DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 13th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default Preparing for Sendmail rite of Passage

I was moderately successfull setting up sendmail, fetchmail and msmtp in FreeBSD but gave up on the project when several "DBATCH" builds failed to work.

I think I can duplicate the fetchmail setup to fetch mails from mail.earthlink to /var/mail/user and was happy with my muttrc configuration.

The challenge is to send smtp authenticated mail to smtpauth.earthlink.net on port 587. What I am unclear on is if I can avoid msmtp and configure sendmail with smarthost. I found an older openbsd howto. Earthlink does require a password but sasl is optional. Another option I found was to recompile sendmail with cyrus-sasl but this seems overly involved for my needs which is why I originally went with msmtp. I am also using current w/o a source tree although I think I could cvs one.

I also found recommendations for OpenSMTPD to replace sendmail but it looks like development has been in bursts.

Any recommendations as to how to tackle this with binary, current packages?

Edit: I was looking at openports and it looks like there is a development version of mutt with sasl support. My initial searches did not show much documentation or comments about the stability of the newer version so I am leaning toward msmtp.

Last edited by shep; 13th March 2013 at 02:18 AM. Reason: Mutt-sasl
Reply With Quote
  #2   (View Single Post)  
Old 13th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

Quote:
The challenge is to send smtp authenticated mail to smtpauth.earthlink.net on port 587. What I am unclear on is if I can avoid msmtp and configure sendmail with smarthost.
I switched from Sendmail with SASL for smarthosting to OpenSMTPD a year or two ago and never looked back.

I'll post my smtpd.conf this evening; at the moment I am behind the Great Corporate Firewall and my phone is too far from the nearest cell for reliable SSH connections.

I connect to DynDNS's mailhop.org service. You should be able to easily adapt it to use with Earthlink.
Reply With Quote
  #3   (View Single Post)  
Old 13th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

OK; there was a brief window where I was close enough to grab the configuration. I've redacted my userid and password.

Note this is -current, there were syntax changes to the configuration file in late January.
Code:
      $OpenBSD: smtpd.conf,v 1.6 2013/01/26 09:38:25 gilles Exp $

listen on lo0
listen on rl0

table aliases db:/etc/mail/aliases.db

table myauth { userid => userid:password }

accept from any for local alias <aliases> deliver to mbox
accept from any for domain "jggimi.homeip.net" alias <aliases> deliver to mbox
accept for any relay via \
        tls+auth://userid@outbound.mailhop.org auth <myauth>
Reply With Quote
  #4   (View Single Post)  
Old 13th March 2013
gilles gilles is offline
New User
 
Join Date: Mar 2012
Posts: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jggimi View Post
I switched from Sendmail with SASL for smarthosting to OpenSMTPD a year or two ago and never looked back.
This made my day :-)
Reply With Quote
  #5   (View Single Post)  
Old 13th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

@jggimi

Thanks for the links.

Overall OpenSMTPD looks to parallel the OpenBSD philosophy.

I think I have most of it set up, there are some older howto's on the net that seem to use deprecated syntax.

Two questions remaining
1) In the muttrc you have to set the default mta which in the example muttrc was
Code:
set sendmail="/usr/lib/sendmail -oi -oem"
I'm guessing that I retain this line with the changes I made to the /etc/mail.conf wrapper script or would it be cleaner to go directly to /usr/sbin/smtpctl or would that mess up the rest of the /etc/mail.conf settings?
2) I pull mail to mobile computers and would like to not delete the emails on mail.earthlink.net (particularly while I'm fiddling with this). I read the smtpd.conf(5) and smtpd(8) man pages and did not see any settings to explicitly leave the messages on the server. In fetchmail there is an explicit setting.

Last edited by shep; 13th March 2013 at 08:24 PM.
Reply With Quote
  #6   (View Single Post)  
Old 13th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

all you need is http://www.openbsd.org/cgi-bin/man.c...penBSD+Current
Reply With Quote
  #7   (View Single Post)  
Old 13th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

I'm still unclear if smtpd will delete the messages on mail.earthlink.net 110.

I did find an smtpd.conf option
Quote:
expire n {s|m|h|d}
Specify how long a message can stay in the queue. The default
value is 4 days. For example:

expire 4d # expire after 4 days
expire 10h # expire after 10 hours
but I'm thinking that this is the mailq specified in mailer.conf and if I don't set it messages never expire.

It looks like mutt can be configured with an to enable-pop3 but it looks like the OpenBSD default mutt port does not have this specified.

Would you recommend using fetchmail or can I specify message retrieval in OpenSMTPD to download a message copy and leave the original on the server?

Thanks

Last edited by shep; 13th March 2013 at 11:41 PM.
Reply With Quote
  #8   (View Single Post)  
Old 14th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

Quote:
Originally Posted by gilles View Post
This made my day :-)
shep, I'd like to introduce you to Gilles Chehade (gilles@), the lead developer for OpenSMTPD.

gilles, thanks for stopping in to say hello!

Quote:
Originally Posted by shep View Post
2) I pull mail to mobile computers and would like to not delete the emails on mail.earthlink.net (particularly while I'm fiddling with this). I read the smtpd.conf(5) and smtpd(8) man pages and did not see any settings to explicitly leave the messages on the server. In fetchmail there is an explicit setting.
I can't help you with this one, as MTA-MTA communication is not mail retrieval (POP/IMAP), instead its SMTP or ESMTP.
Quote:
Originally Posted by shep View Post
I'm still unclear if smtpd will delete the messages on mail.earthlink.net 110.
You're confusing POP/IMAP client mail retrieval services with server-server mail transfers.
Quote:
I did find an smtpd.conf option...
This is for internal retention within the MTA spool for outgoing messages that cannot be delivered.
Quote:
It looks like mutt can be configured with an to enable-pop3 but it looks like the OpenBSD default mutt port does not have this specified.
The example configuration I shared above is for a complete MTA: outgoing Email is sent via ESMTP to mailhop.org, incoming Email is sent to mbox files in /var/mail.

To operation a two-way fully functing mail server requires a public DNS entry with an MX record pointing to the mail server so that other MTAs can find and connect with the server. In my case, the MX record for jggimi.homeip.net points to mx1.mailhop.org, which is the MTA-of-record for my site. My personal site sits on a pool of dynamic IP addresses, which many MTAs would refuse to deliver to or receive from. I can understand why they would refuse to receive it -- to block spambots -- but to send to it? That's a misguided effort to prevent spam.

Keep in mind - mail clients, such as mail(1), use SMTP to send Email messages. Just like servers do.

I recommend you use OpenSMTPD for sending of Email, and use POP or IMAP to receive, unless you want to set up a mail server able to participate in two-way transfer of Email.

Last edited by jggimi; 14th March 2013 at 12:40 PM. Reason: clarity - dynamic address spam blocking
Reply With Quote
  #9   (View Single Post)  
Old 14th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

@gilles I started with the email section in AbsoluteBSD by Michael Lucus. He noted that sendmail is complex because the world is complex. He also said that he was proud that he could set it up but it was like boasting that you can crush a full can of beer on your forehead. OpenSMPTD looks to address a complex task with simplicity and elegance.

@jggimi I'm going to restate this to make sure I understand:

user********/var/mail/user***************Earthlink


mutt <--------------->mbox

*******************mbox--OpenSMTPD ---> smtpauth port 587

*******************mbox<-fetchmail--------mail port 110

Optionally

mutt + pop3 <---------------------------------- mail port 110
mutt + pop3 <-------->mbox

OpenSMTPD can also deliver to another local user's mbox
********************mbox-jsh ----OpenSMTPD --->|
********************mbox-root<---------------------
OpenSMTPD needs aDNS server to function to outside the LAN eg communicate with
other full fledge mail servers like earthlink gmail, comcast, hotmail etc.
It looks like I need to read more on setting up DynDNS

Last edited by shep; 14th March 2013 at 02:54 PM. Reason: edit Added additional OpenSMTPD illustrations + DynDNS
Reply With Quote
Old 14th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

MTA = Mail Transfer Agent. AKA "Email Server". MTAs: Sendmail, Postfix, MS Exchange, OpenSMTPD....

MUA = Mail User Agent. AKA "Email application". MUAs: Thunderbird, Mutt, MS Outlook, Eudora....

Quote:
user********/var/mail/user***************Earthlink
Yep. But when you mention port 110, you are referring to the destination port used by POP. POP and IMAP are the protocols used for MUA/MTA communication, solely for receipt of mail to the MUA.

[sending MTA] - {SMTP} - [Earthlink MTA] - {POP} - [Your MUA].

OpenSMTPD would not be involved in this at all.

For sending email, OpenSMTPD would be your local MTA for outbound traffic only. Outbound, MUAs use SMTP or ESMTP. For a Mutt client on the same platform, this might be no more than SMTP via localhost port 25.

[Your MUA] - {ESMTP/SMTP} - [OpenSMTPD] - {ESMTP/SMTP} - [Earthlink MTA] - {SMTP} - [Destination MTA]

In my case, Email comes to me through OpenSMTPD in this way:

[Sending MTA] - {ESMTP/SMTP} - [mailhop MTA] - {ESMTP} - [OpenSMTPD] -> local mboxes in /var/mail

Local MUAs use the mbox files for received mail, and communicate with OpenSMTPD directly only for outbound traffic.

Last edited by jggimi; 14th March 2013 at 02:45 PM. Reason: clarity
Reply With Quote
Old 14th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

I conceptualize the process in terms of 1) physical locations of the files (user home directory, /var and remote send and receive directories) and 2) unidirectional, address and port specific movements between the physical locations.

What was confusing was that in my prior implementation of fetchmail, the pop3 part put the messages into /var/mail/user as did sendmail. Incoming messages all passed through /var/mail/user and that is where they sat until I accessed them with mutt. My prior email MUA (Claws-Mail) bypassed /var/mail/user and used an inbox file at /home/user/Mail/inbox. The other confusing part was that I had the idea that sendmail+sasl would perform the same function as fetchmail in the same way. Fetchmail does not require a DynDNS account.

With mutt, messages do not exist in my home directory unless I either save them, save a copy of sent messages or park them there as unsent drafts. In Thunderbird/Claws Mail they are sitting in the equivalent of a saved file until they are deleted or "moved".


You put a lot of time into this - thanks. Hopefully this will help someone in the future.

Last edited by shep; 14th March 2013 at 07:49 PM.
Reply With Quote
Old 14th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

Sending Email only takes an Email client, or even a manual SMTP session typed in by hand with telnet(1). That's because many MTAs do not require any authentication to send. Your "From" and optional "Reply to" addresses are not required to be real.

Receiving Email adds only the need for an Email account on an MTA somewhere, and some Email client software.
Quote:
I'm starting to get this.
Excellent. Here's some deep background:

Unix-based Email, which became Internet Email, was in use many years before there was an Internet; the connections were point-to-point, using UUCP.
You had to know your own routing and apply it in the Email address. The "bang path" listed the adjacent computers and the user account.

(example: machine1!machine2!machine3!username).
Email was store-and-forward. Once machine2 acknowledged receipt of a message from machine1, responsibility for the message shifted, and machine1 would delete the message from its storage.

In modern times, Email doesn't take a circuitous path, and you don't have to look at anyone's "bang path" Email address to find a machine mentioned along it that you've heard of and know how to route to.

This means to have an MTA to receive mail, you need to publish MX records so that the Internet can reach it, and to send, you'll likely need to send from a static IP address. I do this with dyn.com (used to be dyndns.org) for DNS and their mailhop.org MTA services; it's cheaper than hosting a dedicated MTA via a service provider -- even on a virtual machine in the cloud.
Reply With Quote
Old 15th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

Almost there. I can send local mail via OpenSMTPD. I am shifting through some syntax issues, made tougher by the recent updates.
I found this recent thread:
Quote:
On Mon, Jan 21, 2013 at 01:31:15PM +0400, Nike wrote:
> I have a FreeBSD 9.1 x86-64 + opensmtpd-201301191220 with /usr/local/etc/mail/smtpd.conf:
>
> listen on lo0
> expire 3d
>
> table aliases db:/etc/mail/aliases.db
> table secrets db:/etc/mail/secrets.db
>
> accept for local alias <aliases> deliver to mbox
> accept for any relay via tls://smtp.gmail.com:587 auth <secrets>
>
> Get an error message when sending in log (/var/log/maillog) :
> Jan 21 13:19:46 gate smtpd[90258]: smtp-in: New session 00000000ca68bc4a from host 0 <at> localhost [local]
> Jan 21 13:19:46 gate smtpd[90258]: smtp-in: Accepted message 8086bcde on session 00000000ca68bc4a:
from=<root@...>, size=209, nrcpts=1, proto=ESMTP
> Jan 21 13:19:46 gate smtpd[90258]: smtp-in: Closing session 00000000ca68bc4a
> Jan 21 13:19:46 gate smtpd[90255]: smtp-out: Error on route [] <-> IPv6:2a00:1450:4010:c03::6c
(la-in-x6c.1e100.net): Connection failed: No route to host
>
> Please, tell me the correct settings for gmail.com.
>

This line:

accept for any relay via tls://smtp.gmail.com:587 auth <secrets>

Should read as:

accept for any relay via tls+auth://label@...:587 auth <secrets>

With your secrets map containing a line:

label user:password

Try and tell us how it goes

--
Gilles Chehade
Earthlink uses the entire email address as the userid: myusername<at>earthlink.net. Instead of secrets I named my auth file as elink_auth and it contains the line
Code:
label      myusername<at>earthlink.net:mypasswd
I ran makemap on this to generate a *.db file
My etc/mail/smtpd.conf
Code:
#       $OpenBSD: smtpd.conf,v 1.6 2013/01/26 09:38:25 gilles Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

# To accept external mail, replace with: listen on all
#
listen on lo0
listen on ral0

table aliases db:/etc/mail/aliases.db
table elink_auth db:/etc/mail/elink_auth.db

# Uncomment the following to accept external mail for domain "example.org"
#
accept from any for domain "earthlink.net" alias <aliases> deliver to mbox
accept for local alias <aliases> deliver to mbox
accept for any relay via \
        tls+auth://label@smtpauth.earthlink.net:587 \
        auth <elink_auth>
For outbound messages to myname@earthlink.net, I still get
Code:
Peng$ send-mail: command
 failed: 550 Invalid recipient

Last edited by shep; 15th March 2013 at 12:13 AM.
Reply With Quote
Old 15th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,719
Thanked 214 Times in 189 Posts
Default

In my example, the "secrets" are in-line in smtpd.conf and not in an external file.
Reply With Quote
Old 15th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

I found in a recent gmane post
Quote:
Re: smtpd can't find secrets.db

my smtpd.conf(5) says:

++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++
This first example is the same as the default configuration, but all
outgoing mail is forwarded to a remote SMTP server. A secrets file
is needed to specify a username and password:

# touch /etc/mail/secrets
# chmod 640 /etc/mail/secrets
# chown root:_smtpd /etc/mail/secrets
# echo "smtp.example.com username:password" > /etc/mail/secrets
# makemap /etc/mail/secrets

smtpd.conf would look like this:

listen on lo0
map aliases source db "/etc/mail/aliases.db"
map secrets source db "/etc/mail/secrets.db"
accept for local alias
aliases deliver to mbox
accept for any relay via tls+auth://smtp.example.com auth secrets
++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++

I cannot find ``map secrets source db [...]'' in your config.
and this quote is from my current smptd.conf(5) man page
Quote:
table name [type:]config
Tables are used to provide additional configuration information
for smtpd(8) in the form of lists or key-value mappings.

The table is identified using table name name; the name itself is
arbitrarily chosen.

type specifies the table backend, and should be one of the
following:

db Information is stored in a file created using
makemap(8).
file Information is stored in a plain text file using the
same format as used to generate makemap(8) mappings.
This is the default.
I did generate an elink_auth.db file using makemap.

I will change to the inline userid:passwd to see if this is the issue. A co-worker recently had a home break in with his computer being a stolen item. I thought it would be a good ideal to make a db file and if successful delete the plain text file.

Progress: apparently one cannot use an underscore in a table name. I regenerated the secrets file without an underscore it went out without any error messages. It has yet to show up at earthlink but that is not unusual. It is also not sitting in my /var/log/user file.

My new smtpd.conf
Quote:
Peng# cat smtpd.conf
# $OpenBSD: smtpd.conf,v 1.6 2013/01/26 09:38:25 gilles Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

# To accept external mail, replace with: listen on all
#
listen on lo0
#listen on ral0

table aliases db:/etc/mail/aliases.db
table secrets db:/etc/mail/secrets.db

# Uncomment the following to accept external mail for domain "example.org"
#
accept from any for domain "earthlink.net" alias <aliases> deliver to mbox
accept for local alias <aliases> deliver to mbox
accept for any relay via \
tls+auth://label@smtpauth.earthlink.net:587 \
auth <secrets>

Last edited by shep; 15th March 2013 at 03:28 AM. Reason: turn off smilies
Reply With Quote
Old 15th March 2013
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 566
Thanked 14 Times in 13 Posts
Default

Quote:
Originally Posted by shep View Post
What was confusing was that in my prior implementation of fetchmail, the pop3 part put the messages into /var/mail/user as did sendmail.
Yup, that's because, by default, fetchmail sends (by SMTP) the mail that it picks up to the local MTA such as sendmail, if you're using that. So in the end sendmail puts the mail in its mailbox for you. (You can change the default from local host to another machine with the -S option.)
Reply With Quote
Old 15th March 2013
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 595
Thanked 9 Times in 9 Posts
Default

*****SUCCESS*****
The picky syntax in table names and an incorrect entry in the aliases file
/etc/mail/aliases was
Code:
myname<at>earthlink.net:   jsh
should be

Code:
myname:     jsh
Thanks to jggimi
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail TLS gpatrick OpenBSD General 5 26th February 2011 01:42 AM
Sendmail Timmy66 OpenBSD General 11 19th October 2008 03:01 PM
sendmail dont boot dejabu18 FreeBSD Ports and Packages 0 8th October 2008 02:07 PM
Using sendmail in a cron job erehwon OpenBSD General 6 15th May 2008 09:03 PM
Sendmail, issues... pcfxer FreeBSD General 2 8th May 2008 10:07 AM


All times are GMT. The time now is 07:57 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick