From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 Received: (qmail 19074 invoked from network); 11 Aug 2022 21:19:44 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 11 Aug 2022 21:19:44 -0000 Received: from mail.chrisfroeschl.de ([5.252.227.212]) by 9front; Thu Aug 11 17:18:08 -0400 2022 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chrisfroeschl.de; s=20210522; t=1660252684; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to; bh=rpHgDD+5qQ5rCqK9ADuT9OslpoM4xgoE3CvmXgB4Nl8=; b=FPDqO7xtfvo8/k4SBNqdw0VEA7L8Ib0t4iOK0kF+6IjDf8tFFjN/tcEyHByVe68Oa/q7PZ 7dYc/4fhCd292MxIk2zkMqU7EtcYCZXcMtk6JPVWw9HUOOxHomxq8gWwIwxq9gDgbJZTih lW/SJUa7zxCeDDvJXlfHJkc7SehgJn0= Received: from cirno.fritz.box ( [82.207.245.23]) by chrisfroeschl.chrisfroeschl.de (OpenSMTPD) with ESMTPSA id 3a6cc539 (TLSv1.2:ECDHE-RSA-CHACHA20-POLY1305:256:NO); Thu, 11 Aug 2022 23:18:04 +0200 (CEST) Message-ID: <8DEB305517C488050E24D02130B7354A@chrisfroeschl.de> Date: Thu, 11 Aug 2022 23:17:30 +0200 From: chris@chrisfroeschl.de To: 9front@9front.org In-Reply-To: <0C166AE0-FF57-4905-90DA-ED25AE710C5D@stanleylieber.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: converged enhancement just-in-time high-performance rich-client cache Subject: Re: [9front] Mail server setup Reply-To: 9front@9front.org Precedence: bulk Hello sl, > sorry i have not been able to devote more time to troubleshooting > this with you. (typing on a phone here.) thank you for your message! No pressure regarding your help in troubleshooting. It's not like I'm paying anyone here to help me. Most ml messages had the function to document my current state for myself anyway. > http://plan9.stanleylieber.com/mail/service/ # /cfg/gaff/service.upas/ > http://plan9.stanleylieber.com/mail/lib/ # /mail/lib/ Your links helped me very much. I always forget that you share almost all of your setup and didn't look into your /mail before. I got the e flag from your tcp587 script and changed the /mail/queue permissions like so: cpu% cat /bin/service/tcp587 #!/bin/rc user=`{cat /dev/user} exec /bin/upas/smtpd -e -c /sys/lib/tls/cert -n $3 cpu% ls -ld /mail/queue/ d-rwxrwxrwx M 65 upas upas 0 Aug 11 21:03 /mail/queue After applying these changes my /mail/queue was filled with a none directory and I am able to send mail. I would like to not dedicate a whole directory for services run by user upas for now. Just chmoding a directory seems to suffice for now. I got perhaps some more questions if you are already involved: (I will probably figure most of the stuff out myself (hopefully)) 1.) Could you tell me why so many flags (and especially MANDATORY flags) seem to be hidden in the src? Is the e flag intended for production use? Otherwise a manpage update would help. 2.) What is your highscore at https://www.mail-tester.com ? Mine is 7/10. I know DKIM is no option (-1). But I receive at least -2 on SpamAssassin regarding: -0.001 FSL_BULK_SIG Bulk signature with no Unsubscribe -1.985 PYZOR_CHECK Similar message reported on Pyzor (https://www.pyzor.org) https://pyzor.readthedocs.io/en/latest/ Please test a real content, test Newsletters will always be flagged by Pyzor Adjust your message or request whitelisting (https://www.pyzor.org) 0.001 SPF_HELO_PASS SPF: HELO matches SPF record 0.001 SPF_PASS SPF: sender matches SPF record Great! Your SPF is valid 3.) I don't seem to be able to send mail to myself with this setup (worked before). My smtpd logs when I try that: test.chrisfroeschl.de Aug 11 22:31:03 ehlo from 82.207.245.23 as cirno.fritz.box test.chrisfroeschl.de Aug 11 22:31:03 started TLS with cirno.fritz.box test.chrisfroeschl.de Aug 11 22:31:03 ehlo from 82.207.245.23 as cirno.fritz.box test.chrisfroeschl.de Aug 11 22:31:03 auth(CRAM-MD5, (protected)) from cirno.fritz.box test.chrisfroeschl.de Aug 11 22:31:03 Disallowed test.chrisfroeschl.de!chris (cirno.fritz.box/82.207.245.23) to blocked name test.chrisfroeschl.de!chris 4.) Issues regarding receiving mails from my current mail server to the 9 smtp server seem to remain. Perhaps some MX record error from my side? I will debug this as good as I can the following days. Here is my obsd maillog: Aug 11 22:58:02 chrisfroeschl smtpd[47164]: smtp-out: No valid route for [connector:[]->[relay:test.chrisfroeschl.de,smtp,heloname=mail.chrisfroeschl.de],0x0] Aug 11 22:58:12 chrisfroeschl smtpd[47164]: 0000000000000000 mta delivery evpid=3fb35f960656e8e3 from= to= rcpt=<-> source="-" relay="test.chrisfroeschl.de" delay=13s result="TempFail" stat="Network error on destination MXs" After cping my tcp587 to tcp25 I got (just to test if it only uses port 25): Aug 11 23:12:46 chrisfroeschl smtpd[47164]: 745c82d65e770f66 mta delivery evpid=03d30d409a5ab8fd from= to= rcpt=<-> source="5.252.227.212" relay="185.183.157.17 (test.chrisfroeschl.de)" delay=0s result="PermFail" stat="550 5.1.1 test.chrisfroeschl.de!chris ... user unknown" > there is a deficiency in the fqa’s description of setting up smtp and imap for remote users: > > - client side use against a 9front server is not described at all. > > - an “Inferno/POP secret” is used as the password for both smtp and > imap, which must be configured *in addition to* the user’s regular > auth password. see: http://fqa.9front.org/fqa7.html#7.4.2 > > i’ll address this. I intend to send a FQA patch the coming days (as soon as everything works) with some minor stuff I found besides the things you mentioned. I can try to add a first draft regarding your points. Feel free to edit it afterwards however you like. chris