CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2024/06/09 04:13:05 Modified files: usr.sbin/smtpd : lka.c smtpd-api.h smtpd-tables.7 table.c Log message: introduce a new K_AUTH service to allow offloading the credentials to a table for non-crypt(3) authentication. tables configured with auth that support K_AUTH are asked to check if a user and passwd are valid rather than asked to provide the password for a user so smtpd does crypt(3) on its side. helps with cases like ldap or custom auth. ok op@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2024/02/19 14:00:19 Modified files: usr.sbin/smtpd : parse.y Log message: no need to be as strict with table formats on various match constraints, this prevents the reuse of T_HASH tables in T_LIST contexts when the key column actually makes sense by itself. diff from Philipp (philipp+openbsd [at] bureaucracy [dot] de)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2024/02/02 16:33:42 Modified files: usr.sbin/smtpd : lka_session.c Log message: when an alternate delivery user is provided in a dispatcher, do not process any recipient .forward file except that of the alternate delivery user. ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2024/02/02 15:02:12 Modified files: usr.sbin/smtpd : lka_session.c smtpd.c smtpd.h Log message: there's no good reason to allow smtpd to execute custom command set by root in a .forward file so disallow custom commands and file reading, only allow setting forward addresses and users. as root is no longer allowed to run any MDA but mbox, we can be stricter on the setup of the MDA process and refuse to exec anything that's not an mbox dispatcher. tested by op@ who edited a root envelope to simulate an exploit injecting a custom command in a root envelope, smtpd refused to exec. ok millert@ and op@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/02/03 08:53:52 Modified files: usr.sbin/smtpd : mta_session.c smtp_session.c Log message: ORCPT addresses are prefixed with an address type, the stricter check cause the prefix to be rejected as it contains a character not allowed in address reported by Scott Vanderbilt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/02/03 08:41:22 Modified files: usr.sbin/smtpd : mda_mbox.c parse.y smtpd.c smtpd.h Log message: now that mail.local(8) relies on lockspool(1) for mailbox locking, have the mailbox created by smtpd for mbox before privileges are dropped then we can call mail.local(8) with the recipient privileges. ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/02/02 15:13:48 Modified files: usr.sbin/smtpd : mail.lmtp.c mda_unpriv.c parse.y Log message: add SENDER to mda environment and teach lmtp to use that instead of command line parameter. this allows simplifying lmtp command line and it would have prevented the unpriv command exec for LMTP in recent advisory. ok millert@ and jung@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/02/01 08:33:46 Modified files: usr.sbin/smtpd : smtp_session.c Log message: be much stricter about ORCPT, it isn't in the code path of local delivery and doesn't have an associated context variable, but let's be paranoid. ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/02/01 05:54:38 Modified files: usr.sbin/smtpd : smtpd.c Log message: condition to enter mda_mbox() is too strict, if user have commands in their forward file they're not supposed to enter that code path.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/31 15:01:20 Modified files: usr.sbin/smtpd : parse.y smtpd-defines.h smtpd.c smtpd.h usr.sbin/smtpd/smtpd: Makefile Added files: usr.sbin/smtpd : mda_mbox.c Log message: introduce mda_mbox() to handle mbox delivery in its own code path, and make it use execle() since we know all parameters and don't need command line to be parsed. ok millert@ and jung@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2020/01/31 03:01:02 Modified files: opensmtpd : security.html Log message: new grammar was introduced with 6.4.0, not 6.0.0
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2020/01/29 14:43:06 Modified files: opensmtpd : security.html Log message: update security.html page of opensmtpd.org to reflect last advisory
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2020/01/28 15:02:38 Modified files: opensmtpd : index.html Log message: OpenSMTPD 6.6.2 released to address vulnerability discovered by Qualys
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/28 14:39:20 Modified files: usr.sbin/smtpd : Tag: OPENBSD_6_6 smtp_session.c Log message: this is errata 6.6/019_smtpd_exec.patch.sig
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/28 14:38:28 Modified files: usr.sbin/smtpd : Tag: OPENBSD_6_5 smtp_session.c Log message: this is errata 6.5/030_smtpd_exec.patch.sig
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/28 14:37:29 Modified files: usr.sbin/smtpd : Tag: OPENBSD_6_6 mta_session.c Log message: this is errata 6.6/018_smtpd_tls.patch.sig
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/28 14:36:28 Modified files: usr.sbin/smtpd : Tag: OPENBSD_6_5 mta_session.c Log message: this is errata 6.5/029_smtpd_tls.patch.sig
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/28 14:35:00 Modified files: usr.sbin/smtpd : smtp_session.c Log message: Fix a security vulnerability discovered by Qualys which can lead to a privileges escalation on mbox deliveries and unprivileged code execution on lmtp deliveries, due to a logic issue causing a sanity check to be missed. ok eric@, millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/20 03:18:20 Modified files: usr.sbin/smtpd : mta_session.c Log message: opportunistic tls downgrade logic is more complex than it should and can in some cases lead to a sanity check fatal() being hit. rework the logic so it is simpler and makes the sanity check fatal() unreachable. ok eric@ millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 18:41:11 Modified files: usr.sbin/smtpd : lka_filter.c parse.y smtpd.conf.5 smtpd.h Log message: allow using the session username in builtin filters when available
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 17:33:29 Modified files: usr.sbin/smtpd : lka_filter.c Log message: enable builtin filtering for commit phase
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 17:30:44 Modified files: usr.sbin/smtpd : lka_filter.c Log message: emable builtin filtering for phase DATA, no idea why we didn't earlier as the grammar allowed it and the code was already there.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 17:05:38 Modified files: usr.sbin/smtpd : mta_session.c smtp_session.c Log message: reorder reporting events so they are triggered _after_ protocol-server events. this ensures that both smtp-in and smtp-out receive the events in the same order.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 16:09:02 Modified files: usr.sbin/smtpd : mta_session.c Log message: generate tx-envelope before tx-rcpt like for smtp-in
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 16:03:37 Modified files: usr.sbin/smtpd : mta_session.c report_smtp.c smtp_session.c Log message: fix reporting of tx-mail and tx-rcpt for smtp-out
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/07 15:39:02 Modified files: usr.sbin/smtpd : mta_session.c Log message: generate link-auth reporting event for outgoing sessions
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/06 06:42:42 Modified files: usr.sbin/smtpd : smtpd-filters.7 Log message: make it more explicit that filters are unique processes
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/06 04:03:06 Modified files: usr.sbin/smtpd : smtpctl.c Log message: do not allow passing options to smtpctl encrypt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/06 04:02:38 Modified files: usr.sbin/smtpd : parser.c Log message: provide a better error message for invalid smtpctl commands
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2020/01/06 02:05:33 Modified files: . : mail.html Log message: m...@opensmtpd.org is not handled by majordomo, add link to instructions
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2020/01/03 15:01:29 Modified files: usr.sbin/smtpd : smtp_session.c Log message: upon return of authentication we log the username and generate an smtp-in report for the authentication result, however we use a buffer that is too small and usernames from virtual accounts may get truncated in logs. reported by Bjorn Kalkbrenner
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 10:43:49 Modified files: usr.sbin/smtpd : mta_session.c Log message: upon connect to remote host extract hostname from banner when possible then generate link-greeting smtp-out report event
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 04:47:34 Modified files: usr.sbin/smtpd : lka_filter.c Log message: if a filter was attached to a relay action in config, notify instance that it can register smtp-out events
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 04:07:38 Modified files: usr.sbin/smtpd : lka_filter.c mta_session.c parse.y Log message: start bringing smtp-out reporting code, lacks some events still
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 03:40:20 Modified files: usr.sbin/smtpd : smtpd.h Log message: add FILTER_SUBSYSTEM_SMTP_OUT to filter_subsystem enum and add filter name to struct dispatcher_remote, this will reduce the smtp-out reporting diff
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 03:34:07 Modified files: usr.sbin/smtpd : mta.c Log message: keep track of the relay action in relays, will be used for smtp-out reporting
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 03:34:33 Modified files: usr.sbin/smtpd : mta_session.c Log message: keep track of DATA length in mta_session, will be needed for smtp-out reporting
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 03:23:37 Modified files: usr.sbin/smtpd : lka.c lka_filter.c smtp_session.c smtpd.h Log message: do not pass rdns, fcrdns, ss_src and ss_dest with IMSG_FILTER_SMTP_BEGIN, but gather the information from the link-connect reporting event instead. this removes redundant code and makes it easier to prepare for smtp-out.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/21 00:16:02 Modified files: usr.sbin/smtpd : smtp_session.c Log message: do not generate smtp reports for unfiltered sessions, the events will be discarded in lookup process anyways and this goes in the way of smtp-out work
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/18 03:00:39 Modified files: usr.sbin/smtpd : config.c parse.y smtpd.c smtpd.h Log message: give a better name to a couple functions and struct fields related to filters, no functional change
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/18 00:57:52 Modified files: usr.sbin/smtpd : lka.c mta.c parse.y smtpd.conf.5 smtpd.h Log message: teach relay action how to do domain-based relay host, this allows declaring a single relay action with a mapping of relay hosts per domain. ok eric@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/14 10:12:44 Modified files: usr.sbin/smtpd : mail.mboxfile.c Log message: failing fsync() with EINVAL should not cause a TempFail in mboxfile, it means the file was most likely a device not supporting fsync() so we can't do much and retrying isn't going to help.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/14 09:24:52 Modified files: usr.sbin/smtpd : lka_filter.c parse.y smtpd.conf.5 smtpd.h Log message: introduce a bypass keyword so that builtin filters can bypass processing of a phase when a condition is met suggested by several people including jung@, ok jung@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/13 12:58:59 Modified files: usr.sbin/smtpd : smtpd.conf.5 Log message: fix DKIM example mistake spotted by jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/13 11:13:08 Modified files: usr.sbin/smtpd : smtpd-filters.7 Log message: occuring -> occurring spotted by jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/13 06:21:24 Modified files: usr.sbin/smtpd : spfwalk.c Log message: add support for CIDR in a: spf atoms diff from Quentin Rameau
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/13 05:48:05 Removed files: usr.sbin/smtpd : lka_proc.c Log message: file no longer exists
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/13 05:43:56 Modified files: usr.sbin/smtpd : lka_filter.c usr.sbin/smtpd/smtpd: Makefile Log message: lka_proc.c had common code to fork a proc filter for lka_filter.c and lka_report.c, but now that lka_filter.c encompasses all the filter API, we might as well merge lka_proc.c and its handful of functions in it.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/13 01:14:51 Modified files: usr.sbin/smtpd : smtpd.c Log message: add IMSG_REPORT_SMTP_LINK_GREETING, IMSG_REPORT_SMTP_LINK_IDENTIFY and IMSG_REPORT_SMTP_LINK_AUTH to imsg_to_str()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/12 17:31:20 Modified files: usr.sbin/smtpd : smtpd.conf.5 Log message: update examples, document that DKIM signing may be achieved through the opensmtpd-filter-dkimsign and opensmtpd-filter-rspamd packages without the queue reinjection trick used for dkimproxy.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/12 15:10:47 Modified files: usr.sbin/smtpd : lka.c lka_proc.c parse.y smtpd-filters.7 smtpd.c smtpd.h Log message: filter protocol has an initial handshake within which smtpd tells filters about a few global configuration informations. this makes smtpd tell proc filters for which subsystem they are registered allowing them to register only events that are relevant.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/12 13:49:06 Removed files: usr.sbin/smtpd : lka_report.c Log message: remove file, code was moved to a different file
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/12 13:47:39 Modified files: usr.sbin/smtpd : lka_filter.c usr.sbin/smtpd/smtpd: Makefile Log message: move the lka_report.c code into lka_filter.c, they were originally split as the reporting API came first but in the end, filters rely on reporting then reporting requires a proc filter, so they're just two pieces of a same API.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/12 07:36:59 Added files: usr.sbin/smtpd : smtpd-filters.7 Log message: start documenting the proc filter API, this is a work in progress, not installed yet
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/12/09 13:36:22 Modified files: usr.sbin/smtpd : lka_filter.c lka_report.c Log message: swap two fields in the filter response protocol to match order of fields in the query protocol. this difference was overlooked and is error-prone for a filter developer. bump filter protocol. when you update your smtpd, if you use filters, they'll need to be updated. spotted by Chris Ross
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/26 13:42:35 Modified files: usr.sbin/smtpd : smtpd.conf.5 Log message: document that listen on socket can have filters attached original diff from Ryan Kavanagh , slightly rearranged
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/26 13:26:22 Modified files: usr.sbin/smtpd : mail.lmtp.c Log message: in mail.lmtp.c, split LMTP connection fd into two FILE * streams diff from fgma on github
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/26 13:14:38 Modified files: etc/mail : smtpd.conf Log message: make implicit "listen on socket" explicit, the default config no longer has any implicit behavior ok eric@, kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/26 00:50:01 Modified files: usr.sbin/smtpd : parse.y smtpd.conf.5 Log message: allow using 'auth' as an origin: match from auth [...] will match any authenticated session, disregarding where it comes from
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/26 00:28:37 Modified files: usr.sbin/smtpd : parse.y Log message: whitespaces
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/25 23:10:20 Modified files: usr.sbin/smtpd : parse.y smtpd.conf.5 Log message: mail-from and rcpt-to already carry origin and destination, so we can make them a "for" and "from" parameter and allow grammar to express: match from mail-from gil...@openbsd.org for rcpt-to e...@openbsd.org rather than: match from any mail-from gil...@openbsd.org \ for domain openbsd.org rcpt-to e...@openbsd.org [...] ok eric@, jung@, millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/25 07:23:00 Modified files: usr.sbin/smtpd : smtpd.conf.5 Log message: document that rules can match specific users or user lists now
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/25 07:18:33 Modified files: usr.sbin/smtpd : envelope.c ruleset.c smtp_session.c smtpd.h Log message: store smtp session username in envelope and allow ruleset to match specific users or mailaddr: match auth "gil...@openbsd.org" [...] match auth "@openbsd.org" [...] ok eric@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/25 06:30:04 Modified files: etc/mail : smtpd.conf Log message: use explicit from notation in default config ok eric@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/19 15:04:04 Modified files: usr.sbin/smtpd : smtpd.conf.5 Log message: fix typos in smtpd.conf.5 from Ryan Kavanagh
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/12 14:02:42 Modified files: usr.sbin/smtpd : parse.y smtpd.conf.5 Log message: a long long time ago, there was no such thing as "from socket" and the socket listener was tagged "local" so we could trick "from local" into matching non-network connections. this hack was removed years ago and the socket listener still had this "local" tag hardcoded. this commit teaches parse.y how to assign a tag to a socket listener and removes the hardcoded "local".
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/12 13:21:46 Modified files: usr.sbin/smtpd : ruleset.c to.c Log message: fix a logic bug in ruleset matching that makes `from socket` rules possibly crash depending on how the ruleset is crafted.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/11 10:20:25 Modified files: usr.sbin/smtpd : spfwalk.c Log message: fix 'mx:' mechanism in smtpd spf walk diff from Quentin Rameau
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2019/11/05 12:18:30 Modified files: opensmtpd : index.html Log message: minor release 6.6.1 fixes many issues in the portable layer of opensmtpd to bring back support for most Linux distros, disregarding if Glibc or Musl or OpenSSL or LibreSSL.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/03 17:05:38 Modified files: usr.sbin/smtpd : ruleset.c Log message: fix a possible crash when combining "from rdns", nested virtual aliases and a particular sequence of rules causing "from rdns" to be hit again from the expanded aliases. this requires crafting a specific configuration.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/03 16:58:51 Modified files: usr.sbin/smtpd : smtpd.h Log message: 6.6.0 -> 6.6.1
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/11/01 21:16:45 Modified files: usr.sbin/smtpd : ssl_verify.c Log message: switch ASN1_STRING_data() with constified ASN1_STRING_get0_data()
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2019/10/26 06:51:15 Modified files: opensmtpd : donations.html index.html portable.html Added files: opensmtpd/announces: release-6.6.0.txt Log message: opensmtpd-6.6.0 is out
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/04 02:34:29 Modified files: usr.sbin/smtpd : smtp_session.c Log message: remove strict \r check, the downside overweights the advantages, we'll revisit a proper fix post release committing on behalf of martijn@, ok eric@ and I
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/03 02:51:43 Modified files: usr.sbin/smtpd : spfwalk.c Log message: no need to increment argv and decrement argc, we're not using them later
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/03 02:50:08 Modified files: usr.sbin/smtpd : mda.c Log message: no need to set n to 0 right before assigning it ret value from io_printf()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/03 01:03:24 Modified files: usr.sbin/smtpd : iobuf.c Log message: remove useless check and dead code
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 23:50:28 Modified files: usr.sbin/smtpd : mproc.c Log message: check imsg_flush() return value and fatal() if == -1
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 23:48:33 Modified files: usr.sbin/smtpd : mda.c Log message: make it obvious we don't care about text_to_mailaddr() return values, we've already checked it upfront and wouldn't reach this point if it didn't parse correctly.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 23:46:55 Modified files: usr.sbin/smtpd : mail.lmtp.c Log message: free() destination server copy, not a real leak since the program is short lived but still
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 23:42:57 Modified files: usr.sbin/smtpd : lka_report.c Log message: fix wrong sizeof in lka reporters init
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 23:08:21 Modified files: usr.sbin/smtpd : smtp_session.c Log message: we should never hit the smtp reports with an s->tx set to NULL but better be safe than sorry, check upfront
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 23:04:45 Modified files: usr.sbin/smtpd : smtp_session.c Log message: fix possible use-after-free in error code path
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 22:51:15 Modified files: usr.sbin/smtpd : table_proc.c Log message: fatal() if imsg_flush() call fails in table proc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/10/02 22:49:12 Modified files: usr.sbin/smtpd : util.c Log message: fix memory leak in error code path
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/30 07:27:12 Modified files: usr.sbin/smtpd : lka_proc.c Log message: add smtpd-version config key in filters handshake
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/29 04:14:19 Modified files: usr.sbin/smtpd : spfwalk.c Log message: - remove specific cases for +a and +mx as the + prefix is handled earlier - support mx: notation diff from Quentin Rameau
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/29 04:03:49 Modified files: usr.sbin/smtpd : smtpd.h srs.c util.c Log message: SRS uses base64 encoding for the checksum, however while this is ok when we only have MTA in the loop, some implementations like Dovecot's LMTP dislike finding '/' in an e-mail address. Since checksum is meant to be verified at the MX that generated the SRS encoding, use alternate rfc354 base64 encode, swapping '/' with '_' and '+' with '-'. ok eric@ millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/20 11:46:05 Modified files: usr.sbin/smtpd : config.c lka_session.c mta.c mta_session.c parse.y smtpd.conf.5 smtpd.h usr.sbin/smtpd/smtpd: Makefile Added files: usr.sbin/smtpd : srs.c Log message: teach smtpd how to do SRS so hosts that act as forwarders don't break SPF. this basic implementation does SRS0/SRS1 encoding/decoding, validating time and checksums. with insight from semarie@, ok eric@ and millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/19 10:00:59 Modified files: usr.sbin/smtpd : envelope.c smtp_session.c to.c Log message: second attempt at fixing how we display inet6 addresses in smtpd. this diff is simpler than my initial reverted attempt, corrects the likely reason for the initial revert and has been running successfully for the day on my MX with tons of incoming and outgoing inet6 trafic. ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/19 08:40:53 Modified files: usr.sbin/smtpd : report_smtp.c Log message: in tx-mail / tx-rcpt reports, do not pass the brackets <> and remove any of the MAIL FROM / RCPT TO options. filters use the mail-from and rcpt-to hooks to retrieve these should they need it. fixes bogus tx-mail / tc-rcpt reports
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/19 01:35:36 Modified files: usr.sbin/smtpd : mda_variables.c smtpd.h Log message: unescape / and ^ in the general delivery case, they only need to be for maildir ok eric@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2019/09/18 09:03:38 Modified files: . : 66.html Log message: smtpd also gained proxy-v2 support
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: gil...@cvs.openbsd.org 2019/09/16 12:25:29 Modified files: . : 66.html Log message: fill the opensmtpd part
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/14 00:20:27 Modified files: usr.sbin/smtpd : mta.c Log message: in mta_relay_cmp() properly check that authlabel or backupname are not NULL before comparing their value with other relays diff from Caspar Schutijser
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/11 14:06:26 Modified files: usr.sbin/smtpd : lka_filter.c Log message: when replace tree_xget() with tree_get() ... actually use tree_get() so the change actually does something.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/10 13:30:12 Modified files: usr.sbin/smtpd : lka_filter.c Log message: do not use tree_xget() between filters resume as a session may legitimately go away due to a disconnection before a filter responds. diff from martijn@, committing on his behalf
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/10 01:03:16 Modified files: usr.sbin/smtpd : lka_report.c Log message: simplify lka reporting functions by moving the reqid inside the broadcast function: reqid is a mandatory part of the header. lka reporting functions now only append their own specific parameters. ok martijn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/04 02:30:36 Modified files: usr.sbin/smtpd : lka_report.c lka_filter.c Log message: bump version
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: gil...@cvs.openbsd.org 2019/09/04 01:38:20 Modified files: usr.sbin/smtpd : lka_filter.c Log message: disallow proc filters from responding with junk action at commit spotted by martijn@