DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Packages and Ports

OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 29th October 2021
smh1 smh1 is offline
New User
 
Join Date: Sep 2021
Posts: 8
Default OpenSMTP / Dovecot Debugging

Hello,

after upgrading to OpenBSD 7.0 via sysupgrade(8), my clients (notebook and smartphone) can't connect to my mail server anymore.

smtpd is running and so is dovecot. I checked my letsencrypt certificate and it is valid. In /var/log/maillog I can't find any clues ("info OpenSMTPD 7.0.0 starting" and some random connections - not my clients - failing with "smtp failed-command command="" result="550 no rDNS is so 80s"").

I will try to connect to my server via OpenSSL to maybe get some hints but would be very grateful for ideas how to find out what's wrong.

I set up the configuration on OpenBSD 6.9 following the awesome article by Gilles Chehade.

Thank you very much!
Reply With Quote
  #2   (View Single Post)  
Old 29th October 2021
smh1 smh1 is offline
New User
 
Join Date: Sep 2021
Posts: 8
Default

I just tried to connect via:

Code:
openssl s_client -showcerts -connect <name>:993 -servername <name>
and got:

Code:
CONNECTED(00000005)
write:errno=54
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 
    Start Time: 1635498810
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
Could it be a permissions problem? In /etc/letsencrypt/live/<name>/ if have:
Code:
lrwxr-xr-x  1 root  wheel   37 Sep  9 20:54 cert.pem -> ../../archive/<name>/cert1.pem
lrwxr-xr-x  1 root  wheel   38 Sep  9 20:54 chain.pem -> ../../archive/<name>/chain1.pem
lrwxr-xr-x  1 root  wheel   42 Sep  9 20:54 fullchain.pem -> ../../archive/<name>/fullchain1.pem
lrwxr-xr-x  1 root  wheel   40 Sep  9 20:54 privkey.pem -> ../../archive/<name>/privkey1.pem
Reply With Quote
  #3   (View Single Post)  
Old 29th October 2021
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Hello, and welcome!
Quote:
Originally Posted by smh1 View Post
...result="550 no rDNS...
Check that your server is able to resolve domain names correctly. One change for OpenBSD 7.0 is that it runs resolvd(8) by default, now.

Edited to add:

The only local resolver daemon that is integrated with resolvd is unwind(8). If you are using a local resolver such as unbound(8), you'll either need to provision its use through unwind or disable resolvd.

And just to complicate things a little further, dhclient(8) was replaced with dhcpleased(8), and this changes how IPv4 autoconfiguration is managed, too. If you use DHCP, there may be some edge cases where dhclient may still be needed instead of dhcpleased. If so, this can be manually provisioned in hostname.if(5) with "!dhclient ..."

Last edited by jggimi; 29th October 2021 at 01:31 PM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Debugging random restarts backrow OpenBSD General 5 21st March 2011 04:58 AM
Changing LDA to dovecot deliver RJDavison FreeBSD General 1 14th February 2011 08:53 PM
Dovecot bsdauth bettyblue OpenBSD Packages and Ports 0 27th January 2011 06:52 PM
dovecot + ssl bsdperson FreeBSD Ports and Packages 6 25th December 2009 08:55 PM
Remote debugging Linux kernel Mr-Biscuit Other BSD and UNIX/UNIX-like 0 11th December 2008 04:46 AM


All times are GMT. The time now is 06:59 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick