtpd - pony express streams 55
Jun 12 19:25:34 gateway root: smtpd - pony express streams 55
Jun 12 19:35:34 gateway root: smtpd - pony express streams 55
Jun 12 19:45:34 gateway root: smtpd - pony express streams 55
Jun 12 19:55:34 gateway root: smtpd - pony express streams 56
Jun 12 20:05:34 gateway root: smtpd - pony express streams 56
Jun 12 20:15:34 gateway root: smtpd - pony express streams 55
Jun 12 20:25:35 gateway root: smtpd - pony express streams 55
Jun 12 20:35:35 gateway root: smtpd - pony express streams 57
Jun 12 20:45:35 gateway root: smtpd - pony express streams 58
Jun 12 20:55:35 gateway root: smtpd - pony express streams 57
Jun 12 21:05:35 gateway root: smtpd - pony express streams 57
Jun 12 21:15:35 gateway root: smtpd - pony express streams 57
Jun 12 21:25:35 gateway root: smtpd - pony express streams 57
Jun 12 21:35:35 gateway root: smtpd - pony express streams 57
Jun 12 21:45:35 gateway root: smtpd - pony express streams 57
Jun 12 21:55:35 gateway root: smtpd - pony express streams 60
Jun 12 22:05:35 gateway root: smtpd - pony express streams 

re: smtpd and syslog

[Peter Fraser]

Trying to find a problem with smtpd used rcctl  change the standard 
configuration to


rcctl get smtpd
smtpd_class=daemon
smtpd_flags=-T all -v
smtpd_timeout=30
smtpd_user=root


and restarted smtpd

I expected more detailed logging to occur in maillog

There did not appear to be any extra messages in maillog.

But

in /var/log/messages the following appeared

Jun 10 13:41:45 gateway sendsyslog: dropped 10 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 2 messages, error 55
Jun 10 13:41:45 gateway sendsyslog: dropped 1 message, error 55
Jun 10 13:41:45 gateway last message repeated 4 times

and continues at about the same rate until smtpd is stopped and the flags reset

further details I was actually running
opensmtpd-201606062303p1 with  opensmtpd-extras-201606062304

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

RE: smptd stops listing to external interfaces.

[Peter Fraser]

I came in the morning a smtpd was again not listing on the external interfaces.

opensmtpd-5.9.2  and opensmtpd-extras-20160523220

other information

# smtpctl monitor
--- client ---  -- envelope --    relay/delivery --- --- misc ---
curr conn disc  curr  enq  deq   ok tmpfail prmfail loop expire remove bounce
 492 1815 1323 8  562  554  533  83  210  0  0 14
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0
 49200 8000   0   00  0  0  0

smtpctl show stats
bounce.envelope=0
bounce.message=0
bounce.session=0
control.session=1
mta.connector=0
mta.domain=0
mta.envelope=0
mta.host=0
mta.relay=0
mta.route=0
mta.session=0
mta.source=0
mta.task=0
mta.task.running=0
queue.bounce=14
queue.evpcache.load.hit=1274
queue.evpcache.size=49
queue.evpcache.update.hit=88
scheduler.delivery.ok=533
scheduler.delivery.permfail=21
scheduler.delivery.tempfail=83
scheduler.envelope=8
scheduler.envelope.incoming=41
scheduler.envelope.inflight=0
scheduler.ramqueue.envelope=49
scheduler.ramqueue.message=49
scheduler.ramqueue.update=41
smtp.session=492
smtp.session.inet4=1798
smtp.session.local=17
uptime=72412
uptime.human=20h6m52s

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

RE: smtpd wish list: ability to control error messages

[Peter Fraser]

I just went through https://www.opensmtpd.org/

there is nothing I can find linked to the page 
https://www.opensmtpd.org/report.html
which I found knowing it was there from your message.

The only comment directly linked to https://www.opensmtpd.org/
I could find about bugs is in https://www.opensmtpd.org/list.html
which refers to emailing b...@opensmtpd.org<mailto:b...@opensmtpd.org>

I don’t mind following instructions but it would be nice to be able to find the 
instructions.

As for the ability to control error messages. I did look, I also relooked after 
I install the 2.9.5
and I looked in https://github.com/OpenSMTPD/OpenSMTPD/labels/feature%20request
and found nothing similar.






From: Gilles Chehade [mailto:gil...@poolp.org]
Sent: Thursday, May 26, 2016 2:37 PM
To: Peter Fraser <p...@thinkage.ca>
Cc: misc <misc@opensmtpd.org>
Subject: Re: smtpd wish list: ability to control error messages


This is not how feature requests work.

First you want to make sure the feature does not exist. Hint: you didn't do 
that.

Then you open a ticket on our bug tracker and tag it with "feature request".

Gilles

smtpd wish list: filer-regex

[Peter Fraser]

with send mail I used milter-regex which had the ability to do 'and' test which 
I miss in filter-regex

for example (checking if a mail message actually came from bank it said it did.

reject "Looks like you are phishing"
connect /rbc\.com$/ni /./ and envfrom /@rbc\.com/i

I also used it when someone working here a stalker

reject "cannot accept email from you"
envfrom /stalker@gmail\.com/i  & envrcpt /stal...@thinkage.ca/



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

smtpd wish list: ability to control error messages

[Peter Fraser]

In sendmail's virtualusertable you could use the following 

bob.sm...@charity.org   error:5.1.1:553 " Bob Smith has retired if you wish to 
contact Bob personally please mail bob.sm...@gmail.com, otherwise please mail 
donati...@charity.org"

or

@thinkage.on.ca error:5.1.1:553 " Please use thinkage.ca not thinkage.on.ca"

I found this a useful feature when people move or organizations changed their 
names.

It would be nice if smtpd had a similar functionality.

If it is added a I suggest that it should be added option to the reject command 
so you can

reject from any for domain thinkage.on.ca error " Please use thinkage.ca not 
thinkage.on.ca"

or 

reject from any for any error 

where  is a table mapping rcpt email addresses to an error message, 
and would only reject if it found a match in the 

The sendmail's virtualusertable allowed you to specify the error number, but I 
don't know when you would want to change it from invalid recipient

Note: also such a mapping would also make sense on the receive side in that 
case the from address matched,  for example:

reject from any error  to any



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

FW: smptd stops listing to external interfaces.

[Peter Fraser]

whoops I mistyped OpenBSD 5.9

-Original Message-
From: Peter Fraser [mailto:p...@thinkage.ca] 
Sent: Wednesday, May 25, 2016 2:16 PM
To: misc@opensmtpd.org
Subject: smptd stops listing to external interfaces.

OpenBSD 5.8 i386 

smtpd with smtpd.conf as shown below
will run quite happy for several days at times, or just several hours, the it 
seems to stop listening on the external interfaces. Message can still be sent 
using the local interfaces. Even if the daemon is left for several hours it 
does not  fix it self.

Stopping the daemon and restarting clears the problem.

Restarting the Microsoft exchange servers that the mail is being relayed to 
seems to increase the likelihood that the problem will occur.

Any hint on how to track down what is causing the problem and how to fix it?


thinkageLan = "192.102.11.0/24"
ksmartLan   = "205.189.88.112/28"
webLan  = "205.189.88.32/27"
skyLan  = "205.189.88.128/25"

table aliases   file:/etc/mail/aliases
table insideComputers   { $thinkageLan, $ksmartLan, $webLan, $skyLan }

table ksmartDomains { ksmart.ca, structsure.ca }
table ksmartComputers   { $ksmartLan }
table ksmartUsers   file:/etc/mail/ksmartusers
table ksmartMappingsfile:/etc/mail/ksmartmap 


table thinkageComputers { $thinkageLan }
table thinkageUsers file:/etc/mail/thinkageusers
table thinkageDomains   { thinkage.ca, thinkage.com, mainboss.com, 
papertrail.ca, windview.ca, dealers.ca, bigblackpig.com  }
table thinkageMappings  file:/etc/mail/thinkagemap

max-message-size 1g

filter pause pause
filter regex regex
filter dnsbl-sorbs dnsbl
filter dnsbl-spamcop dnsbl "-h bl.spamcop.net"
filter dnsbl-spamhaus dnsbl "-h sbl-xbl.spamhaus.org"
filter clamav clamav
filter all  chain pause regex dnsbl-sorbs dnsbl-spamcop dnsbl-spamhaus 
clamav
filter internal chain dnsbl-sorbs dnsbl-spamcop dnsbl-spamhaus 
clamav

pki mail.thinkage.ca certificate "/etc/ssl/mail.thinkage.ca.crt"
pki mail.thinkage.ca key "/etc/ssl/private/mail.thinkage.ca.key"

listen on Inside  filter internal
listen on Outside filter all
listen on 127.0.0.1 

reject from any for domain ksmart.on.ca
accept from any for domain mail.thinkage.ca alias  deliver to mbox 
accept from any for domain gateway.thinkage.ca alias  deliver to mbox

accept from   sourcefor any relay as "@ksmart.ca"
accept from any for any recipient  relay via 
"smtp://router.ksmart.on.ca"
accept from any for domain  virtual  forward-only

accept from   sourcefor any relay as "@thinkage.ca"
accept from any for any recipient  relay via 
"smtp://exchange.thinkage.ca"
accept from any for domain  virtual  
forward-only

accept from local for any relay


--
You received this mail because you are subscribed to misc@opensmtpd.org To 
unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

smptd stops listing to external interfaces.

[Peter Fraser]

OpenBSD 5.8 i386 

smtpd with smtpd.conf as shown below
will run quite happy for several days at times, or just several hours, the it 
seems to stop listening on the 
external interfaces. Message can still be sent using the local interfaces. Even 
if the daemon is left
for several hours it does not  fix it self.

Stopping the daemon and restarting clears the problem.

Restarting the Microsoft exchange servers that the mail is being relayed to 
seems
to increase the likelihood that the problem will occur.

Any hint on how to track down what is causing the problem and how to fix it?


thinkageLan = "192.102.11.0/24"
ksmartLan   = "205.189.88.112/28"
webLan  = "205.189.88.32/27"
skyLan  = "205.189.88.128/25"

table aliases   file:/etc/mail/aliases
table insideComputers   { $thinkageLan, $ksmartLan, $webLan, $skyLan }

table ksmartDomains { ksmart.ca, structsure.ca }
table ksmartComputers   { $ksmartLan }
table ksmartUsers   file:/etc/mail/ksmartusers
table ksmartMappingsfile:/etc/mail/ksmartmap 


table thinkageComputers { $thinkageLan }
table thinkageUsers file:/etc/mail/thinkageusers
table thinkageDomains   { thinkage.ca, thinkage.com, mainboss.com, 
papertrail.ca, windview.ca, dealers.ca, bigblackpig.com  }
table thinkageMappings  file:/etc/mail/thinkagemap

max-message-size 1g

filter pause pause
filter regex regex
filter dnsbl-sorbs dnsbl
filter dnsbl-spamcop dnsbl "-h bl.spamcop.net"
filter dnsbl-spamhaus dnsbl "-h sbl-xbl.spamhaus.org"
filter clamav clamav
filter all  chain pause regex dnsbl-sorbs dnsbl-spamcop dnsbl-spamhaus 
clamav
filter internal chain dnsbl-sorbs dnsbl-spamcop dnsbl-spamhaus 
clamav

pki mail.thinkage.ca certificate "/etc/ssl/mail.thinkage.ca.crt"
pki mail.thinkage.ca key "/etc/ssl/private/mail.thinkage.ca.key"

listen on Inside  filter internal
listen on Outside filter all
listen on 127.0.0.1 

reject from any for domain ksmart.on.ca
accept from any for domain mail.thinkage.ca alias  deliver to mbox
accept from any for domain gateway.thinkage.ca alias  deliver to mbox

accept from   sourcefor any relay as "@ksmart.ca"
accept from any for any recipient  relay via 
"smtp://router.ksmart.on.ca"
accept from any for domain  virtual  forward-only

accept from   sourcefor any relay as "@thinkage.ca"
accept from any for any recipient  relay via 
"smtp://exchange.thinkage.ca"
accept from any for domain  virtual  
forward-only

accept from local for any relay


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

warn: Disabling incoming SMTP connections: Client limit reached

[Peter Fraser]

I put a new smtpd live, and everything was going fine until there was the 
message:

warn: Disabling incoming SMTP connections: Client limit reached

After that there were no more message in /var/log/maillog, and no mail was 
moving
Someone else restarted smtpd, and everything started to flow properly.

Before the event occurred there were a large number of sessions rejected with 
=> 554 5.7.1 Address in DNSBL

I am sorry that I have no better debugging information, 
but does anyone have any idea what could be causing the problem,
and how I can work around it, if is going to happen again.



 


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

RE: Message is not RFC 2822 compliant

[Peter Fraser]

All that is needed is blank line


DATA

Content
.


From: Gilles Chehade [mailto:gil...@poolp.org]
Sent: Sunday, May 8, 2016 3:05 PM
To: Peter Fraser <p...@thinkage.ca>
Cc: misc <misc@opensmtpd.org>; Joerg Jung <m...@umaxx.net>
Subject: RE: Message is not RFC 2822 compliant


Subject is not required, a header separation line is and the following would 
work fine:

DATA
Foo: bar

Content
.

RE: virtual user and forwarding

[Peter Fraser]

My confusions are several,

I believe I misunderstood how "virtual" worked, and I don't think the man pages 
helped.
  I started out with the believe that "virtual" would map the sender email 
address  in the process of relaying
  I now believe that "virtual" maps the senders email address, then 
immediately behaves as if it was a new
  email send from the local system.

As a result of this misunderstanding I spent several days trying to get past 
the syntax error described below.

Not expecting the mapped email to be resubmitted as if it was local, I had no 
rules to forward local messages.
As a result you just end up with the message "command failed: 550 Invalid 
recipient". It took me a while
to realize that smtpctl could add some extra tracing information, nor does the 
man page on OpenBSD  5.9 for smtpd 
mention the "-T" option for additional tracing information

on OpenBSD

Also the man page says that

forward-only
Mail is accepted for local recipients ONLY if it is
redirected to an external address via an alias or a
~/.forward file.

what "forward-only" appears to be do is only accepting emails that have an 
entry in "virtual" table.
It does not have to be an external address.
And because of the resubmission described above a "accept" with a 
"forward-only" will actually never
accept any messages, but will resolve them to their final destination and 
reprocess them.
Which is what I actually wanted.

Part of my testing I had a ~/.forward that was owned by root. That was my 
mistake. The mail then failed
but the problem was very had to diagnose. You get the message " 550 Invalid 
recipient". And there is nothing
In the smtpd trace saying why the recipient is invalid.

On last thing the "man table" describes the "aliasing tables" without  the use 
of ":" but the supplied /etc/mail/alias
does have ":"'s. I assume that alias work with or with the use of ":"

-Original Message-
From: Marcus MERIGHI [mailto:mcmer-opensm...@tor.at] 
Sent: Saturday, May 7, 2016 2:56 AM
To: Peter Fraser <p...@thinkage.ca>
Cc: misc@opensmtpd.org
Subject: Re: virtual user and forwarding

p...@thinkage.ca (Peter Fraser), 2016.05.05 (Thu) 19:46 (CEST):
> My scenario:
> 
> I have a OpenBSD  processing email for several domains, doing virus 
> scanning, and spam processing.  The OpenBSD system was running 
> sendmail and I would like to convert it to smtpd
> 
> All the incoming email is then forwarded on to one of two Microsoft 
> Exchange servers,  depending upon the destination email address.
> 
> Several email incoming email address a mapped to a smaller number of 
> target email addresses.
> 
> I have included a small  test example of what I naively thought the 
> smtpd.conf should look like.  The example a simple configuration for 
> outgoing email, and only tries to deal with one exchange server.
> 
> listen on all thinkageLan = "192.102.11.0/24" ksmartLan   =
> "205.189.88.110/28"
> 
> table thinkageComputers { $thinkageLan } 
> table thinkageUsers { p...@thinkage.ca, supp...@thinkage.ca } table 
> thinkageDomains { thinkage.ca, thinkage.com, mainboss.com } table 
> thinkageVirtualMapping { i...@thinkage.ca=supp...@thinkage.ca,
> i...@mainboss.com=supp...@thinkage.ca }
> 
> accept from source  for any virtual 
>  recipient  relay via 
> "smtp://exchange.thinkage.ca"
> 
> This configuration file generates.
> 
> /etc/mail/smtpd.conf:11: syntax error
> 
> after a lot of playing around I managed to figure out the syntax 
> according to the man page is correct but actually is a statement that 
> "virtual" cannot be used the "relay via".
> 
> I have tried various approaches to implement the effect I want, but so 
> far no are satisfactory.  I am wonder what is the best method to 
> create a working configuration.

Why doas your forwarding-only smtpd need to know about any address-to-user 
mapping? It just needs to know for which addresses to relay (and for which 
not). "recipients" is enough for that, isn't it?

Apart from that, this smtpd.conf(8) statement makes me think your accept line 
does something different than you think it does:

for any virtual 
Make the rule match regardless of the domain it is sent to.  
The vmap table will be used as the virtual domain mapping.
   ^^

Is this a documentation bug? Shouldn't it say:
"The vmap table will be used as the virtual user mapping"
instead of:
"The vmap table will be used as the virtual domain mapping"

Bye, Marcus

> !DSPAM:572b872e37301759011372!

--
You received this mail because you are subscribed to misc@opensmtpd.org To 
unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

RE: Message is not RFC 2822 compliant

[Peter Fraser]

It worked when I added the SUBJECT: and a blank line.

but from https://www.ietf.org/rfc/rfc2822.txt
3.6. Field definitions
The only required header fields are the origination date field and
   the originator address field(s).  All other header fields are
   syntactically optional

why is a subject necessary, and particularly why is it saying the message I was 
trying to send  is not RFC 2822 compliant


-Original Message-
From: Joerg Jung [mailto:m...@umaxx.net] 
Sent: Sunday, May 8, 2016 2:51 PM
To: Peter Fraser <p...@thinkage.ca>
Cc: misc@opensmtpd.org
Subject: Re: Message is not RFC 2822 compliant

On Sun, May 08, 2016 at 06:44:40PM +, Peter Fraser wrote:
> Testing out OpenSMTP on a test system appropriately call test I am 
> have a problem testing a message submitting from external system (the 
> sys is on the same lan)
> 
> The tested  smtpd.conf
> 
> 
> listen on all
> table aliasesfile:/etc/mail/aliases
> accept from any for domain test.thinkage.ca alias  deliver to 
> mbox
> 
> using that smtpd.conf on the system test
> 
> 
> test:/var/spool/smtpd # echo hi there  |sendmail -v 
> p...@test.thinkage.ca echo hi there  |sendmail -v p...@test.thinkage.ca 
> <<< 220 test.thinkage.ca ESMTP OpenSMTPD
> >>> EHLO localhost
> <<< 250-test.thinkage.ca Hello localhost [local], pleased to meet you 
> <<< 250-8BITMIME <<< 250-ENHANCEDSTATUSCODES <<< 250-SIZE 36700160 <<< 
> 250 HELP
> >>> MAIL FROM:<p...@test.thinkage.ca>
> <<< 250 2.0.0: Ok
> >>> RCPT TO:<p...@test.thinkage.ca>
> <<< 250 2.1.5 Destination address valid: Recipient ok
> >>> DATA
> <<< 354 Enter mail, end with "." on a line by itself
> >>> .
> <<< 250 2.0.0: c8300cf0 Message accepted for delivery
> >>> QUIT
> <<< 221 2.0.0: Bye
> 
> which works fine but
> 
> using telnet (from a windows 10 system) I get the following
> 
> telnet test.thinkage.ca 25
> 220 test.thinkage.ca ESMTP OpenSMTPD
> EHLO whoops.thinkage.ca
> 250-test.thinkage.ca Hello whoops.thinkage.ca [192.102.11.49], pleased 
> to meet you 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-SIZE 36700160 
> 250-DSN
> 250 HELP
> MAIL FROM:<p...@thinkage.ca>
> 250 2.0.0: Ok
> RCPT TO:<p...@test.thinkage.ca>
> 250 2.1.5 Destination address valid: Recipient ok data
> 354 Enter mail, end with "." on a line by itself test data .
> 550 5.7.1 Delivery not authorized, message refused: Message is not RFC 
> 2822 compliant
> 
> I realize that I am doing something stupid but what is it?

try adding Subject: line after data followed by an empty newline followed by 
your test data
 
> 
> --
> You received this mail because you are subscribed to 
> misc@opensmtpd.org To unsubscribe, send a mail to: 
> misc+unsubscr...@opensmtpd.org
> 

--
You received this mail because you are subscribed to misc@opensmtpd.org To 
unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Message is not RFC 2822 compliant

[Peter Fraser]

Testing out OpenSMTP on a test system appropriately call test
I am have a problem testing a message submitting from external system
(the sys is on the same lan)

The tested  smtpd.conf 


listen on all
table aliasesfile:/etc/mail/aliases
accept from any for domain test.thinkage.ca alias  deliver to mbox

using that smtpd.conf on the system test


test:/var/spool/smtpd # echo hi there  |sendmail -v p...@test.thinkage.ca
echo hi there  |sendmail -v p...@test.thinkage.ca
<<< 220 test.thinkage.ca ESMTP OpenSMTPD
>>> EHLO localhost
<<< 250-test.thinkage.ca Hello localhost [local], pleased to meet you
<<< 250-8BITMIME
<<< 250-ENHANCEDSTATUSCODES
<<< 250-SIZE 36700160
<<< 250 HELP
>>> MAIL FROM:  
<<< 250 2.0.0: Ok
>>> RCPT TO: 
<<< 250 2.1.5 Destination address valid: Recipient ok
>>> DATA
<<< 354 Enter mail, end with "." on a line by itself
>>> .
<<< 250 2.0.0: c8300cf0 Message accepted for delivery
>>> QUIT
<<< 221 2.0.0: Bye

which works fine but

using telnet (from a windows 10 system) I get the following

telnet test.thinkage.ca 25
220 test.thinkage.ca ESMTP OpenSMTPD
EHLO whoops.thinkage.ca
250-test.thinkage.ca Hello whoops.thinkage.ca [192.102.11.49], pleased to meet 
you
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-SIZE 36700160
250-DSN
250 HELP
MAIL FROM:
250 2.0.0: Ok
RCPT TO:
250 2.1.5 Destination address valid: Recipient ok
data
354 Enter mail, end with "." on a line by itself
test data
.
550 5.7.1 Delivery not authorized, message refused: Message is not RFC 2822 
compliant

I realize that I am doing something stupid but what is it?


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

virtual user and forwarding

[Peter Fraser]

My scenario:

I have a OpenBSD  processing email for several domains, doing virus scanning, 
and spam processing.
The OpenBSD system was running sendmail and I would like to convert it to smtpd

All the incoming email is then forwarded on to one of two Microsoft Exchange 
servers,  depending upon
the destination email address.

Several email incoming email address a mapped to a smaller number of target 
email addresses.

I have included a small  test example of what I naively thought the smtpd.conf 
should look like.
The example a simple configuration for outgoing email, and only tries to deal 
with one
exchange server.

listen on all
thinkageLan = "192.102.11.0/24"
ksmartLan   = "205.189.88.110/28"

table thinkageComputers { $thinkageLan }
table thinkageUsers { p...@thinkage.ca, supp...@thinkage.ca 
}
table thinkageDomains   { thinkage.ca, thinkage.com, mainboss.com }
table thinkageVirtualMapping { i...@thinkage.ca=supp...@thinkage.ca, 
i...@mainboss.com=supp...@thinkage.ca }

accept from source  for any virtual  
recipient  relay via "smtp://exchange.thinkage.ca"

This configuration file generates.

/etc/mail/smtpd.conf:11: syntax error

after a lot of playing around I managed to figure out the syntax according to 
the man page is correct but actually is a statement that 
"virtual" cannot be used the "relay via".

I have tried various approaches to implement the effect I want, but so far no 
are satisfactory.
I am wonder what is the best method to create a working configuration.



--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org