From mboxrd@z Thu Jan 1 00:00:00 1970 From: erik quanstrom Date: Thu, 23 Jan 2014 05:10:12 -0500 To: 9fans@9fans.net Message-ID: <4fc372e8927e5f912a7f9c10d6e011ed@brasstown.quanstro.net> In-Reply-To: <20140123055720.GA4132@Grants-MacBook.local> References: <20140123055720.GA4132@Grants-MacBook.local> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] upas/smtp and gmail Topicbox-Message-UUID: b452c200-ead8-11e9-9d60-3106f5b1d025 > The farthest I have gotten is getting smtp to issue 220 Ready to Start > TLS, and then it exits, that's running smtp with the -d flag. > /sys/log/smtp reveals a bunch of bad thumbprint x509 lines. I have tried > adding the sha1 hash to /sys/lib/tls/mail, but this has had no effect. you might try, as an experiment, commenting out the if(!okThumbprint(hash, goodcerts)){ ... } clause to eliminate thumbprint checking as a source of the issue. one thing that occurs to me is the factotum that smtp has access to will need this gmail authentication information. to make this simplier, smtp can be run by hand from the command line. secstore(1) with the -n option can be used in cpurc(8) to load additional keys into the hostowners factotum on the auth server. for stepwise debugging, it may be easier to disable /mail/lib/qmail from running upas/qer and the kickqueue cron job and just run the queue by hand. this will (or should, i haven't tried this to make sure) give the queue access to your factotum. > I'm a bit puzzled on the arguments to upas/smtp as well, what is the > value of sender arg supposed to be, and the rcpt-list respectively? How > is the sender option any different than the user provided with the -u > flag? sender is the envelope sender. in unix mbox format, this is the bit in the 'From ' line. the recpt-list is the list of recipients. this is not the same as the To: header line. (as seen in To: undesclosed-recipients:;) - erik