DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default how to set properly the email system

hi, i need some help to configure the email system. i have 3 email accounts from the same provider, i can't figure out how to set smtpd(8) properly, according with this post http://daemonforums.org/showthread.php?t=8881 i need to use the 'relay' option but i don't understand how. for now i'm using mutt+msmtp+getmail but i want to stay with package already in the base system and this introduce my second problem: for get email what package i need to use? usually i use a POP3 connnection whit SSL, i don't need IMAP.
thank you to everyone for any help and sorry if i make mistake but this is the 4 time i try to send this post from elinks web browser, the only browser whit javascript support i can use in the loongson machine.
fstef
Reply With Quote
  #2   (View Single Post)  
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

Mutt will both send and receive mail directly from your POP and SMTP server. You don't need getmail or smtpd.

However, if you want to use smtpd for some reason, it's not hard to configure. My home system is set up for it so I can't get the exact syntax where I am now.

You need add your passwords to a secrets file and then you can relay with something like:
accept from local relay via smtps+auth://label_from_secrets@whatever auth <secrets>

The example is in the smtpd.conf man page.

Tim.
Reply With Quote
  #3   (View Single Post)  
Old 3 Weeks Ago
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
VPN Cryptographer
 
Join Date: Apr 2008
Location: NYC
Posts: 389
Thanked 31 Times in 25 Posts
Default

I don't know how to use OpenBSD's smtp, but you can always, if you have to, add more than one account to msmtp. (I prefer using it to mutt's builtin, because it's more flexible.)

I have a page on mutt that goes through setting up msmtp for multiple accounts if you need it--I get the impression that you're already familiar with doing that, but what the heck, let me spam my page.....

http://srobb.net/mutt.html
Reply With Quote
  #4   (View Single Post)  
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

Multiple accounts is easy in smptd using the 'from <sender>' filter and in mutt, set up a way to change the sender address. I used folder hooks and each account had it's own inbox folder.

Tim.
Reply With Quote
  #5   (View Single Post)  
Old 3 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 4,072
Thanked 214 Times in 189 Posts
Default

MTAs can be public-facing. Configuration errors or omissions can lead to external harm, such as becoming a vector for dissemination of spam, trojan horse virii, or even targetted phishing attacks.

If an admin is uncertain about MTA deployment, the first question to ask is whether an MTA is needed. From the information posted, it isn't clear to me that one is needed.
Reply With Quote
  #6   (View Single Post)  
Old 3 Weeks Ago
shep shep is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 664
Thanked 9 Times in 9 Posts
Default

Quote:
Originally Posted by fstef View Post
for now i'm using mutt+msmtp+getmail
Quote:
Originally Posted by jggimi View Post
MTAs can be public-facing. Configuration errors or omissions can lead to external harm, such as becoming a vector for dissemination of spam, trojan horse virii, or even targetted phishing attacks.

If an admin is uncertain about MTA deployment, the first question to ask is whether an MTA is needed. From the information posted, it isn't clear to me that one is needed.
I use mutt+getmail and added nmh so my local email would be stored in mh format. Mutt 1.5.23 can retrieve from pop3 accounts, send via smtp and uses mbox format by default.

If your goal is to stay within the base install, it should be possible with mail/smtpd although it is not as user friendly.

Last edited by shep; 3 Weeks Ago at 11:40 PM. Reason: you goal -> your goal
Reply With Quote
  #7   (View Single Post)  
Old 3 Weeks Ago
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 892
Thanked 36 Times in 32 Posts
Default

Quote:
Originally Posted by shep View Post
added nmh
The only radically new and ingenious e-mail client ever to be written after Berkeley mailx. Truly remarkable peace of software which came out of RAND corporation but unfortunately it is a pain in the b*** to install on all machines I am using so I stick with mailx from the base.
Reply With Quote
  #8   (View Single Post)  
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

hi guys and sorry, the post is not clear (english is not my native language). i need to setup the email system in my yeeloong laptop, only for my personal use. i already know how to set msmtp with multiple accounts and i know i can use mutt without an external MTA but i want to stay with packages already in the base system, because i want to study my OS of choise.
i go to re-read the man pages and the try and error way
thank you for the help
fstef
Reply With Quote
  #9   (View Single Post)  
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

The problem with the base system is that there is no way to get mail from an external server. You'll probably have to stick with getmail which I think works well enough for POP accounts.

To configure smtp, it's simply lines like this:
accept from local sender "user1@account.com" for any relay via secure+auth://label1@smtp.account.com:465 auth <secrets>
accept from local sender "user2@account.net" for any relay via secure+auth://label2@smtp.account.net:465 auth <secrets>

Set the correct smtp servers, ports and protocols. Set up your label username:password in the secrets file.

Mail just recently got the -r switch to set the from address.

I tried sticking with only the base system, too but I have an IMAP email account which is much harder. I like mailx so I just started using mail/s-nail to get the modern capabilities with the mailx interface.

Tim.
Reply With Quote
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

@TronDD, thanks. sending mail fails. in the maillog the sender is user@hostname of my laptop, not the user1@account.com, is normal or maybe my provider don't know who is this "user"?
usually sending mails whit my provider in the MTA config file i need to specify the ca.crt file path, maybe in the smtpd.conf file i need to specify the pki hostname and the ca.crt file path?
i'm lost ...
BTW: in your example the "label1" is literally and recall a label1 user1@account.com:mypassworld in the secrets file, right?
what i'm missing?
fstef
Reply With Quote
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

How are you sending mail?
What's the exact error?
Smtpd reads the ca.crt file that comes with OBSD. Does it not contain the CA you need?

Keep reading the man pages. You can add 'as username@domain.com' to the end of the smtpd.conf lines to set the sender.

Secrets format is 'label user:password' And you have to run 'makemap secrets' and make sure the file permissions are correct and safe.

Tim.
Reply With Quote
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by TronDD View Post
How are you sending mail?
mail -s "test mail" myfriend@provider.org
this is a test mail
^D

Quote:
Originally Posted by TronDD View Post
What's the exact error?
i have no error in maillog, and no info. i have some info only if i shutdown the internet connection and obviously the error is relating to 'Failed to resolve MX for [relay:myprovider.org]

Quote:
Originally Posted by TronDD View Post
Smtpd reads the ca.crt file that comes with OBSD. Does it not contain the CA you need?
yes, my provider have a self signed CA so i think i need to set the pki hostname and provide the ca.crt file path

Quote:
Originally Posted by TronDD View Post
Keep reading the man pages. You can add 'as username@domain.com' to the end of the smtpd.conf lines to set the sender.
i'm reading the man pages. if i adding the as username@domain.com at the end of the smtpd.conf lines when i try to send a mail i get
> send-mail: command failed: 550 Invalid recipient

Quote:
Originally Posted by TronDD View Post
Secrets format is 'label userassword' And you have to run 'makemap secrets' and make sure the file permissions are correct and safe.

Tim.
i have make this according the man pages so it is correct

i really appreciate your help

fstef
Reply With Quote
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

Are you running 5.6-release or -current? If -current, try using -r with the mail command.

Can you paste your smtpd.conf file?

Also to help debugging, run 'smtpctl monitor' to see the mail queue and if there were temporary or permanent failures (though they should be in the log, too).
Reply With Quote
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

i'm running 5.6-release, i think i'm not ready to run -current

but now in the maillog file i'ave a lot of info:

--------- maillog ---------------
smtp-out: Connecting to smtp+tls://178.255.144.35:25 (contumacia.investici.org) on session 116xxx...
smtp-out: Connected on session 116xxx...
smtp-out: Connecting to smtp+tls://IPv6:2002:b2ff:9023::1:25 (contumacia.investici.org) on session 116xxx...
smtp-out: Error on session 116xxx: Connection failed: No route to host
smtp-out: Disabling route [] <-> IPv6:2002:b2ff:9023::1 (contumacia.investici.org) for 800s
smtp-out: Connecting to smtp+tls://82.94.294.234:25 (latitanza.investici.org) on session 116yyy...
smtp-out: Connected on session 116yyy
smtp-out: Connecting to smtp+tls://IPv6:2001:888:2000:56::19:25 (latitanza.investici.org) on session 116yyy...
smtp-out: Error on session 116yyy: Connection failed: No route to host
smtp-out: Disabling route [] <-> IPv6:2001:888:2000:56::19 (latitanza.investici.org) for 800s
smtp-out: Started TLS on session 116xxx: version=TLSv1/SSLv3, cypher=ECDHE-RSA-AES256-GCM-SHA384, bits=256
smtp-out: Started TLS on session 116yyy: version=TLSv1/SSLv3, cypher=ECDHE-RSA*AES256-GCM-SHA384, bits=256
smtp-out: Server certificate verification failed on session 116xxx
smtp-out: Server certificate verification failed on session 116yyy
smtp-out: Closing session 116yyy: 0 message sent.
relay: TempFail for fc14d11xyz: session=116xxx, from=<$USER@$HOSTNAME>, to=<myfriend@autistici.org>, rcpt=<->, source=192.168.1.101, relay=178.255.144.35 (contumacia.investici.org), delay=1h46m52s, stat=450 4.1.8 <$USER@$HOSTNAME>: Sender address rejected: Domain not found
smtp-out: Closing session 116xxx

--------------- smtpd.conf -----------------------------
listen on lo0

table aliases db:/etc/mail/aliases.db
table secrets db:/etc/mail/secrets.db

accept for local alias <aliases> deliver to mbox
accept from local for any relay
accept from local sender "myuserID@inventati.org" for any relay via secure+auth://label@smtp.autistici.org:587 auth <secrets> al myuserID@inventati.org

------ # smtpctl monitor ------
curr 0
conn 2
disc 2
----- envelope ----
curr 4
enq 6
deq 2
------- relay/delivery -----
ok 2
tmpfail 9
prmfail 0
loop 0
------- misc ------
expire 0
remove 0
bounce 1
Reply With Quote
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

Ah. Rules are matched in order. Move 'accept from local for any relay' to the bottom or just comment it out.
Reply With Quote
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

if i comment out the string when i try to send a mail i get
send-mail: command failed: 550 Invalid recipient
if i put this string to the bottom the maillog file is the same whit i think two errors:
1) Server certificate verification failed: my provider use a self-signed ca certificate. the smtpd.conf(5) man pages only refers to create a certificate and a key for my mail server, i think, the same as the starttls(8) man pages and i can find nothing referring to add a external mail provider self-signed ca certificate. BTW: where i'm living google is blocked, yahoo search engine is very useless, so i can't find nothing about this question in the net;
2) Sender address rejected: Domain not found: smtpd think the sender is $USER@$HOSTNAME and adding the 'as myuserID@myprovider.org' string don't change the problem. according the smtpd.conf(5) man pages
sender [!] <senders> If specified, the rule will only be matched if the sender email address is found in the table senders....
this means in my smtpd.conf file i need to set something like
table senders db:/etc/mail/senders.db
and in /etc/mail/ directory have the senders file whit in 'sender1 myuserID@myprovider.org' and run the makemap command?
i'm getting frustrating
thank you for help me to understand
fstef
Reply With Quote
Old 3 Weeks Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

Solved!
i've stripped the 'from local sender "myuserID@myprovider.org" string and finally i can send messages using mail+smtpd.
but, this way i only can use 1 account and smtpd failed the server certificate verification because don't know where is the ca certificate
fstef

ps: what i need to do for write a 'solved' in the title?

Last edited by fstef; 3 Weeks Ago at 05:41 AM. Reason: adding a question
Reply With Quote
Old 3 Weeks Ago
TronDD TronDD is offline
Port Guard
 
Join Date: Sep 2014
Posts: 28
Thanked 0 Times in 0 Posts
Default

I use multiple accounts using the "sender" filter you had to remove but you need to be on -current to get the -r switch in mailx to set the sender address.

Append your CA cert to /etc/ssl/cert.pem (careful not to mess this file up and break SSL negotiation for everything).
Reply With Quote
Old 5 Days Ago
fstef fstef is offline
Port Guard
 
Join Date: Nov 2013
Posts: 24
Thanked 0 Times in 0 Posts
Default

thank you TronDD, i very appreciate your helps
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
$dirmngr is not set properly nihonto NetBSD General 2 20th March 2011 07:38 PM
xterm color does not behave properly. pieterverberne OpenBSD General 2 19th August 2009 05:17 PM
File system not properly dismounted rex FreeBSD General 6 12th September 2008 02:45 PM
Can't get mail system to work properly! Sunsawe FreeBSD Ports and Packages 2 30th June 2008 07:32 PM
/etc/rc.* files isn't read properly? mathias OpenBSD General 4 1st June 2008 06:35 PM


All times are GMT. The time now is 03:22 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick