problem, not matter of transport layer.
Let me know of what you think about this. Then, we can coordinate and
get it done. I have some free time this week so I can implement what I
was suggesting above if you like, so that you can focus on table_ldap.
Just let me know :)
Thanks,
Omar Polo
On 2024/06/10 18:02:51 +0200, Omar Polo wrote:
> On 2024/06/10 07:28:37 -0700, latin...@vcn.bc.ca wrote:
> > > Well, the cause is that table-passwd dies (since it's the only proc
> > > table you use.) Did you do anything to that host recently? Was it
> > >
1 and 3), and verified
it was still working.
What you can try testing is to:
1. verify the syntax of the passwd file. Start with just one entry and see
if it works. For reference, here's the one I've used in my vm
op:$2b$09$ts7CQdymgQeR8FrVzrY8zuVMrkqL0YI1m3yH0PowCrq1x46l.FcUO:1000:1000:Om
On 2024/06/10 03:22:54 -0700, latin...@vcn.bc.ca wrote:
> > On 2024/06/10 02:25:26 -0700, latin...@vcn.bc.ca wrote:
> >> > On 2024/06/09 20:53:53 -0700, latin...@vcn.bc.ca wrote:
> >> >> Hello
> >> >>
> >> >> I am having this log lines and i am not able to find the error, could
> >> >> someone
On 2024/06/10 02:25:26 -0700, latin...@vcn.bc.ca wrote:
> > On 2024/06/09 20:53:53 -0700, latin...@vcn.bc.ca wrote:
> >> Hello
> >>
> >> I am having this log lines and i am not able to find the error, could
> >> someone help please?:
> >> Jun 9 19:57:24 hawk smtpd[37247]: info: OpenSMTPD 7.5.0
On 2024/06/09 20:53:53 -0700, latin...@vcn.bc.ca wrote:
> Hello
>
> I am having this log lines and i am not able to find the error, could
> someone help please?:
> Jun 9 19:57:24 hawk smtpd[37247]: info: OpenSMTPD 7.5.0 starting
> Jun 9 19:57:24 hawk smtpd[97671]: warn: table-proc: pipe closed
On 2024/05/13 09:38:40 +0200, Philipp wrote:
> Hi
>
> Sorry, this mail was overseen.
Yeah, sorry.
> [2022-08-30 13:23] "Tobias Fiebig"
> > I just started to see some DoS issue on my OpenSMTPd with table-mysql as
> > the backend. Specifically, my server ran into the user lookup process
> >
On 2024/05/11 14:35:09 +0200, Thomas Bohl wrote:
> > I am on OpenBSD 7.5-current playing around a bit and noticed that
> > smtpd fails to start.
>
> > I then ran smtpd -d and I get:
> > credentials[40067]: warn: table-api: imsg_get: Result too large
> > lookup: table-proc: no services registered
OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.
It runs on OpenBSD, NetBSD,
On 2024/03/20 17:36:01 +0100, Tassilo Philipp
wrote:
> Hi,
>
> while working on the DSN patches mentioned in another thread, I came
> across an oversight in the final ORCPT patch that will be part of 7.5.0.
>
> Find the patch attached - IMHO, this patch should make it into 7.5.0, as
> it's
config|subsystem|smtp-in
> dnsbl: config|admd|olafpi.ovaltofu.org
> dnsbl: config|ready
>
> Thank you very much for the fixes !
>
> Andi..
I've committed the diff, will be part of 7.5 :)
Thanks!
Omar Polo
40267a15ee3de6464b1bc
file + configure.ac
--- configure.ac
+++ configure.ac
@@ -147,6 +147,7 @@ AC_CHECK_FUNCS([ \
getspnam \
malloc_conceal \
pledge \
+ setreuid \
setsid \
sigaction \
strnvis \
Thanks!
Omar Polo
dropped in previous
release.
Thanks,
Omar Polo
On 2024/03/06 10:15:26 -0800, Andi Vajda wrote:
>
> On Wed, 6 Mar 2024, Omar Polo wrote:
>
> > So the issue is that at runtime ld.so fails to load libevent2 somehow...
>
> I took a closer look at config.log files produced opensmtpd-7.3.0p2 and
> opensmtpd
On 2024/03/04 09:32:14 -0800, Andi Vajda wrote:
>
> On Mon, 4 Mar 2024, Omar Polo wrote:
>
> > Sorry, I made a typo. It should be
> >
> >./configure CFLAGS='-I/home/vajda/libressl-3.8.2/local/include/
> > -I/usr/pkg/include'
> >
> > I m
On 2024/03/03 16:42:55 -0800, Andi Vajda wrote:
>
> On Sun, 3 Mar 2024, Omar Polo wrote:
>
> > ouch! Don't know much of how pkgsrc works, but this seems strange. Can
> > you make sure the users were created? `grep smtp /etc/passwd' should be
> > enough.
>
>
0
>dnsbl: config|subsystem|smtp-in
>dnsbl: config|admd|olafpi.ovaltofu.org
>dnsbl: config|ready
>
> Andi..
Thanks,
Omar Polo
On 2024/02/24 20:34:23 +0100, Philipp wrote:
> [2024-02-24 12:31] Omar Polo
> > Thanks, I have committed the first two diffs (update ber and aldap, and
> > request only required attributes), but I'm probably missing something in
> > the third diff.
>
On 2024/02/19 16:13:49 +0100, Philipp wrote:
> Hi
>
> Omar has sugested to update ber. I have implemented this and rebased
> my patches to this.
>
> The "update ber and aldap" patch is acually not correct, because the
> aldap_match_attr() has a changed API. The result might not used after
> the
Hello,
On 2024/02/09 09:15:17 +0100, Philipp wrote:
> Hi
>
> An updated version with some logging is attached.
>
> Philipp
This reads fine to me, thanks for working on it. I'm just not sure
about changing ber.c, since it just adds to the difference with libutil'
ber.c. Seems that lot of
if (snprintf(dst, sz, "%s:%s:%s", res[0][0], res[1][0],
> - res[2][0]) >= (int)sz)
> + if (snprintf(dst, sz, "%s:%s:%s", res[0].v[0][0],
> res[0].v[1][0],
> + res[0].v[2][0]) >= (int)sz)
> ret = -1;
> break;
> default:
> @@ -539,10 +571,17 @@ ldap_run_query(int type, const char *key, char *dst,
> size_t sz)
> log_warnx("warn: could not format result");
>
> end:
> - for (i = 0; i < q->attrn; ++i)
> - if (res[i])
> - aldap_free_attr(res[i]);
> + for (j = 0; j < ret; ++j) {
> + for (i = 0; i < q->attrn; ++i) {
nit: it's a bit confusing that here i and j are used in the inverse
order of the cleanup in ldap_query.
> + if (res[j].v[i]) {
> + aldap_free_attr(res[j].v[i]);
> + }
> + }
> + }
> [...]
Thanks,
Omar Polo
Some comments inline.
> From 4a997162811d6b43a748af1cfb783bad6177dca8 Mon Sep 17 00:00:00 2001
> From: Philipp Takacs
> Date: Wed, 31 Jan 2024 17:50:52 +0100
> Subject: [PATCH 2/2] table-ldap handle more then one result
>
> ---
> extras/tables/table-ldap/table_ldap.c | 98
On 2024/02/03 02:05:06 +0100, Philipp wrote:
> Hi
>
> I found a nullpointer deref in table-postgres. A patch is attached.
>
> Philipp
>
> Ps: thanks gilles for so nice to read code.
Good catch! Committed, thanks!
(I took the chance to knf-ify the comment before committing.)
On 2024/01/27 18:33:35 +0100, Philipp wrote:
> A I forgott the patch.
>
> [2024-01-27 12:11] Philipp
> > I have noticed that the table-ldap uses printf() to replace the '%s' of
> > the filter with the search key. This has some problems. The biggest one
> > is you can use the key only once in
ain, it's not a problem introduced by your diff, but since you're
fixing stuff in here would you mind to fix also these points?
Thanks,
Omar Polo
On 2024/01/24 08:51:06 +0100, Philipp wrote:
> [2024-01-24 00:09] Omar Polo
> > [...]
> > if you're interested in this however, we can also avoid the strdup()
> > here since aldap_parse_url() already strdup()s the string for parsing
> > (but still frees the pass
On 2024/01/24 09:38:01 +0100, Philipp wrote:
> Hi Omar
>
> Thanks for the feedback. A updated patch is attached.
>
> [2024-01-23 11:26] Omar Polo
> > On 2024/01/23 01:24:57 +0100, Philipp wrote:
> > > I have had a bit of time and implemented ldaps support for tab
On 2024/01/23 19:49:34 +0100, Philipp wrote:
> [2024-01-23 11:39] Omar Polo
> > spotted while reading Philipp' ldaps diff. it's really ugly to reach
> > into the struct sockaddrs when using getaddrinfo()...
>
> Nice this makes the libtls integration simpler. Also
On 2024/01/23 11:26:59 +0100, Omar Polo wrote:
> On 2024/01/23 01:24:57 +0100, Philipp wrote:
> > Hi
> >
> > I have had a bit of time and implemented ldaps support for table-ldap.
> > It is currently untested and has some todos. But I would say it's
> > compl
spotted while reading Philipp' ldaps diff. it's really ugly to reach
into the struct sockaddrs when using getaddrinfo()...
however, I don't use ldap so this could use at least some testing :)
(would also be interesting to provide some more logging if socket/connect
fails somehow, and also
On 2024/01/23 01:24:57 +0100, Philipp wrote:
> Hi
>
> I have had a bit of time and implemented ldaps support for table-ldap.
> It is currently untested and has some todos. But I would say it's
> complete enough to share. So other can comment on the code. A patch
> is attached
I don't use ldap
fe80::fce1:baff:fed3:6e35%tap0]] -> (null)
> >
> > that I'm not sure was present also before, so I'll have to take a closer
> > look.
This is due to config.c:set_localaddrs wrapping the result from
ss_to_text() in brackets. Do you remember why it is needed?
ss_to_text() already
On 2023/12/14 21:36:44 +0100, Kirill Miazine wrote:
> [...]
> cvs checkout took looong time, so I took src.tar.gz from 7.4, applied
> patch there.
>
> diff worked for static maps, at least. tested on this config:
thanks for testing the diff
> [...]
>
> but didn't work with "table helo-names
[moving to tech@]
On 2023/12/13 20:37:09 +0100, Kirill Miazine wrote:
> I've spent several hours debugging an issue.
>
> table(5) specifies addrname format as a mapping from inet4 or inet6
> addresses to hostnames:
>
> ::1 localhost
> 127.0.0.1
relaxes the checks but IMHO it doesn't address the underlying
issue: we expect a valid rfc822 address where it's not mandatory.
I think we should just keep the ORCPT address as on opaque string
(modulo some validation) without trying to parse it.
I still have to test the diff below in a real-wor
to configure opensmpt for such a use case?
Haven't tried, but a mda command that writes to to /dev/null should be a way.
(not tested)
action "ignore" [...] mda "cat >/dev/null"
Cheers,
Omar Polo
On 2023/11/28 14:38:05 +0100, Tassilo Philipp
wrote:
> Hi,
>
> I stumbled across an issue when trying to send mail with opensmtpd by
> submitting via the unix domain socket, when requesting any kind of DSN,
> (e.g. mailwrapper(8) based sendmail command's -N param).
>
> Such mail gets refused
[moving to tech@, +CC Gilles and Eric]
On 2023/11/13 14:04:37 -0300, Crystal Kolipe wrote:
> The smtpd.conf manual says:
table(5) actually ;-)
> > When using a `file' table, a list will be written with each value on a
> > line by itself. Comments can be put anywhere in the file using
OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.
It runs on OpenBSD, NetBSD,
OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.
It runs on OpenBSD, NetBSD,
ication for any
aspect not clearly covered in the manual page.
Thanks,
Omar Polo
[0]: https://man.openbsd.org/smtpd-filters.7
On 2023/10/14 15:06:11 +0200, Sagar Acharya wrote:
> How do I reject all emails with attachments by using an opensmtpd filter?
I never used it, but from the look of it you could try mimedefang via
the filter-mimedefang package. It's available on OpenBSD, but being
written in perl I assume it
OpenBSD 7.4 is approaching fast, and so is OpenSMTPD 7.4.0 :)
7.4 includes a few bugfixes and small improvements:
- avoid truncatino of filtered data lines
- allow arguments on NOOP
- swap link-auth filter arguments and bump filter protocol version
The bundled libtls was also updated to the
://www.opensmtpd.org/archives/opensmtpd-7.3.0p2.tar.gz
https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p2
Cheers,
Omar Polo
ag/7.3.0p1
The reason to always use the two bundled libraries is:
- libasr is long deprecated, only the bundled copy is maintained
- libtls and OpenSMTPD have a close relationship and need to stay in
sync (at least until the signer APIs are restored.)
Cheers,
Omar Polo
progresses with
this. In the meantime, building -portable with OpenSSL it's the
safest choice until this gets sorted out.
Thanks,
Omar Polo
On 2023/06/21 18:30:31 +0200, Philippe Strauss wrote:
> Hello the list,
>
> I'm new to opensmtpd, great software BTW, but after reading the man
> page and googling around the net, I can't find the right syntax for the
> "listen ... filter ..." syntax in smtpd.conf, I'm simply trying to
>
rash, then `gdb smtpd smtpd.core'
and at the gdb prompt type "bt" (without the quotes.)
Provided that you built the port with the WITH_DEBUG_PORTS as you
showed in the previous mail, the smtpd binary has the needed debug
symbols.
Thanks,
Omar Polo
t with OpenSSL from base and it's working now.
>
> Here is error when I tried to build it with libressl-3.7.3:
yeah, --with-bundled-libtls and libretls don't go together yet. You
can either use the bundled libtls with OpenSSL, or just use libretls.
Thanks!
Omar Polo
On 2023/06/18 16:15:51 +0100, Simon Harrison wrote:
> On Sun, 18 Jun 2023 16:08:20 +0200
> Omar Polo wrote:
>
> > > On 17 Jun 2023, at 18:43, Simon Harrison wrote:
> > >
> > > On Sat, 17 Jun 2023 09:50:17 +0200
> > > Omar Polo wrote:
> > &
On 2023/06/18 14:09:52 +0200, Petr wrote:
> Hello.
>
> I am trying new OpenSMTPD 7.3.0p0 on FreeBSD 13.2. I have it compiled
> with LibreSSL 3.7.3. When mail is send from this server or is received
> from outside, smtpd crashes.
>
> What could be wrong please?
>
> Here is trace output while
> On 17 Jun 2023, at 18:43, Simon Harrison wrote:
>
> On Sat, 17 Jun 2023 09:50:17 +0200
> Omar Polo wrote:
>
>> OpenSMTPD 7.3.0p0 has just been released.
>>
>
> When someone compiles (and runs) this on Debian Bookworm, can you post
> a quick howto. I tri
; I use OpenBSD because its simplicity!
>
> Thanks.
I should have probably mentioned more clearly that this was the
announce for the -portable version that exists to port OpenSMTPD to
other systems.
So, no, if you're using OpenBSD smtpd is in base you were already
using the latest version :)
Cheers,
Omar Polo
OpenSMTPD 7.3.0p0 has just been released.
OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range
[0]: https://github.com/poolpOrg/filter-rspamd
Thanks,
Omar Polo
d ignore the tarball
and checkout the branch release-7.3 from the git repository.
Thanks!
Omar Polo
On 2023/06/06 09:45:09 -0700, Andi Vajda wrote:
>
> On Tue, 6 Jun 2023, Omar Polo wrote:
>
> > Hello,
> >
> > thanks for testing!
> >
> > Regarding the build failure when using LibreSSL, I can reproduce on
> > OpenBSD: it's because the bundled libtl
also shouldn't happen. Is signal 11 SIGSEGV on NetBSD too? Can
you share the config.log of this configuration too and smtpd complete
log? Do you also get a core file? A backtrace would be incredibly
useful.
Thank you!
Omar Polo
more than one `pki' per `listen'
directive.
Thanks for testing!
Omar Polo
On 2023/06/03 09:08:05 -0700, Richard Narron wrote:
> In order to use the bundled libasr, I had to uninstall my existing libasr
> slackware build (port).
>
> It would be nice to have a --with-bundled-libasr option for the build.
> Then It could ignore an existing installed libasr.
Haven't
as effect when building
the bundled libtls, as otherwise I don't have control over what
tls_default_ca_cert_file() returns.
It's in the just-relased rc2, which also updates the bundled libasr
and so addresses OpenBSD 7.2 errata #22.
Thanks,
Omar Polo
if it'll ever be packaged it would need a similar
treatment.
Thanks,
Omar Polo
[*] well, on OpenBSD it has /etc/ssl/cert.pem hardcoded. To make in
portable I changed it to use what OpenSSL thinks it's the default,
which is the same thing done in libretls, a version of libtls
targetting OpenSSL instead of LibreSSL.
. See the github issue 1171 for more info:
https://github.com/OpenSMTPD/OpenSMTPD/issues/1171
Thanks,
Omar Polo
м,
> Сергей
>
>
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>
--
Omar Polo | PGP: 147F 24EB 977C DFDD 0197 86D3 E483 C355 499D 960D
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
64 matches
Mail list logo
