OpenBSD Journal

Heads up! OpenSMTPd has been enabled in the build!

Contributed by maxime on from the the s-and-m-transport-protocol dept.

Gilles Chehade (gilles@) has just posted on misc@ a message to say that the new OpenSMTPd is now linked to the build, and that this wonderful piece of code needs to be tested.

Editor's note: At Jacek's request, the instructions from Gilles' message were removed from this article. Testers are advised to use the enable/disable scripts, since they are simpler and more complete.

Here is Gilles' message:

Hi misc@,

As some of you may have noticed, smtpd has been enabled in the
build and we encourage you guys to start testing it and report
bugs you run into.

What would be great is if you could replace your sendmail with
smtpd on your laptop/desktop and started using it as a backend
for your mua; or if you could set it up on some test box where
you receive mail (with a secondary MX) as a destination MX.

PLEASE do not run this in production, it is NOT ready. Really,
don't do it, you will be unhappy and I will point my finger at
you and laugh. Really ... don't.

(...)

Please, do not spam the list with reports of success or failure,
instead you can send them to: smtpd-dev@poolp.org

Thanks !
Gilles

Jacek Masiulaniec (jacekm@) posted a important follow-up giving instructions to enable OpenSMTPd in -current, and here it is:

We came up with simplified instructions.  Fetch these scripts:

  http://www.poolp.org/~jacekm/smtpd-enable
  http://www.poolp.org/~jacekm/smtpd-disable

Then, run the following on a recent snap after cvs up:

  sudo smtpd-enable

To deactivate:

  sudo smtpd-disable

Now, it is up to you!

(Comments are closed)


Comments
  1. By Mayuresh Kathe (59.182.237.191) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/

    Woo hoo, finally... :-)
    This is great news.
    Looking forward to final release.

    Comments
    1. By Gilles CHEHADE (193.47.80.25) gilles@openbsd.org on http://www.poolp.org/~gilles/

      > Woo hoo, finally... :-)
      > This is great news.
      > Looking forward to final release.
      >

      Since you are talking about final release ...

      We're not quite there yet, and it is not going to happen any time soon if we don't have feedback of people testing it. Setting it up is not enough, we need to know that you set it up, what smtpd.conf you are using, and we need to know if it works for you and/or if you experience bugs.

      Some bugs we know and are working on, some others we don't and we need your help to uncover.

      The more feedback we get, the more bugs we uncover and the more confident we are that smtpd can be trusted to handle critical mail. Right now it can't.

      Gilles

      PS: I got your mail Mayuresh, didn't answer because i'm swamped but I will

  2. Comments
    1. By Anonymous Coward (128.171.90.200) on

      > DragonFly now compiles with clang!

      The kernel now compiles, but userland does not.

      All very interesting but off-topic.

  3. By Donald (216.86.64.11) on

    Does this mean that it will probably be the stock smtp daemon in the November 2009 OpenBSD release?

    ~DW

    Comments
    1. By Anonymous Coward (128.171.90.200) on

      > Does this mean that it will probably be the stock smtp daemon in the November 2009 OpenBSD release?

      The more testing that takes place, the sooner it will happen.

  4. By Jeff Flowers (216.199.22.142) on

    Is OpenSMTPd intended to be an eventual replacement for Sendmail?

    Comments
    1. By Brynet (Brynet) on

      > Is OpenSMTPd intended to be an eventual replacement for Sendmail?

      I presume that's the obvious end result.. but it's not at that stage yet, so.. go test it.

      Comments
      1. By Jeff Flowers (76.106.249.7) on

        > > Is OpenSMTPd intended to be an eventual replacement for Sendmail?
        >
        > I presume that's the obvious end result.. but it's not at that stage yet, so.. go test it.
        >

        Thanks.

    2. By Daniel Ouellet (66.63.10.83) daniel@presscom.net on

      Gilles,

      One question for you here. I know you said not to use it in production, nor do I want to yet anyway, but here is a question that could provide a pretty good tests if possible.

      I use a bank of servers that their only reason is to be front end for spam filter and gray scanner from Bob Beck PERL script. So, there is multiples MX setup, meaning many mail server that only received mail, check for it to be valid and with PF either accept it, reject, etc as you know. Then forward the emails to the final destination directly.

      Would that help and could the smtpd as is handle this restricted use as that's what it is really. No local delivery, pickup and all. Just relay and the setup use multiple servers, so worst case if one goes dead, not the end of the world as many others are waiting to pick up the load anyway.

      Could it handle good load and could I in this setup put it in use where I could put two or three of them with smptd in real life production use and just in case they crap out, I would also still have anyway two more postfix one that would pick it up should spamd goes south.

      Could this help and could I do this with the smtpd as it is at this time, or not even that yet? I am not oppose to take the risk and do it if that really helps and even provide stats if needed as I increase the load on this.

      In this situation could the community use it as such and give it a more heavy tests and be helpful that way, or you would recommend not even trying this yet?

      I am not going to bitch or cry if it does crash, just wonder if that's possible at this stage and if that would help. I am very tempted to do it, just wanted to check first as you said you would point finger at it! (;>

      May be others might do it to, if that can run like that.

      Email in private is fine to should you want to take it private as well.

      Best,

      Daniel

      Comments
      1. By Anonymous Coward (72.0.206.213) on

        > Gilles,
        >
        > One question for you here. I know you said not to use it in production, nor do I want to yet anyway, but here is a question that could provide a pretty good tests if possible.
        >
        > I use a bank of servers that their only reason is to be front end for spam filter and gray scanner from Bob Beck PERL script. So, there is multiples MX setup, meaning many mail server that only received mail, check for it to be valid and with PF either accept it, reject, etc as you know. Then forward the emails to the final destination directly.
        >
        > Would that help and could the smtpd as is handle this restricted use as that's what it is really. No local delivery, pickup and all. Just relay and the setup use multiple servers, so worst case if one goes dead, not the end of the world as many others are waiting to pick up the load anyway.
        >
        > Could it handle good load and could I in this setup put it in use where I could put two or three of them with smptd in real life production use and just in case they crap out, I would also still have anyway two more postfix one that would pick it up should spamd goes south.
        >
        > Could this help and could I do this with the smtpd as it is at this time, or not even that yet? I am not oppose to take the risk and do it if that really helps and even provide stats if needed as I increase the load on this.
        >
        > In this situation could the community use it as such and give it a more heavy tests and be helpful that way, or you would recommend not even trying this yet?
        >
        > I am not going to bitch or cry if it does crash, just wonder if that's possible at this stage and if that would help. I am very tempted to do it, just wanted to check first as you said you would point finger at it! (;>
        >
        > May be others might do it to, if that can run like that.
        >
        > Email in private is fine to should you want to take it private as well.
        >
        > Best,
        >
        > Daniel

        Maybe he would respond if you could improve your English a little.

        Comments
        1. By Daniel Ouellet (66.63.10.83) daniel@presscom.net on

          > Maybe he would respond if you could improve your English a little.

          And if you take your head out of the sand you will notice that not all the world speak English last time I look anyway! Or may be I have more education then you to be able to try to speak the language of others by respect to them.

          I would be curious to see how well you do in other language, or even if you would have the respect to even try!

          Thanks for your useless redneck comments!

          At a minimum, I have no issue trying or fell I am loosing anything doing so and I am sure everyone with a minimum of education can appreciated it and can also understand it. You may just need to go back to school.

          Comments
          1. By Anonymous Coward (38.103.144.42) on

            > > Maybe he would respond if you could improve your English a little.
            >
            > And if you take your head out of the sand you will notice that not all the world speak English last time I look anyway! Or may be I have more education then you to be able to try to speak the language of others by respect to them.
            >
            > I would be curious to see how well you do in other language, or even if you would have the respect to even try!
            >
            > Thanks for your useless redneck comments!
            >
            > At a minimum, I have no issue trying or fell I am loosing anything doing so and I am sure everyone with a minimum of education can appreciated it and can also understand it. You may just need to go back to school.
            >

            Try again, next time... do it in English.

            Comments
            1. By Anonymous Coward (128.171.90.200) on

              > Try again, next time... do it in English.

              La prochaine fois, vous essayez, parle français

              Comments
              1. By Maxime DERCHE (maxime) on http://www.mouet-mouet.net/maxime/blog/

                > > Try again, next time... do it in English.
                >
                > La prochaine fois, vous essayez, parle français

                I think you mean "La prochaine fois, essayez vous-même de parler français." :).

                Comments
                1. By Anonymous Coward (38.103.144.42) on

                  > > La prochaine fois, vous essayez, parle français
                  >
                  > I think you mean "La prochaine fois, essayez vous-même de parler français." :).

                  Ribbit.

                  French enough?

                  Comments
                  1. By han (212.198.65.29) on

                    > > > La prochaine fois, vous essayez, parle français
                    > >
                    > > I think you mean "La prochaine fois, essayez vous-même de parler français." :).
                    >
                    > Ribbit.
                    >
                    > French enough?
                    My lord ! Some French speakers who dare to speak french, what a shame ! Noone should be allowed to publish or herald in his mother tongue but native English speakers ! In addition, I suggest that the other pay for the oxygen they breathe ! My devotion to American/English people and the alikes, I'm kneeling before you...quoi que j'ai d'autres choses à foutre en fait !!!

                    Comments
                    1. By Anonymous Coward (128.171.90.200) on

                      > > > > La prochaine fois, vous essayez, parle français
                      > > >
                      > > > I think you mean "La prochaine fois, essayez vous-même de parler français." :).
                      > >
                      > > Ribbit.
                      > >
                      > > French enough?
                      > My lord ! Some French speakers who dare to speak french, what a shame ! Noone should be allowed to publish or herald in his mother tongue but native English speakers ! In addition, I suggest that the other pay for the oxygen they breathe ! My devotion to American/English people and the alikes, I'm kneeling before you...quoi que j'ai d'autres choses à foutre en fait !!!
                      >

                      I'm not sure American English is really English, me ol' china

                2. By Anonymous Coward (128.171.90.200) on

                  > > > Try again, next time... do it in English.
                  > >
                  > > La prochaine fois, vous essayez, parle français
                  >
                  > I think you mean "La prochaine fois, essayez vous-même de parler français." :).

                  I did, my french is a little rusty

            2. By Anonymous Coward (165.228.157.146) on


              > Try again, next time... do it in English.

              Peter Matulis.

        2. By Anonymous Coward (190.177.192.41) on

          > > Gilles,
          > >
          > > One question for you here. I know you said not to use it in production, nor do I want to yet anyway, but here is a question that could provide a pretty good tests if possible.
          > >
          > > I use a bank of servers that their only reason is to be front end for spam filter and gray scanner from Bob Beck PERL script. So, there is multiples MX setup, meaning many mail server that only received mail, check for it to be valid and with PF either accept it, reject, etc as you know. Then forward the emails to the final destination directly.
          > >
          > > Would that help and could the smtpd as is handle this restricted use as that's what it is really. No local delivery, pickup and all. Just relay and the setup use multiple servers, so worst case if one goes dead, not the end of the world as many others are waiting to pick up the load anyway.
          > >
          > > Could it handle good load and could I in this setup put it in use where I could put two or three of them with smptd in real life production use and just in case they crap out, I would also still have anyway two more postfix one that would pick it up should spamd goes south.
          > >
          > > Could this help and could I do this with the smtpd as it is at this time, or not even that yet? I am not oppose to take the risk and do it if that really helps and even provide stats if needed as I increase the load on this.
          > >
          > > In this situation could the community use it as such and give it a more heavy tests and be helpful that way, or you would recommend not even trying this yet?
          > >
          > > I am not going to bitch or cry if it does crash, just wonder if that's possible at this stage and if that would help. I am very tempted to do it, just wanted to check first as you said you would point finger at it! (;>
          > >
          > > May be others might do it to, if that can run like that.
          > >
          > > Email in private is fine to should you want to take it private as well.
          > >
          > > Best,
          > >
          > > Daniel
          >
          > Maybe he would respond if you could improve your English a little.
          >

          Típico comentario de gringo imbecil que no tiene nada útil para decir, o hacer, y no le queda mas que jactarse de hacer bien lo que inevitablemente hace bien: hablar su propia lengua con correción ...

          Si tuviera dos dedos de frente, no solo no haría un comentario que no aporta absolutamente nada, y que solo pone de manifiesto su propia ignorancia, sino que se callaría la boca y dejaría que quien tiene algo útil para decir, lo diga, sin tener que exponer al resto del mundo a tener que tolerar otro ejemplo de que lo único que no tiene limite es la estupidez humana.

          Saludos

          Comments
          1. By Anonymous Coward (72.0.206.213) on


            > Típico comentario de gringo imbecil que no tiene nada útil para decir, o hacer, y no le queda mas que jactarse de hacer bien lo que inevitablemente hace bien: hablar su propia lengua con correción ...
            >
            > Si tuviera dos dedos de frente, no solo no haría un comentario que no aporta absolutamente nada, y que solo pone de manifiesto su propia ignorancia, sino que se callaría la boca y dejaría que quien tiene algo útil para decir, lo diga, sin tener que exponer al resto del mundo a tener que tolerar otro ejemplo de que lo único que no tiene limite es la estupidez humana.
            >
            > Saludos

            English please.

            Comments
            1. By Daniel Ouellet (66.63.10.83) daniel@presscom.net on

              >
              > > Típico comentario de gringo imbecil que no tiene nada útil para decir, o hacer, y no le queda mas que jactarse de hacer bien lo que inevitablemente hace bien: hablar su propia lengua con correción ...
              > >
              > > Si tuviera dos dedos de frente, no solo no haría un comentario que no aporta absolutamente nada, y que solo pone de manifiesto su propia ignorancia, sino que se callaría la boca y dejaría que quien tiene algo útil para decir, lo diga, sin tener que exponer al resto del mundo a tener que tolerar otro ejemplo de que lo único que no tiene limite es la estupidez humana.
              > >
              > > Saludos
              >
              > English please.

              Let me help you on this:

              http://tinyurl.com/cct6bx

              Then you can read it in English for your sorry brain.

              Best of luck to you.

              Daniel

            2. By Anonymous Coward (128.171.90.200) on

              >
              > > Típico comentario de gringo imbecil que no tiene nada útil para decir, o hacer, y no le queda mas que jactarse de hacer bien lo que inevitablemente hace bien: hablar su propia lengua con correción ...
              > >
              > > Si tuviera dos dedos de frente, no solo no haría un comentario que no aporta absolutamente nada, y que solo pone de manifiesto su propia ignorancia, sino que se callaría la boca y dejaría que quien tiene algo útil para decir, lo diga, sin tener que exponer al resto del mundo a tener que tolerar otro ejemplo de que lo único que no tiene limite es la estupidez humana.
              > >
              > > Saludos
              >
              > English please.

              I would have thought "Típico comentario de gringo imbecil" should be clear to any "gringo imbecil"

          2. By Daniel Ouellet (66.63.10.83) daniel@presscom.net on

            > > Maybe he would respond if you could improve your English a little.
            > >
            >
            > Típico comentario de gringo imbecil que no tiene nada útil para decir, o hacer, y no le queda mas que jactarse de hacer bien lo que inevitablemente hace bien: hablar su propia lengua con correción ...
            >
            > Si tuviera dos dedos de frente, no solo no haría un comentario que no aporta absolutamente nada, y que solo pone de manifiesto su propia ignorancia, sino que se callaría la boca y dejaría que quien tiene algo útil para decir, lo diga, sin tener que exponer al resto del mundo a tener que tolerar otro ejemplo de que lo único que no tiene limite es la estupidez humana.
            >
            > Saludos

            Hola,

            Usted no le puede hacer mucho aquí. Algunos Redneck sólo que nunca y asume el mundo debe hacer lo que desean y no pueden ver pasar su nariz!

            Lo que sí espero, no pueden acceder a las noticias sobre cualquier cosa sucede a su alrededor el mundo, por lo menos van a entender hay algo más fuera de su pequeño mundo.

            Mi español no es, probablemente, a la buena, pero nunca menos que no es una excusa para no probarlo! (;>

            Pero puede ser que debemos tratar de mantener en Inglés para la que será de mente estrecha, incluso a tratar de ver si pueden e él.

            No estoy seguro de cuántos realmente tratar de leer su mensaje sin embargo, sería curioso saber.

            Mejor,

            Daniel

      2. By Gilles CHEHADE (193.47.80.25) gilles@openbsd.org on http://www.poolp.org/~gilles/

        Daniel,

        smtpd, as is, can do what you describe. It can do relaying, it can do delivery to a mbox, a maildir, or even a external mda which implement custom deliveries methods. So yes technically, it would work for your setup, and could probably work for more complex setups too.

        The question is not if it works or not but if is reliable or not, and that can only be answered by people testing it and reporting that the server has been running for weeks/months flawlessly.

        Does it support load, I don't know. It should, but until I have tests reports saying "I tested it under load, I flooded it with hundreds of sessions and couldn't make it crash", I don't know.

        I will not encourage you to put it in production, I think it is a bad idea, but if you plan on doing it why don't you start by setting up a single host first and see if it works for you before setting it up on many hosts ?

        Anyway, the bottom line is: it works for me, but it needs testing.

        Gilles

        Comments
        1. By Daniel Ouellet (66.63.10.83) daniel@presscom.net on

          > Daniel,
          >
          > smtpd, as is, can do what you describe. It can do relaying, it can do delivery to a mbox, a maildir, or even a external mda which implement custom deliveries methods. So yes technically, it would work for your setup, and could probably work for more complex setups too.
          >
          > The question is not if it works or not but if is reliable or not, and that can only be answered by people testing it and reporting that the server has been running for weeks/months flawlessly.
          >
          > Does it support load, I don't know. It should, but until I have tests reports saying "I tested it under load, I flooded it with hundreds of sessions and couldn't make it crash", I don't know.
          >
          > I will not encourage you to put it in production, I think it is a bad idea, but if you plan on doing it why don't you start by setting up a single host first and see if it works for you before setting it up on many hosts ?
          >
          > Anyway, the bottom line is: it works for me, but it needs testing.
          >
          > Gilles

          That's fair and thanks for the answer and more importantly for the work you put into it! I will give it a spin and increase the load as it goes and see the outcome then. That I can do and will see if it keep up or not as I filter more and more domains with it.

      3. By Anonymous Coward (209.242.229.105) on

        Please fucking separate already. PLAINS OF ABRAHAM BITCHES, PLAINS OF ABRAHAM!

        Comments
        1. By clvrmnky (69.196.152.39) clvrmnky.invalid@gmail.com on

          > Please fucking separate already. PLAINS OF ABRAHAM BITCHES, PLAINS OF ABRAHAM!

          Your grade 11 Canadian History won't help you now. The only thing for it is to develop a more nuanced view of historical events by any means necessary. Perhaps starting with the fact that more than one place in Canada calls itself Francophone. The map is not the territory.

          These are difficult ideas to grasp at first, but I'm sure you'll do alright.

          Bon courage!

  5. By Anonymous Coward (72.65.229.148) on

    > What would be great is if you could replace your sendmail with smtpd on your laptop/desktop

    Maybe I'm ignorant, but why would you want to install a mail server on your laptop? A laptop is usually mobile. It doesn't have a static IP address, and it's often turned off.

    If your laptop is always being connected to random networks around the world (e.g. at the local coffee shop, at the airport, at a conference overseas, ...), and is sometimes turned off, then how does email addressed to you know where it's supposed to find your laptop?

    It was my understanding that most laptop users either run a MUA on a remote machine that they access through ssh or https (e.g. gmail), or have their local MUA (e.g. thunderbird, mutt, or alpine) configured to use a remote mail server.

    Comments
    1. By Anonymous Coward (2a01:348:108:155:216:41ff:fe53:6a45) on

      > Maybe I'm ignorant, but why would you want to install a mail server on your laptop? A laptop is usually mobile. It doesn't have a static IP address, and it's often turned off.

      It's also often without a network connection, so having something that queues outgoing mail for sending later can be pretty useful. (Especially if it gives an simple way to use smtp-auth).

      > It was my understanding that most laptop users either run a MUA on a remote machine that they access through ssh or https (e.g. gmail), or have their local MUA (e.g. thunderbird, mutt, or alpine) configured to use a remote mail server.

      Not all MUAs work like that, and you might run other software that needs to send mail.

      Comments
      1. By Laurence Tratt (92.26.9.84) on

        > It's also often without a network connection, so having something that
        > queues outgoing mail for sending later can be pretty useful. (Especially if
        > it gives an simple way to use smtp-auth).

        For some simple cases (in particular if you have access to a remote machine via ssh running sendmail) then extsmail (which is in ports) might be worth looking at. It intentionally doesn't do anywhere near the range of things that sendmail/opensmtpd does, but for a low configuration overhead (and non-root priviliges) way of dealing with the sending-mail-while-offline problem, it has its uses.

    2. By Anonymous Coward (84.44.171.126) on

      Don't use OpenBSD, do you?
      There are lots of uses for local delivery.

      Comments
      1. By Jeff Flowers (76.106.249.7) on

        > Don't use OpenBSD, do you?
        > There are lots of uses for local delivery.

        Exactly.

      2. By Anonymous Coward (82.113.121.112) on

        > Don't use OpenBSD, do you?
        > There are lots of uses for local delivery.

        And think of e.g. queueing your mails when you aren't (or are loosely) online.

  6. By kiriakos simon (94.70.118.38) on

    Does opensmtpd support smtp auth?

    Comments
    1. By Gilles CHEHADE (2a01:e35:8a50:c900:fc12:101a:d65e:9fe) gilles@openbsd.org on http://www.poolp.org/~gilles/

      > Does opensmtpd support smtp auth?

      yes, it supports smtp out of the box for both incoming and outgoing sessions, as long as they are over ssl (smtps or tls).

      Gilles

    2. By giovanni (87.2.238.206) on

      > Does opensmtpd support smtp auth?
      I'm using it w/ gmail and I love it.
      accept for all relay via tls "smtp.gmail.com" port 587 enable auth


      Comments
      1. By Gilles CHEHADE (193.47.80.25) gilles@poolp.org on http://www.poolp.org/~gilles/

        > > Does opensmtpd support smtp auth?
        > I'm using it w/ gmail and I love it.
        > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
        >

        that seems to be a common use case :-)

        Gilles

        Comments
        1. By UW (155.56.68.220) uw@o3si.de on

          > > > Does opensmtpd support smtp auth?
          > > I'm using it w/ gmail and I love it.
          > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
          > >
          >
          > that seems to be a common use case :-)
          >
          > Gilles
          >
          Hi Gilles,

          thanks for Your hard work! Looking forward to see it in production ;-)

          I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?

          Thanks in advance!

          Regards Uwe

          Comments
          1. By giovanni (87.2.238.161) on

            > > > > Does opensmtpd support smtp auth?
            > > > I'm using it w/ gmail and I love it.
            > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
            > > >
            > >
            > > that seems to be a common use case :-)
            > >
            > > Gilles
            > >
            > Hi Gilles,
            >
            > thanks for Your hard work! Looking forward to see it in production ;-)
            >
            > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
            e.g

            smtp.gmail.com account:pwd

            makemap -o secrets.db secrets

            Comments
            1. By UW (155.56.68.221) uw@o3si.de on

              > > > > > Does opensmtpd support smtp auth?
              > > > > I'm using it w/ gmail and I love it.
              > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
              > > > >
              > > >
              > > > that seems to be a common use case :-)
              > > >
              > > > Gilles
              > > >
              > > Hi Gilles,
              > >
              > > thanks for Your hard work! Looking forward to see it in production ;-)
              > >
              > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
              > e.g
              >
              > smtp.gmail.com account:pwd
              >
              > makemap -o secrets.db secrets

              Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:

              no credentials for relay through "$myrelay": Undefined error: 0

              Mmh. What I'm missing?

              Regards Uwe

              Comments
              1. By giovanni (87.2.238.161) on

                > > > > > > Does opensmtpd support smtp auth?
                > > > > > I'm using it w/ gmail and I love it.
                > > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
                > > > > >
                > > > >
                > > > > that seems to be a common use case :-)
                > > > >
                > > > > Gilles
                > > > >
                > > > Hi Gilles,
                > > >
                > > > thanks for Your hard work! Looking forward to see it in production ;-)
                > > >
                > > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
                > > e.g
                > >
                > > smtp.gmail.com account:pwd
                > >
                > > makemap -o secrets.db secrets
                >
                > Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:
                >
                > no credentials for relay through "$myrelay": Undefined error: 0
                >
                > Mmh. What I'm missing?
                >
                > Regards Uwe

                that means no entry found in the db for your mx. did you create secrets.db?

                Comments
                1. By Anonymous Coward (89.246.185.57) on

                  > > > > > > > Does opensmtpd support smtp auth?
                  > > > > > > I'm using it w/ gmail and I love it.
                  > > > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
                  > > > > > >
                  > > > > >
                  > > > > > that seems to be a common use case :-)
                  > > > > >
                  > > > > > Gilles
                  > > > > >
                  > > > > Hi Gilles,
                  > > > >
                  > > > > thanks for Your hard work! Looking forward to see it in production ;-)
                  > > > >
                  > > > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
                  > > > e.g
                  > > >
                  > > > smtp.gmail.com account:pwd
                  > > >
                  > > > makemap -o secrets.db secrets
                  > >
                  > > Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:
                  > >
                  > > no credentials for relay through "$myrelay": Undefined error: 0
                  > >
                  > > Mmh. What I'm missing?
                  > >
                  > > Regards Uwe
                  >
                  > that means no entry found in the db for your mx. did you create secrets.db?
                  >

                  Yes, of course. I took a look what's happening with systrace - and smtpd does not try to touch secrets.db. Maybe there should be a "map" statement in smtpd.conf? I can't make heads and tails of parse.y to figure out myself the right syntax. Any suggestions?

                  Comments
                  1. By giovanni (212.171.138.153) on

                    > > > > > > > > Does opensmtpd support smtp auth?
                    > > > > > > > I'm using it w/ gmail and I love it.
                    > > > > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
                    > > > > > > >
                    > > > > > >
                    > > > > > > that seems to be a common use case :-)
                    > > > > > >
                    > > > > > > Gilles
                    > > > > > >
                    > > > > > Hi Gilles,
                    > > > > >
                    > > > > > thanks for Your hard work! Looking forward to see it in production ;-)
                    > > > > >
                    > > > > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
                    > > > > e.g
                    > > > >
                    > > > > smtp.gmail.com account:pwd
                    > > > >
                    > > > > makemap -o secrets.db secrets
                    > > >
                    > > > Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:
                    > > >
                    > > > no credentials for relay through "$myrelay": Undefined error: 0
                    > > >
                    > > > Mmh. What I'm missing?
                    > > >
                    > > > Regards Uwe
                    > >
                    > > that means no entry found in the db for your mx. did you create secrets.db?
                    > >
                    >
                    > Yes, of course. I took a look what's happening with systrace - and smtpd does not try to touch secrets.db. Maybe there should be a "map" statement in smtpd.conf? I can't make heads and tails of parse.y to figure out myself the right syntax. Any suggestions?

                    add

                    map "secrets" { source db "/etc/mail/secrets.db" }

                    in smtpd.conf

                    Comments
                    1. By UW (89.246.185.57) uw@o3si.de on

                      > > > > > > > > > Does opensmtpd support smtp auth?
                      > > > > > > > > I'm using it w/ gmail and I love it.
                      > > > > > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
                      > > > > > > > >
                      > > > > > > >
                      > > > > > > > that seems to be a common use case :-)
                      > > > > > > >
                      > > > > > > > Gilles
                      > > > > > > >
                      > > > > > > Hi Gilles,
                      > > > > > >
                      > > > > > > thanks for Your hard work! Looking forward to see it in production ;-)
                      > > > > > >
                      > > > > > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
                      > > > > > e.g
                      > > > > >
                      > > > > > smtp.gmail.com account:pwd
                      > > > > >
                      > > > > > makemap -o secrets.db secrets
                      > > > >
                      > > > > Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:
                      > > > >
                      > > > > no credentials for relay through "$myrelay": Undefined error: 0
                      > > > >
                      > > > > Mmh. What I'm missing?
                      > > > >
                      > > > > Regards Uwe
                      > > >
                      > > > that means no entry found in the db for your mx. did you create secrets.db?
                      > > >
                      > >
                      > > Yes, of course. I took a look what's happening with systrace - and smtpd does not try to touch secrets.db. Maybe there should be a "map" statement in smtpd.conf? I can't make heads and tails of parse.y to figure out myself the right syntax. Any suggestions?
                      >
                      > add
                      >
                      > map "secrets" { source db "/etc/mail/secrets.db" }
                      >
                      > in smtpd.conf

                      That was it! Now it works! Thank You very much for Your advice.

              2. By Anonymous Coward (87.2.238.161) on

                > > > > > > Does opensmtpd support smtp auth?
                > > > > > I'm using it w/ gmail and I love it.
                > > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
                > > > > >
                > > > >
                > > > > that seems to be a common use case :-)
                > > > >
                > > > > Gilles
                > > > >
                > > > Hi Gilles,
                > > >
                > > > thanks for Your hard work! Looking forward to see it in production ;-)
                > > >
                > > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
                > > e.g
                > >
                > > smtp.gmail.com account:pwd
                > >
                > > makemap -o secrets.db secrets
                >
                > Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:
                >

                > no credentials for relay through "$myrelay": Undefined error: 0
                sorry, I did not see that before: what is "$myrelay" _maybe_ this is the error. here you have to put your mx e.g smtp.gmail.com

                Comments
                1. By Anonymous Coward (89.246.185.57) on

                  > > > > > > > Does opensmtpd support smtp auth?
                  > > > > > > I'm using it w/ gmail and I love it.
                  > > > > > > accept for all relay via tls "smtp.gmail.com" port 587 enable auth
                  > > > > > >
                  > > > > >
                  > > > > > that seems to be a common use case :-)
                  > > > > >
                  > > > > > Gilles
                  > > > > >
                  > > > > Hi Gilles,
                  > > > >
                  > > > > thanks for Your hard work! Looking forward to see it in production ;-)
                  > > > >
                  > > > > I'd like to test it but I'm not sure about the syntax of /etc/mail/secrets. Could You please provide an example?
                  > > > e.g
                  > > >
                  > > > smtp.gmail.com account:pwd
                  > > >
                  > > > makemap -o secrets.db secrets
                  > >
                  > > Thanks for Your reply. This syntax I tested already but it seems to me that smtpd doesn't use secrets. I get the following error message:
                  > >
                  >
                  > > no credentials for relay through "$myrelay": Undefined error: 0
                  > sorry, I did not see that before: what is "$myrelay" _maybe_ this is the error. here you have to put your mx e.g smtp.gmail.com
                  >

                  sorry for that. $myrelay of course was set with my real mx record.

  7. By Anonymous Coward (219.90.211.20) on

    Anyone else noticed that the stories on the main page are not in chronological order (by contribution date)?

    Comments
    1. By Brynet (Brynet) on

      > Anyone else noticed that the stories on the main page are not in chronological order (by contribution date)?

      Some stories appear that way, I think they do that to bump a story that's considerably more important.. or it could be an indication that a discussion is still active.

      Who knows? ask the author of this site.. :)

      Comments
      1. By Anonymous Coward (128.171.90.200) on

        > > Anyone else noticed that the stories on the main page are not in chronological order (by contribution date)?
        >
        > Some stories appear that way, I think they do that to bump a story that's considerably more important.. or it could be an indication that a discussion is still active.
        >
        > Who knows? ask the author of this site.. :)

        It may be that it puts stories in chronological order of when they were published and not when they were written, which would be what the date refers to.

        *shrugs*

  8. By Alexey (americano) americano@ukr.net on

    Gill's, when you right "complete" man for smtpd.conf ?
    Add smtpd.conf to sysmerge ?
    Add mail/secret to src ?
    Add some examples of smtpd.conf ?

    Comments
    1. By Gilles CHEHADE (88.165.12.144) gilles@openbsd.org on http://www.poolp.org/~gilles/

      > Gill's, when you right "complete" man for smtpd.conf ?
      > Add smtpd.conf to sysmerge ?
      > Add mail/secret to src ?
      > Add some examples of smtpd.conf ?
      >

      I would answer all these questions, but given your tone and the fact that you DID NOT EVEN SEND US A TEST REPORT AS WE REQUESTED, I don't think you deserve an answer and I don't care about what you think I should do and when you think I should do it.

      Comments
      1. By han (212.198.65.29) on

        > > Gill's, when you right "complete" man for smtpd.conf ?
        > > Add smtpd.conf to sysmerge ?
        > > Add mail/secret to src ?
        > > Add some examples of smtpd.conf ?
        > >
        >
        > I would answer all these questions, but given your tone and the fact that you DID NOT EVEN SEND US A TEST REPORT AS WE REQUESTED, I don't think you deserve an answer and I don't care about what you think I should do and when you think I should do it.
        >
        Gille, you might have gotten sore due to these questions and the tone in use, but that's actually very good questions. I'm sure a lot of people would be glad to give you feedback, but some of us are just "mister average" and proper doc... as proper exemples are fine in order to start things out.
        Many books, tuto... are available to settle sendmail but that isn't the case with smtpd.
        In hope that you make clear your mind, release the pressure (you don't fight for your life) and understand a call from john doe and associates. Regards.

        Comments
        1. By Gilles CHEHADE (193.47.80.25) gilles@poolp.org on http://www.poolp.org/~gilles/


          > Gille, you might have gotten sore due to these questions and the tone in use, but that's actually very good questions. I'm sure a lot of people would be glad to give you feedback, but some of us are just "mister average" and proper doc... as proper exemples are fine in order to start things out.
          > Many books, tuto... are available to settle sendmail but that isn't the case with smtpd.
          > In hope that you make clear your mind, release the pressure (you don't fight for your life) and understand a call from john doe and associates. Regards.

          What makes you think i'm under pressure ? :-)

          If he had asked in a way that didn't make him sound like he is a complete asshole, I would have answered them. If someone doesn't ask politely, why would I answer politely ?

          This being said, we have been discussing changes in the configuration file and before commiting a man page that we would deprecate shortly after, we decided that these changes should be commited first. jacekm@ is working on them and after I review them tonight he will commit them as well as an up-to-date man page for smtpd.conf

          Examples will follow, it is just pointless to commit an example which you know you will render useless in a few days after many people picked it up.

          Gilles

          Comments
          1. By han (212.198.65.29) on

            > What makes you think i'm under pressure ? :-)
            Mon p'tit doigt, mais avec mes rhumatismes cela pouvait être tout bonnement la pluie qui arrive ! ;-)


            > This being said, we have been discussing changes in the configuration file and before commiting a man page that we would deprecate shortly after, we decided that these changes should be commited first. jacekm@ is working on them and after I review them tonight he will commit them as well as an up-to-date man page for smtpd.conf
            >
            > Examples will follow, it is just pointless to commit an example which you know you will render useless in a few days after many people picked it up.
            >
            > Gilles
            >
            ah...okaaaayyyyyy !!!
            cheers!
            @+

          2. By Anonymous Coward (128.171.90.200) on

            > If he had asked in a way that didn't make him sound like he is a complete asshole, I would have answered them. If someone doesn't ask politely, why would I answer politely ?

            it looks as if english is not their first language and as a result it may have been hard for them to phrase the question politely as they had enough trouble phrasing the question at all. I could be wrong.

    2. By Gregory Edigarov (80.92.224.11) on

      > Gill's, when you right "complete" man for smtpd.conf ?
      > Add smtpd.conf to sysmerge ?
      > Add mail/secret to src ?
      > Add some examples of smtpd.conf ?
      >

      Look, I've just set it up and running without looking at any docs at all, just parse.y + some intelligence.

      Works like a charm as a primary mx for 2 domains.
      If you don't understand this simplest config format - stay with your bloatware.

      Gilles, I really like it. All possible respect to you.

      I will observe smtpd's behavior and send you a note in case of some problems.

  9. By Anonymous Coward (148.2.224.140) on

    Howdy -

    Not getting it to work for my domain, when doing a nc ip 25 it just stands there not getting a greeting from opensmtpd. The log says that a client has connected but nothing happens and after a while it times out.

    <snip smtpd.conf>

    listen on sk0

    map "aliases" { source db "/etc/mail/aliases.db" }

    accept for domain "mydomain.org" deliver to mbox
    accept for all relay

    </snip>

    Am I missing something?

    Comments
    1. By Jacek Masiulaniec (86.154.69.169) on

      > Howdy -
      >
      > Not getting it to work for my domain, when doing a nc ip 25 it just stands there not getting a greeting from opensmtpd. The log says that a client has connected but nothing happens and after a while it times out.
      >
      > <snip smtpd.conf>
      >
      > listen on sk0

      Ensure you're running latest code. There was a bug fixed recently which prevented implicit "port 25" from working.

      >
      > map "aliases" { source db "/etc/mail/aliases.db" }
      >
      > accept for domain "mydomain.org" deliver to mbox
      > accept for all relay
      >
      > </snip>
      >
      > Am I missing something?

      Comments
      1. By Gilles CHEHADE (193.47.80.25) gilles@openbsd.org on http://www.poolp.org/~gilles/

        > > Howdy -
        > >
        > > Not getting it to work for my domain, when doing a nc ip 25 it just stands there not getting a greeting from opensmtpd. The log says that a client has connected but nothing happens and after a while it times out.
        > >
        > > <snip smtpd.conf>
        > >
        > > listen on sk0
        >
        > Ensure you're running latest code. There was a bug fixed recently which prevented implicit "port 25" from working.
        >

        Actually he would fail to even connect if he hit that bug, but what can cause this to happen is if there is a problem with the DNS resolution of the client.

        OP, can you try to nslookup the IP of the client ?

        Gilles

        Comments
        1. By giovanni (87.8.232.135) on

          > > > Howdy -
          > > >
          > > > Not getting it to work for my domain, when doing a nc ip 25 it just stands there not getting a greeting from opensmtpd. The log says that a client has connected but nothing happens and after a while it times out.
          > > >
          > > > <snip smtpd.conf>
          > > >
          > > > listen on sk0
          > >
          > > Ensure you're running latest code. There was a bug fixed recently which prevented implicit "port 25" from working.
          > >
          >
          > Actually he would fail to even connect if he hit that bug, but what can cause this to happen is if there is a problem with the DNS resolution of the client.
          >
          > OP, can you try to nslookup the IP of the client ?
          >
          > Gilles
          >
          yesterday I faced up this problem and yes it's a reverse DNS lookup problem. for being sure was that I've added in hosts the client IP
          and that was enough for having the session picked up and te greetings

  10. By Anonymous Coward (2001:16d8:ff6a:0:9032:abd2:977d:9052) on

    Cool!
    The only part that's missing is a DNS server by OpenBSD IMO.

    Comments
    1. By Frank DENIS (82.224.188.215) on http://00f.net

      > Cool!
      > The only part that's missing is a DNS server by OpenBSD IMO.

      nsd and unbound (in ports) are excellent, really.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]