DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2 Weeks Ago
phillbush's Avatar
phillbush phillbush is offline
Port Guard
 
Join Date: Apr 2020
Posts: 15
Default /var/log/maillog: no certificate presented

Hello, I'm getting the no certificate presented error on /var/log/maillog while trying to send mail with msmtp(1) from my local machine for my remote server.

This is what /var/log/maillog says:

Code:
Oct  7 01:40:47 seninha smtpd[71794]: ... smtp connected address=... host=...
Oct  7 01:40:48 seninha smtpd[71794]: ... smtp tls ciphers=TLSv1.3:AEAD-AES256-GCM-SHA384:256
Oct  7 01:40:48 seninha smtpd[71794]: ... smtp cert-check result="no certificate presented"
Oct  7 01:40:49 seninha smtpd[71794]: ... smtp authentication user=seninha result=permfail
Oct  7 01:40:49 seninha smtpd[71794]: ... smtp failed-command command="AUTH PLAIN (...)" result="535 Authentication failed"
Oct  7 01:40:49 seninha smtpd[71794]: ... smtp disconnected reason=disconnect
This is what msmtp says:

Code:
msmtp: authentication failed (method PLAIN)
msmtp: server message: 535 Authentication failed
msmtp: could not send message (account seninha of /home/seninha/.msmtprc)
The TLS certificates for mail.seninha.org (my mail server) are new and valid.

Last edited by phillbush; 2 Weeks Ago at 12:34 AM.
Reply With Quote
  #2   (View Single Post)  
Old 2 Weeks Ago
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,357
Default

The "no certificate presented" message comes from the start of the MTA session in smtpd. (See /usr/src/usr.sbin/smtpd/mta_session.c)


As recommended on Reddit for your duplicate problem report, you're going to need to post your smtpd.conf for anyone to be able to assist.
Reply With Quote
  #3   (View Single Post)  
Old 2 Weeks Ago
phillbush's Avatar
phillbush phillbush is offline
Port Guard
 
Join Date: Apr 2020
Posts: 15
Default

Here's my smtpd.conf:

Code:
#       $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

pki "mail" cert "/etc/ssl/seninha.org.fullchain.pem"
pki "mail" key "/etc/ssl/private/seninha.org.key"

filter "dkimsign" proc-exec "filter-dkimsign -d seninha.org -s 20211006 -k /etc/mail/dkim/seninha.org.key" user _dkimsign group _dkimsign

table aliases file:/etc/mail/aliases
table credentials file:/etc/mail/credentials
table virtuals file:/etc/mail/virtuals

listen on lo0
listen on egress tls pki "mail" filter "dkimsign"
listen on egress port submission tls-require pki "mail" hostname "mail.seninha.org" auth <credentials> filter "dkimsign"

action "local_mail" mbox alias <aliases>
action "domain_mail" maildir "/var/vmail/seninha.org/%{dest.user:lowercase}" junk virtual <virtuals>
action "outbound" relay

# match from any for domain "example.org" action "local_mail"
match from local for local action "local_mail"
match from any for domain "seninha.org" action "domain_mail"
match from local for any action "outbound"
match auth from any for any action "outbound"
Reply With Quote
  #4   (View Single Post)  
Old 1 Week Ago
phillbush's Avatar
phillbush phillbush is offline
Port Guard
 
Join Date: Apr 2020
Posts: 15
Default

bump
Problem persists.
Reply With Quote
  #5   (View Single Post)  
Old 1 Week Ago
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,357
Default

You might reach out to the port's maintainer. $ pkg_info msmtp | grep Maintainer

If you don't get a reply, the ports@ mailing list is another avenue for possible support.
Reply With Quote
  #6   (View Single Post)  
Old 1 Week Ago
phillbush's Avatar
phillbush phillbush is offline
Port Guard
 
Join Date: Apr 2020
Posts: 15
Default

I just found out the problem and realized how dumb I am...
I'm using a passwd credentials table format without specifying the "passwd" backend at /etc/mail/smtpd.conf.
Everything works now.
Sorry about the noise.
Reply With Quote
  #7   (View Single Post)  
Old 1 Week Ago
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,357
Default

Glad you found the cause!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Certificate Attacks frcc News 0 3rd July 2021 11:37 AM
maillog problem about domain name attilio OpenBSD General 25 8th September 2019 03:38 PM
tls certificate for alpine email client shep OpenBSD Security 12 27th September 2016 03:50 PM
iked certificate based VPN's bsdnut82 OpenBSD Security 8 12th August 2015 07:47 PM
M:Tier ssl certificate shep OpenBSD Installation and Upgrading 5 12th November 2013 06:36 PM


All times are GMT. The time now is 12:26 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick