Re: OpenSMTPD 7.5.0 fails to start?

2024-05-11 Thread Thomas Bohl
I am on OpenBSD 7.5-current playing around a bit and noticed that smtpd fails to start. I then ran smtpd -d and I get: credentials[40067]: warn: table-api: imsg_get: Result too large lookup: table-proc: no services registered smtpd: process lka socket closed Probably the beginning of API

Re: DKIM Verification Failures

2024-04-05 Thread Thomas Bohl
Hi, DKIM verfication of my emails has been failing for outbound email when received by other systems. This email contains those signatures. I don't check DKIM inbound so that's not a concern. I created DNS entries for both rsa and ed25519 keys. The public TXT DNS record of

Re: match from mail-from reject not working

2024-03-11 Thread Thomas Bohl
match from mail-from reject That line doesn't have a for option, so "for local" is implied. match from any for any mail-from reject should do the trick. However, if i use telnet/openssl s_client to connect to the server, I get an OK in response to MAIL FROM: and can state RCPT TO and

SMTP Smuggling

2023-12-31 Thread Thomas Bohl
Happy new year. I just stumbled upon this "novel technique for e-mail spoofing": Given that

Re: maildir error when receiving mail to alias

2023-11-20 Thread Thomas Bohl
Hello, Am 20.11.2023 um 01:19 schrieb : Hello, I have set up my account on this mailserver to deliver mail to my Maildir. This works (as demonstrated by being able to subscribe to this list); now I am trying to set up the required aliases (postmaster, etc). I set up the aliases to point to my

Re: Need help with mail server configuration

2023-11-11 Thread Thomas Bohl
I received it (even in Thunderbird)! May I ask how did you do that? I tried so many ways today but none worked... I clicked "New Message" in Thunderbird, entered your email and hit send. :-) Have you tried sending from your address? telnet 25 times out, same

Re: Need help with mail server configuration

2023-11-10 Thread Thomas Bohl
Hi, Thank you for your reply. I spent a couple of hours on this today with not much luck. Please find my replies below. Than check what is blocking port 25. Is it your Debian firewall or your VPS provider. There is no VPS provider firewall. The one I can use is disabled. I asked support

Re: Need help with mail server configuration

2023-11-08 Thread Thomas Bohl
Hello, I am running a Debian 12 server hosted at OVH. It's a fresh VPS, and the domain I'm using for that test is, with the subdomain as advised in the article. DNS and rDNS seems fine, host and dig reply what they are supposed to. On the server, I created an

Re: smtpd.conf - Possible Issues with "mail-from"

2023-11-06 Thread Thomas Bohl
Hello, It appears that the “mail-from” is not working. I can see this in the mail logs. I am sending emails in a backup script using the command; e.g. mail -s “My Backup" < somefile Extract from /var/log/maillog Nov 6 17:34:36 fw2 smtpd[43484]: 7cb40a8b67fe96f9 mta

Re: Mail not delivered, permission denied

2023-11-03 Thread Thomas Bohl I am facing the issue above exactly as it is. What is smtpd, and smtpq wrt users. I have given all permissions and added them to mail group but still I cannot remove the error msgs. The secondary/supplementary group (mail) of your users

Re: Issue when relaying one smtpd to another with tls

2023-10-15 Thread Thomas Bohl
Hello, I have two smtpd nodes, i'll call them A and B. Node A is exposed to internet, Node B is not and is relaying everything to node A. The action line on node B looks like this : action "send" relay host smtps://[some kind of ipv6] srs On Node A, i have a match for that "some kind of

Re: Issues with outbound connections to dualstack on v6 only host

2023-08-17 Thread Thomas Bohl
Sorry for the late response. I am currently facing an issue that OpenSMTPd disables a route for a dual-stack MX if a connection to the v4 address fails, without retrying v6. The system has a local v4 network, but no routes; A v6 default route is set and the system is reachable via IPv6. Have

Re: Permissions error when sending to mailing list after upgrade to v.7.3.0

2023-08-17 Thread Thomas Bohl
Am 16.08.2023 um 16:58 schrieb Reio Remma: On 15.08.2023 10:49, Thomas Bohl wrote: You where already pretty close when you got this line though: warn: smtpd: /var/vmail/mlmmj/domain/listname/.forward: unsecure file There was probably just wrong write permissions for the group

Re: Permissions error when sending to mailing list after upgrade to v.7.3.0

2023-08-15 Thread Thomas Bohl
You where already pretty close when you got this line though: warn: smtpd: /var/vmail/mlmmj/domain/listname/.forward: unsecure file There was probably just wrong write permissions for the group. ...on the home directory.

Re: Permissions error when sending to mailing list after upgrade to v.7.3.0

2023-08-15 Thread Thomas Bohl
It must be owned by the user who makes the delivery. Is vmail or mlmmj a system user? man forward ... Permissions on the .forward file are very strict and expansion is rejected if the file is group or world-writable; if the home directory is group writeable; or if the file is not owned by

Re: Permissions error when sending to mailing list after upgrade to v.7.3.0

2023-08-14 Thread Thomas Bohl
Hello, I just found that my mailing lists have stopped working after the upgrade with the following error: /usr/bin/mlmmj-receive[102515]: mlmmj-receive.c:122: Could not stat /var/vmail/mlmmj/domain/listname/: Permission denied I recall reading the delivery user was changed at some point.

Re: /etc/mail/aliases question

2023-06-14 Thread Thomas Bohl
Hello, However, the output from: newaliases shows:     $ doas newaliases     /etc/mail/aliases: 69 aliases Test messages also show that the changes to the aliases file are being picked up. That should not be the case. But hard to tell without the full config. The current permissions I

Re: Format specifiers: partial expansion + modifier

2023-04-28 Thread Thomas Bohl
Hello, I was wondering if it is possible to use partial expansions together with format modifiers in smtpd.conf. For example, I'd like to reduce an email with a format like to I've tried the following variations: %{sender.user[5:]:strip}

Re: How to write the rule to avoid spam

2023-04-05 Thread Thomas Bohl
Thank you for your answer. However it doesn't work because "from domain..." is an invalid syntax I personally use this: table legalto file:/etc/mail/legal-rcpt-to match !auth from any for any mail-from reject # cat /etc/mail/legal-rcpt-to

Re: How to write the rule to avoid spam

2023-04-05 Thread Thomas Bohl
Hello, So I would tend to write a rule such as match ! from domain for domain action TO-CLAM_SMTPD_IN Considering that users that write from to match the first rule since they are local or authenticated or coming from one of the known IPs. But this rule is not

Re: opensmtpd personal mail server setup

2023-03-31 Thread Thomas Bohl
Hello, # certificate pki mail_cert cert "/etc/letsencrypt/live/***/fullchain.pem" pki mail_cert key "/etc/ssl/private/server.key" I don't know which system has this paths. But it looks wrong to me. Are you sure the server-key isn't in "/etc/letsencrypt/live/***/"? Which acme-client do you

Re: Using Exchange online as relay

2023-03-31 Thread Thomas Bohl
Hello, action "relay" relay host smtp+tls:// auth the relay-url is missing the label. man smtpd.conf ... The format for relay-url is [proto://[label@]]host[:port]. ... The label corresponds to an entry in a credentials table, as documented in table(5). It is used with

Re: Email Sending Test-Setup

2023-03-06 Thread Thomas Bohl
Heho, together with some colleagues i setup an email-sending-selftest (powered by openbsd, and partially opensmtpd ;-)) In case it is useful for some: That is a real cool project! I didn't knew signed rDNS is possible.

Re: Mixing login and virtual/table authentication

2023-03-06 Thread Thomas Bohl
My question is pretty simple: Is it possible to have OpenSMTPD listen on a single socket (smtps or submission) and authenticate both “real” users (i.e., /etc/passwd” and virtual users from a credentials table (without adding the real users to the table). I think the answer is ‘no’ (and that

Re: Opensmtp as simple relay service

2022-11-11 Thread Thomas Bohl
I had initially some authentication issues with my ISP Exchange SMTP host ("530 5.7.1 Client was not authenticated") If I'm not mistaken that is probably because the host-option doesn't have a label for the credentials table. Your /etc/mail/secrets has to look like this: label1

Re: Opensmtp as simple relay service

2022-11-10 Thread Thomas Bohl
Hello, I hope someone can help me here. I have a small wordpress website from which I am sending emails using a free plugin to my ISP SMTP server over STARTTLS ( Now I am trying OpenSMTP which should do the job but for some reason it returns "550 Invalid

Re: delivering mail from virtual user

2022-09-19 Thread Thomas Bohl
i had to do a re-installation, and now i cn only receive mail, i lost the configuration for smtp, the combination port + ssl or startssl i am confuse! You posted your configuration to this mailinglist. In theory all you need to do is

Re: delivering mail from virtual user

2022-09-18 Thread Thomas Bohl
Hello, expected. But i ned that 1 Virtual user re-send e-mail to 5 different address or users. table virtuals file:/etc/mail/virtuals action "lmtp" lmtp "/var/dovecot/lmtp" rcpt-to virtual Your /etc/mail/virtuals probably looks like this: user1 user2

Re: Invalid recipient for local account.

2022-08-24 Thread Thomas Bohl
Hi, All user on registered on the LDAP directory received emails, local users get "Invalid recipient": Aug 22 14:14:16 mx-01 smtpd[15911]: 1413a338b810bc82 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " Aug 22 14:14:17 mx-01 smtpd[15911]: 1413a338b810bc82 smtp

Re: Reject mails with a customized error messages

2022-07-07 Thread Thomas Bohl
Hello, I would like to reject mails with a customized error message. As far as I understand the documentation, I cannot pass any additional parameters to a "reject" command. Am I missing something? How can I return a specific error message? You will need to rewrite your config to use

Re: Tried, and failed, to use a wildcard in an action rule ... possible ?

2022-07-05 Thread Thomas Bohl
Is it possible to use a wildcard like this in an action rule ? No. man 5 table ... In a virtual domain context, the key is either a user part, a full email address or a catch-all, following selection rules described in smtpd.conf(5), and the value is one or many recipients as described in

Re: Am I running an open relay? And a few questions.

2022-05-20 Thread Thomas Bohl
Hello, 1a) Have I left anything too open to spammers to use my server? Have I done anything stupid? Tries to send emails over your server using various techniques. If it works you have a problem. Shows whether your IP is

Re: filter: HELO matches rDNS or not

2022-05-20 Thread Thomas Bohl
Hello, I want to check inbound SMTP connections to verify that the HELO/EHLO name matches the associated rDNS entry. MY FILTER filter "HELO_FQDN" phase ehlo match !helo rdns disconnect "NNN:msg." REPORTED ERROR doas smtpd -n /etc/mail/smtpd.conf:191: syntax error IDEA ORIGINATION

Re: Why isn't there a simple way to add a catchall alias to OpenSMTP ?

2022-04-14 Thread Thomas Bohl
    match from any for domain "" action "local_mail"     match from any for domain "" action "catchall" match for local action "local_mail" match from any for domain "" action "catchall" I hope I understood you correctly. If not, merge the tables.

Re: Why isn't there a simple way to add a catchall alias to OpenSMTP ?

2022-04-10 Thread Thomas Bohl
Instead of being cranky you should have posted your "very simple, very readable smtpd.conf file". This is what a catchall email address looks like and this is a very simple and reasonable to expect this to function. An alias file has never accepted an @. It is therefore not at all

Re: Validating certificate chain of SMTP TLS connections using privately-issued CA certsy

2022-03-15 Thread Thomas Bohl
client# cat /tmp/server.crt >> /etc/ssl/certs.pem BTW it's /etc/ssl/cert.pem not /etc/ssl/certs.pem Not the cert of the server but, like he said, the CACert.pem The certificate is self-signed. Sorry, I should have mentioned that. Especially since you started by saying "A private CA has

Re: Validating certificate chain of SMTP TLS connections using privately-issued CA certs

2022-03-15 Thread Thomas Bohl
IIUC the client server needs the CA Certificate that was used to generate the SMTP-server Certificate in its /etc/ssl/cert.pem (on OpenBSD). Thanks. I did try this but it's still not working out. Download the server certificate and append it to our /etc/ssl/certs.pem client# scp

Re: How to set up virtual users?

2022-03-04 Thread Thomas Bohl
I've got a situation which doesn't seem all that unusual, but I can't figure out how to properly set it up with OpenSMTPd on OpenBSD 7.0-release. I need to receive email from anywhere to my local users (most, but not all, of whom should not have accounts on the mailserver) and relay email from

Re: Message submission vs message acceptance/relay?

2022-03-04 Thread Thomas Bohl
I'm working on getting OpenSMTPd on OpenBSD 7.0-release working properly, and don't see any information about the special handling that MSAs can/should do that MTAs shouldn't and don't see any obvious way to tell OpenSMTPd to do this handling on the submission/submissions ports. listen on

Re: restart necessary on certificate upgrade (letsencrypt)?

2022-01-09 Thread Thomas Bohl
Hi, I wonder if opensmtpd starts using new key and certificate chain automagically, in case they replaced the old files? Do I have to hup or restart smtpd? I'm not sure about a new key file[1], but for a renewed certificate chain[2], renewed for example by acme-client, no restart is

Re: Google domain ownership tokens for an mx. domain

2021-12-12 Thread Thomas Bohl
I will, now that I thought of it, but I was wondering. Does this make any difference to my domains (A records) avoiding getting sent messages SPAM blocked, especially by the BIG GUYS? No, doesn't mention google-site-verification and other services

Re: relay via smtps with special characters in username

2021-12-05 Thread Thomas Bohl
fixed it for myself. I changed the delimiter in sourcecode, table.c Line 557 from : to ; and build my own Opensmtpd from scratch. My secrets file ist now myrelay username;password Everything works as expected :) Did you had a problem with the # symbol? The man page states: "Comments can be

Re: crypto: ca_imsg: invalid pkey hash

2021-11-20 Thread Thomas Bohl
Am 09.11.2021 um 22:48 schrieb Brenckle, Nicholas M.: OpenSMTPd running on an OpenBSD7.0 box. Over the last few days I've had the daemon stop and I had to manually restart it. It always has a message similar to this: Nov 9 15:57:29 prd-smtp01 smtpd[87213]: crypto: ca_imsg: invalid pkey hash

Re: Regex in db table

2021-08-26 Thread Thomas Bohl
Question: How can I use regular expressions in db files? Don't know, but Text files don't seem to be an option, because they are only read on startup so I cannot update them on the fly. # smtpctl update table helotable File is recommended over db:

Re: Block mails from senders

2021-08-20 Thread Thomas Bohl
Hello, i cant get mails rejected that come from a list of specific senders smtpd.conf table bad_guys file:/etc/mail/bad_guys match from mail-from reject Whats wrong? If you don't specify for whom the rule is it will default to local. So the current rule is: match from mail-from for

Re: need help to solve route loop

2021-08-10 Thread Thomas Bohl
Hello, > action "outbound" relay > > action "tomailer" relay host > match from local for local action "local_mail" match from local for any action "outbound" match from any for domain "" action "tomailer" match from src for any action "outbound" The line "match from

Re: Syntax Error

2021-08-05 Thread Thomas Bohl
I am attaching my log file for reference. Which is not really helping. It has over 7000 lines. It clearly shows that the daemon is running, so there can't be a syntax error. Please be more specific. Show the commands you enter and the output that is generates. Try to use smtpd -d There

Re: Syntax Error

2021-08-05 Thread Thomas Bohl
I am Vigneshwaran R @ vgnshlvnz. I am a FreeBSD OS enthusiast. Recently I tried to deploy opensmtpd in FreeBSD 12.2-RELEASE, I get syntax error when I run `smtpd -n`. I have attached the file for reference. Can someone point out the issue? Since you didn't show your error message, I got to

Re: How to check if TLS enabled?

2021-06-25 Thread Thomas Bohl
From what I can gather, SPF and DKIM are in the mail headers. What is an easy way to check that TLS is working correctly? There should be TLS mentioned in the headers too. In the Received line. Looking into the header of your mail shows TLSv1.2 was used to connect to But not

Re: Authentication problem

2021-06-15 Thread Thomas Bohl
Authentication does now work with this line in the file "smtpd.conf" : --- table secrets file:/etc/mail/secrets --- But if instead of a text file I use a db file, it does not work Than don't

Re: How to copy all outgoing mails based on sender definition

2021-06-07 Thread Thomas Bohl
So I have a list of users defined on a server and I want to copy all mails of users with a specific mail domain. I don't think that is possible without writing a custom filter or mda.

Re: How to reject a domain

2021-04-17 Thread Thomas Bohl
Hello, In my logs, I see that the host " " regularly connect to my server and disconnect without doing anything. To not make it appear anymore in the logs, I tried to block it with this rule in smtpd.conf but

Re: Forwarding to one or more accounts

2021-04-13 Thread Thomas Bohl, and can access there emails via IMAP over Dovecot, OpenSMTPD hands of emails via lmtp to Dovecot and emails send to are stored in the account. But here is my problem, now i want to add "forwardings" for some accounts.

Re: What DKIM RSA key length to use

2021-04-11 Thread Thomas Bohl
That´s weird. I just tested this with simple/simple, relaxed/simple, relaxed/relaxed and simple/relaxed, all with a 2048 bits key, but all my messages got accepted. Can you reproduce this issue and share me the content of the mail (ncluding headers) that had the issue? I did send you something

Re: What DKIM RSA key length to use

2021-04-10 Thread Thomas Bohl
Hello, In the filter-dkimsign readme I suggest to use 2048 and I stand by it. Thanks for mentioning and coding filter-dkimsign! Somehow I was unaware of it. I used rspamd just for DKIM. Which is overkill. The daemon racks up nearly 28000 daily DNS requests to free services (like,

Re: Handling of local delivery errors: TempFail on 5xx?

2021-04-08 Thread Thomas Bohl
Hi, In the event that the local delivery fails with a 5xx error, OpenSMTPD queues the message for retry (and eventually supplies the sender with a "delayed" delivery notification, etc). My naive expectation is that SMTP 5xx means permanent failure, so an immediate bounce would be more

What DKIM RSA key length to use

2021-03-28 Thread Thomas Bohl
Hello, I only recently started to use DKIM and DMARC. (Yesterday to be exact. Now mails to Gmail go to the inbox and not the spam-folder. Which is nice.) I started with a 1024 bits RSA key. I followed

Re: help me understand local mail please

2021-03-17 Thread Thomas Bohl
what is address=local? is this smtpd.sock? As far as I understand it, yes. (Which makes the first part of my original answer somewhat wrong. I was thinking about something else while answering.) I cannot understand in what moment connection automatically authenticates. When you use mail,

Re: help me understand local mail please

2021-03-07 Thread Thomas Bohl
Hello, match action "mbox" match from any for domain action "deliver" match auth from any for any action "relay" -- as i can imagine, the "mbox" match is expanded to match from local to local action "mbox" if I understand it correctly, "from local" means that mail

Re: Relaying local mail

2020-08-24 Thread Thomas Bohl
Is there a reason you don't want to make root@host2 or @host2 a valid recipient on host1? Mainly because if I were to spin up host3, 4 and 5, I'd prefer not to have to change the config on host1. Than I would suggest to use authentication. On hostX: action "relay2host1" relay \

Re: Relaying local mail

2020-08-22 Thread Thomas Bohl
Hi, If on host2 I do # sendmail -t <<- . From: root To: root Subject: Test . it expands the address to root@host2 and gets rejected by the host1 because it doesn't know what to do with the address. Is there a reason you don't want to make root@host2 or @host2 a

Re: Problem with Dovecot LMTP delivery

2020-08-09 Thread Thomas Bohl
Hi, action remote_delivery lmtp "/usr/lib/dovecot/lmtp" rcpt-to virtual    Camping - inotifywait -mrq /usr/lib/dovecot - show the    lmtp executable is never touched, when Dovecot is running. You have to call the LMTP server by IP:Port or UNIX socket, not by executable. On OpenBSD it

Re: smtp-out: Address family mismatch

2020-07-22 Thread Thomas Bohl
Currently I have 100+ EMails queued with "Network error on destination MX". This is a severe regression since OpenBSD 6.6. Every insightful comment is highly appreciated Please show your complete config file. Maybe it has an error. My current (new-style) smtpd.conf has a line  action

Re: smtp-out: Address family mismatch

2020-07-06 Thread Thomas Bohl
Hello, I see a lot of outgoing EMails queued with a message "smtp-out: Address family mismatch" in the log file. My colleagues don't like EMails being put on hold at all. My current (new-style) smtpd.conf has a line action "relay_external" relay src helo ""

Re: 553 ORCPT address syntax error

2020-06-15 Thread Thomas Bohl
In /etc/mail/aliases I used to say root: Your /etc/aliases must look like: root: And that’s what I used if you read my mail correctly. The plane text version of your mail has exactly the quoted line.

Re: plain text authentication

2020-05-11 Thread Thomas Bohl
Hi, I need to use plain text authentication. I have to migrate an old postfix server that uses this authentication mode. I have a lot of devices configured in this way. I have to plan the migration to TLS, while I want to use OpenSMTPD with plain text authentication. It's possible? It's not

Re: How to set from: for bounce mails from OpenSMTPD

2020-05-10 Thread Thomas Bohl
Hello, Let me know if you upgrade and this fixes the issue. I would be really interested to know if this is a bug which has been fixed in a newer version of OpenSMTPD. updating to OpenBSD 6.6 (OpenSMTPD 6.6.0) indeed fixed the issue. Now I receive bounce back messages. From:

Re: Catchall user

2020-04-05 Thread Thomas Bohl
Hi, Let' s assume I have 3 virtual users A, B and X on my domain I want to receive mail for all of them. No problem, that's easy to set up. But now, suppose some one (locally or non-locally) sends a mail to user C that does not exist (nor virtual nor as a account). I want my set-up to be

Re: how to match my relay rules against a list of IP's?

2020-03-20 Thread Thomas Bohl
arrowhead$ more /etc/mail/localhosters [::1]/128 It looks like there is bug. The table has to start with a IPv4 address. This works ::1 while this doesn't ::1

Re: How to set from: for bounce mails from OpenSMTPD

2020-02-24 Thread Thomas Bohl
I have the same problem (my logs look the same) and are very interested in a solution. I was wondering which version of OpenBSD are you using? and which version of Dovecot? Fully syspatched and 'pkg_add -u'ed OpenBSD 6.5 OpenSMTPD 6.5.0 dovecot- I usually upgrade in a timely manner

Re: How to set from: for bounce mails from OpenSMTPD

2020-02-14 Thread Thomas Bohl
Hello, I am running OpenBSD 6.5 with OpenSMTPD and dovecot and if I send an email to an invalid email address, I do not get a bounce back from OpenSMTPD telling me that the email address is invalid. So this means I never know that I made a mistake in sending my email. I have the same

Re: Skip recipient verification and forward everything to a LMTP socket

2020-01-17 Thread Thomas Bohl
> Hi, Hi I would like to put a OpenSMTPD server in front of a sourcehut lists installation [1] (that is, a mailing list system for sourcehut). OpenSMTPD and sourcehut communicate through a lmtp unix socket. Here is my configuration (without the filter and pki parts): listen on eth0 tls

Re: myca submission and letsencrypt smtp

2020-01-06 Thread Thomas Bohl
Hello, letsencrypt for tls on port 25 for remote servers to verify and tls-require verify auth on port 587 permitting self signed certificates You will need to use different hostnames. hostmx = hostsub = pki $hostmx cert

Re: table-passwd

2019-09-17 Thread Thomas Bohl
Hello, Is there anyone using table-passwd for _any_ other purposes than sharing with Dovecot ? Unless I'm misunderstanding the question, I use it all the time. If an appliance or server needs to be able to send or relay e-mail it gets an entry in the table-passwd, with an individual

Re: smarthost + aliases

2019-09-13 Thread Thomas Bohl
accept from local for any relay via \   smtps+auth:// \   as \   auth verify Sorry, that is obviously wrong. I misunderstood.

Re: smarthost + aliases

2019-09-13 Thread Thomas Bohl
Hello, listen on localhost table aliases db:/etc/aliases.db table secrets db:/etc/smtpd.secrets.db (Just use file. There is no gain in using Berkeley DB.) expire 4h accept from local for any relay via \ smtps+auth:// \ as \ auth verify

Re: Virtual users with Dovecot/Neomutt/OpenSMTPD

2019-07-17 Thread Thomas Bohl
Hi, what does your smtpd.conf look like? What versions are you using? -- You received this mail because you are subscribed to To unsubscribe, send a mail to:

Re: what's your LMTP use-case

2019-07-05 Thread Thomas Bohl
Hello, I know plenty of people use the lmtp action to deliver mail through LMTP and I'm genuinely curious: what is your use-case ? I use dovecot's lmtp to utilise Sieve[1] scripts and mailbox replication[2]. [1] [2]

Re: relay from authenticated users only

2019-07-02 Thread Thomas Bohl
Hello, I'd like to change somehow the config to let authenticated users only use my OpenSMPTD as a relay. Authentication should be based on the machine's local user and password table (/etc/passwd). I tried "listen on ... auth ..." but it complained about the lack of TLS/smtps. That is

Re: Intercepting mails with opensmtpd

2019-05-07 Thread Thomas Bohl
Hello, accept from source sender "" deliver to maildir "/home/mail/mydomain1/myuser/Maildir" accept from source sender "" deliver to maildir "/home/mail/mydomain1/myuser/Maildir" Do you have an idea ? Make sure it's above the relay rule. -- You received this

Re: how could a safety mechanism be configured?

2019-05-01 Thread Thomas Bohl
Hello, So what happened to me was that I activated a crontab accidentally that fetchmails POP3 mail. It connects to localhost and delivers to me (pjp@localhost). In my case the lmtp delivery caused a no such mailbox error, and opensmtpd then sent a bounce to the originators of the mail as

Re: Static Table Entry - smtpd.conf

2019-04-21 Thread Thomas Bohl
Hi, Is it valid if I add a static table entry in "smtpd.conf" like so; table blacklist { "@*.anonymous-email.*" } Yes Spamd is not stopping it so I though I can reject emails using a static table as noted above. Will my wildcard work? Yes, given an appropriate match action like match

Re: Unable to relay email

2019-04-06 Thread Thomas Bohl
This is my host and the source of the connection info I use: (That is what you find when you search for smtphm. The doesn't really anonymise it. You should have used the original from the get go.) I get local

Re: Unable to relay email

2019-04-06 Thread Thomas Bohl
The format of my secrets file is: my_relay sender:PASSWORD Any strange glyph to be concerned about? At one point I was trying to connect to the server with openssl and when I used " perl -MMIME::Base64 -e 'print encode_base64("SomeBase64Code");' " for my password it was truncating because of

Re: Unable to relay email

2019-04-05 Thread Thomas Bohl
Looks good. I bet money that the username:password pair in is just wrong :-) How much would you like to wager? :) 10€ for the project :-) I copied and pasted the info into a weblogin and it worked (unfortunately?) Hm, maybe you need a "application password". Try # smtpd -dv -Ttransfer

Re: Unable to relay email

2019-04-05 Thread Thomas Bohl
For the server I am trying to connect, I was told to use 587 if 25 didn't work, so I've been trying both. You should use 587. Here is the smtpd.conf now: Looks good. I bet money that the username:password pair in is just wrong :-) Don't forget to run # smtpctl update table secrets after

Re: Unable to relay email

2019-04-05 Thread Thomas Bohl
== /etc/mail/smtpd.conf diffs (-OLD  +NEW) == --- /var/backups/etc_mail_smtpd.conf.current    Fri Feb 22 01:30:23 2019 +++ /etc/mail/smtpd.conf    Fri Mar 15 20:49:37 2019 @@ -17,3 +17,5 @@   # match from any for domain "" action "local"   match for local action "local"  

Re: Unable to relay email

2019-04-05 Thread Thomas Bohl
Am 05.04.2019 um 05:58 schrieb Juan Trippe: What's the alternative? Did you make an update? I don't know, it was about a month ago. I was trying to get the relay working so I was making changes to the smtpd.conf file. AFAIK I was restarting smtpd after each edit and stopped when it worked.

Re: Unable to relay email

2019-04-04 Thread Thomas Bohl
Yes, I know it's hard to believe, maybe I forget to reload smtpd.conf after I made the edit, but I don't think so. What's the alternative? Did you make an update? Yes, secrets exists and has valid login info. I tested the info with Thunderbird on a client and was able to send an email

Re: Unable to relay email

2019-04-04 Thread Thomas Bohl
Hello, action “relay” relay user username host smtp+tls:// auth It worked fine until late March. Hard to believe, since it is a syntax error. smtpd -n was ok after user [username] was removed but the relay no longer functioned. The main cause seems to be a lack of

Re: How to setup a "clean MTA" in 2019?

2019-04-03 Thread Thomas Bohl
Hello, - setup the mta to use a EHLO name matching DNS for the IP I continually get that the two do not match using the various email testers. Yet the domain names do indeed match. Care to share the logs of one of those testers? When your server says "EHLO" then the reverse

Re: 550 invalid recipient issue

2019-03-19 Thread Thomas Bohl
Can you maybe post your virtuals? Here my /usr/local/etc/mail/virtuals: The line for is missing. The debug output shows

Re: 550 invalid recipient issue

2019-03-18 Thread Thomas Bohl
Which leads to the question: Does user1 exist? But I do not understand why osmtpd is looking at the /etc/passwd file when I have always used my table files (defined in smtp.conf) with a working environment, My understanding is, according to the configuration you presented, that it has to

Re: 550 invalid recipient issue

2019-03-18 Thread Thomas Bohl
The configuration loaded is correct as I see the daemon is loading the correct certificates and stuff if launched with smtpd -dv -T smtp. I am very shocked as I am not able to figure out what happened. I never changed any config file since December and I have installed this environment at

Re: 550 invalid recipient issue

2019-03-16 Thread Thomas Bohl
Both files are looking good/same as before and local delivery with sendmail does not work: Connecting to [] via relay... 220 ESMTP OpenSMTPD EHLO Hello [], pleased to meet you

Re: 550 invalid recipient issue

2019-03-15 Thread Thomas Bohl
Hello, #Allow local delivery accept from any for local alias deliver to lmtp "/var/run/dovecot/lmtp" rcpt-to #Allow virtual domains accept from any for domain virtual deliver to lmtp "/var/run/dovecot/lmtp" rcpt-to Are the files /usr/local/etc/mail/domains and

Re: Mail to root not working anymore with 6.4

2019-01-12 Thread Thomas Bohl
userdb {   args = uid=vmail gid=vmail home=/var/vmail/%d/%n   driver = static } nuc# I had forgotten that I had my dovecot setup like that. I set it up that way so that I can have e-mail users that are not system users. That is kind of important information. That makes the question whether

Re: Mail to root not working anymore with 6.4

2019-01-11 Thread Thomas Bohl
Hello, action lmtp-local lmtp "/var/dovecot/lmtp" rcpt-to #action lmtp-local lmtp "/var/dovecot/lmtp" rcpt-to alias Looks like you commented the wrong line out. -- You received this mail because you are subscribed to To unsubscribe, send a mail to:

Re: Mail loops when relaying and using smtp auth

2018-11-28 Thread Thomas Bohl
By default, there is ‘accept from local for any relay’, and I’ve kept that in place. Is this what you were referring to? That is what's casing the loop. "relay" looks for the MX record (Which is what you want for everting but your own domain). "relay via" skips that. As I understand it,

Re: Mail loops when relaying and using smtp auth

2018-11-28 Thread Thomas Bohl
Hi, It is possible to configure OpenSMTPd to detect this scenario and to know that it should relay that email to rather than trying to deliver it to its MX server, which happens to be the server itself? Here’s a very abridged version of my config, showing the relay and

  1   2   >