From: chris@chrisfroeschl.de
To: 9front@9front.org
Subject: Re: [9front] Mail server setup
Date: Thu, 11 Aug 2022 14:37:22 +0200 [thread overview]
Message-ID: <FFD81696065588F5600039815A71C2C7@chrisfroeschl.de> (raw)
In-Reply-To: <14CB1CAB59F653E34676395E9100D074@chrisfroeschl.de>
I tried to adjust my tcp587 like so:
cpu% cat /bin/service/tcp587
#!/bin/rc
user=`{cat /dev/user}
exec /bin/upas/smtpd -E -c /sys/lib/tls/cert -n $3
using the hidden E flag which allows me to skip the liar part (
/sys/src/cmd/upas/smtp/smtpd.c:465 ). I'm not sure if that is more of
a hack away for debugging or intended for use. Either way not
mentioned in the manpage, but used by sirjofri in his setup
http://sirjofri.de/changeblog/1594881674/ , while getting me at
least away from the liar errors.
Running from my client (all other configs adjusted ofc):
; echo $upasname
chris@test.chrisfroeschl.de
; echo 9test24 | mail -s 9test24 chris@chrisfroeschl.de
There doesn't seem to happen a 'real' authentication. The next server
logs show the attempt to use the queue of 'none':
cpu% tail /sys/log/auth
chrisfroeschl Aug 11 11:46:10 cram-ok chris 185.183.157.17
cpu% tail /sys/log/mail
chrisfroeschl Aug 11 11:46:10 error chrisfroeschl.de!chris From test.chrisfroeschl.de!chris Thu Aug 11 11:46:10 +0200 2022
error+ from 'test.chrisfroeschl.de!chris'
error+ to 'chrisfroeschl.de!chris'
error+ failed with error 'qer: creating data file /mail/queue/none/D.006462: '/mail/queue/none' permission denied
error+ '.
error+ The mailer `/mail/lib/qmail 'test.chrisfroeschl.de!chris' 'net!chrisfroeschl.de'' returned error status 71.
error+
error+
cpu% tail /sys/log/smtpd
chrisfroeschl Aug 11 11:46:06 ehlo from XXX.XXX.XXX.XXX as cirno.fritz.box
chrisfroeschl Aug 11 11:46:08 started TLS with cirno.fritz.box
chrisfroeschl Aug 11 11:46:08 ehlo from XXX.XXX.XXX.XXX as cirno.fritz.box
chrisfroeschl Aug 11 11:46:10 auth(CRAM-MD5, (protected)) from cirno.fritz.box
chrisfroeschl Aug 11 11:46:10 ++[cirno.fritz.box/XXX.XXX.XXX.XXX] blocked: mail refused: from 'test.chrisfroeschl.de!chris'
Not sure why there doesn't seem to be a proper auth attempt (although
CRAM-MD5) is mentioned.
Do I have to prepare some /mail/queue structure for 'chris' btw? I
didn't do that by hand on my client if I remember correctly. Here is
my whole server /mail structure:
cpu% walk -exp /mail/
a-rw-rw---- /mail/box/glenda/mbox/1659696218.00
...
d-rwxrwxrwx /mail/box/glenda/mbox
d-rwxrwxr-x /mail/box/glenda
a-rw-rw---- /mail/box/chris/mbox/1659696500.00
...
d-rwxrwxrwx /mail/box/chris/mbox
-lrw------- /mail/box/chris/mbox.idx
-lrw------- /mail/box/chris/L.mbox
--rwxrwxrwx /mail/box/chris/mbox.imp
a-rw-r----- /mail/box/chris/Sent/1660061970.00
...
d-rwxr-xr-x /mail/box/chris/Sent
-lrw------- /mail/box/chris/Sent.idx
--rw-r--r-- /mail/box/chris/Sent.imp
d-rwxr-xr-x /mail/box/chris
-lrw------- /mail/box/chris.idx
d-rwxrwxr-x /mail/box
d-rwxrwxr-x /mail/faxoutqueue
d-rwxrwxr-x /mail/faxqueue
d-r-xr-xr-x /mail/fs
d-rwxrwxr-x /mail/grey
--rw-rw-r-- /mail/lib/blocked
--rw-rw-r-- /mail/lib/classify.re
--rwxrwxr-x /mail/lib/gone.fishing
--rwxrwxr-x /mail/lib/justqmail
--rwxrwxr-x /mail/lib/kickqueue
--rwxrwxr-x /mail/lib/lazyqmail
--rw-rw-r-- /mail/lib/namefiles
--rw-rw-r-- /mail/lib/names.local
--rw-rw-r-- /mail/lib/pipeto.bayes
--rw-rw-r-- /mail/lib/prof.mbox
--rw-rw-r-- /mail/lib/prof.spam
--rwxrwxr-x /mail/lib/remotemail
--rw-rw-r-- /mail/lib/rewrite.direct
--rw-rw-r-- /mail/lib/rewrite.gateway
--rwxrwxr-x /mail/lib/setup.bayes
--rw-rw-r-- /mail/lib/smtpd.conf
--rwxrwxr-x /mail/lib/validateaddress
--rwxrwxr-x /mail/lib/validateattachment
--rw-rw-r-- /mail/lib/white.starter
--rw-rw-r-- /mail/lib/gone.msg
--rw-rw-r-- /mail/lib/ignore
--rwxrwxr-x /mail/lib/isspam.rc
--rwxrwxr-x /mail/lib/mailnews
--rwxrwxr-x /mail/lib/msgcat.rc
--rw-rw-r-- /mail/lib/patterns
--rw-rw-r-- /mail/lib/pipeto.lib
--rwxrwxr-x /mail/lib/qmail
--rw-rw-r-- /mail/lib/rewrite
--rwxrwxr-x /mail/lib/spam.rc
--rwxrwxr-x /mail/lib/unspam.rc
d-rwxrwxr-x /mail/lib
d-rwxrwxr-x /mail/queue
d-rwxrwxrwx /mail/tmp
d-rwxrwxr-x /mail
cpu%
My client shows following log after sending the mail:
; tail /sys/log/smtp.fail
cirno Aug 11 11:45:40 delivery chris@chrisfroeschl.de at tcp!test.chrisfroeschl.de!587 (test.chrisfroeschl.de:185.183.157.17) rcptto failed: 554 5.7.1 mail refused: from 'test.chrisfroeschl.de!chris'
; tail /sys/log/smtp
cirno Aug 11 11:45:37 started TLS to test.chrisfroeschl.de
; tail /sys/log/mail
cirno Aug 11 11:45:35 remote chrisfroeschl.de!chris From chris@test.chrisfroeschl.de Thu Aug 11 11:45:35 +0200 2022 (chris@chrisfroeschl.de) 220
Can't test the whole thing from my s-nail client because it demands a
cert that is not self signed. I could probably configure it to ignore
it somehow, but I'm not really interested in running s-nail anyway.
Am I going to run into issues if I use a self signed cert in
communication with other smtp daemons? I would really like to avoid
signing certs to be honest.
Anyway, I don't see how the FQA information alone could work. Is this
indeed the current configuration of the (9front.org|cat-v.org|...)
mail server? Any updates or insights would be very helpful.
chris
next prev parent reply other threads:[~2022-08-11 12:39 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-06 13:17 chris
2022-08-06 19:46 ` william
2022-08-06 19:47 ` william
2022-08-08 10:26 ` chris
2022-08-09 8:21 ` william
2022-08-09 18:09 ` chris
2022-08-11 12:37 ` chris [this message]
2022-08-11 14:29 ` Stanley Lieber
2022-08-11 21:17 ` chris
2022-08-12 6:23 ` william
2022-08-12 13:47 ` Stanley Lieber
2022-08-12 6:33 ` sirjofri
2022-08-12 7:10 ` sirjofri
2022-08-12 15:27 ` chris
2022-08-12 18:49 ` sirjofri
2022-08-12 20:53 ` chris
2022-08-12 22:25 ` ori
2022-08-13 9:56 ` Steve Simon
2022-08-07 0:56 ` sl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=FFD81696065588F5600039815A71C2C7@chrisfroeschl.de \
--to=chris@chrisfroeschl.de \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).