9front - general discussion about 9front
 help / color / mirror / Atom feed
From: chris@chrisfroeschl.de
To: 9front@9front.org
Subject: Re: [9front] Mail server setup
Date: Thu, 11 Aug 2022 14:37:22 +0200	[thread overview]
Message-ID: <FFD81696065588F5600039815A71C2C7@chrisfroeschl.de> (raw)
In-Reply-To: <14CB1CAB59F653E34676395E9100D074@chrisfroeschl.de>

I tried to adjust my tcp587 like so:

cpu% cat /bin/service/tcp587 
#!/bin/rc
user=`{cat /dev/user}
exec /bin/upas/smtpd -E -c /sys/lib/tls/cert -n $3

using the hidden E flag which allows me to skip the liar part (
/sys/src/cmd/upas/smtp/smtpd.c:465 ).  I'm not sure if that is more of
a hack away for debugging or intended for use.  Either way not
mentioned in the manpage, but used by sirjofri in his setup
http://sirjofri.de/changeblog/1594881674/ , while getting me at
least away from the liar errors.

Running from my client (all other configs adjusted ofc):

; echo $upasname
chris@test.chrisfroeschl.de
; echo 9test24 | mail -s 9test24 chris@chrisfroeschl.de

There doesn't seem to happen a 'real' authentication.  The next server
logs show the attempt to use the queue of 'none':

cpu% tail /sys/log/auth
chrisfroeschl Aug 11 11:46:10 cram-ok chris 185.183.157.17
cpu% tail /sys/log/mail
chrisfroeschl Aug 11 11:46:10 error chrisfroeschl.de!chris From test.chrisfroeschl.de!chris Thu Aug 11 11:46:10 +0200 2022
error+  from 'test.chrisfroeschl.de!chris'
error+ to 'chrisfroeschl.de!chris'
error+ failed with error 'qer: creating data file /mail/queue/none/D.006462: '/mail/queue/none' permission denied
error+ '.
error+ The mailer `/mail/lib/qmail 'test.chrisfroeschl.de!chris' 'net!chrisfroeschl.de'' returned error status 71.
error+ 
error+
cpu% tail /sys/log/smtpd
chrisfroeschl Aug 11 11:46:06 ehlo from XXX.XXX.XXX.XXX as cirno.fritz.box
chrisfroeschl Aug 11 11:46:08 started TLS with cirno.fritz.box
chrisfroeschl Aug 11 11:46:08 ehlo from XXX.XXX.XXX.XXX as cirno.fritz.box
chrisfroeschl Aug 11 11:46:10 auth(CRAM-MD5, (protected)) from cirno.fritz.box
chrisfroeschl Aug 11 11:46:10 ++[cirno.fritz.box/XXX.XXX.XXX.XXX] blocked: mail refused:  from 'test.chrisfroeschl.de!chris'

Not sure why there doesn't seem to be a proper auth attempt (although
CRAM-MD5) is mentioned.

Do I have to prepare some /mail/queue structure for 'chris' btw?  I
didn't do that by hand on my client if I remember correctly.  Here is
my whole server /mail structure:

cpu% walk -exp /mail/
a-rw-rw---- /mail/box/glenda/mbox/1659696218.00
...
d-rwxrwxrwx /mail/box/glenda/mbox
d-rwxrwxr-x /mail/box/glenda
a-rw-rw---- /mail/box/chris/mbox/1659696500.00
...
d-rwxrwxrwx /mail/box/chris/mbox
-lrw------- /mail/box/chris/mbox.idx
-lrw------- /mail/box/chris/L.mbox
--rwxrwxrwx /mail/box/chris/mbox.imp
a-rw-r----- /mail/box/chris/Sent/1660061970.00
...
d-rwxr-xr-x /mail/box/chris/Sent
-lrw------- /mail/box/chris/Sent.idx
--rw-r--r-- /mail/box/chris/Sent.imp
d-rwxr-xr-x /mail/box/chris
-lrw------- /mail/box/chris.idx
d-rwxrwxr-x /mail/box
d-rwxrwxr-x /mail/faxoutqueue
d-rwxrwxr-x /mail/faxqueue
d-r-xr-xr-x /mail/fs
d-rwxrwxr-x /mail/grey
--rw-rw-r-- /mail/lib/blocked
--rw-rw-r-- /mail/lib/classify.re
--rwxrwxr-x /mail/lib/gone.fishing
--rwxrwxr-x /mail/lib/justqmail
--rwxrwxr-x /mail/lib/kickqueue
--rwxrwxr-x /mail/lib/lazyqmail
--rw-rw-r-- /mail/lib/namefiles
--rw-rw-r-- /mail/lib/names.local
--rw-rw-r-- /mail/lib/pipeto.bayes
--rw-rw-r-- /mail/lib/prof.mbox
--rw-rw-r-- /mail/lib/prof.spam
--rwxrwxr-x /mail/lib/remotemail
--rw-rw-r-- /mail/lib/rewrite.direct
--rw-rw-r-- /mail/lib/rewrite.gateway
--rwxrwxr-x /mail/lib/setup.bayes
--rw-rw-r-- /mail/lib/smtpd.conf
--rwxrwxr-x /mail/lib/validateaddress
--rwxrwxr-x /mail/lib/validateattachment
--rw-rw-r-- /mail/lib/white.starter
--rw-rw-r-- /mail/lib/gone.msg
--rw-rw-r-- /mail/lib/ignore
--rwxrwxr-x /mail/lib/isspam.rc
--rwxrwxr-x /mail/lib/mailnews
--rwxrwxr-x /mail/lib/msgcat.rc
--rw-rw-r-- /mail/lib/patterns
--rw-rw-r-- /mail/lib/pipeto.lib
--rwxrwxr-x /mail/lib/qmail
--rw-rw-r-- /mail/lib/rewrite
--rwxrwxr-x /mail/lib/spam.rc
--rwxrwxr-x /mail/lib/unspam.rc
d-rwxrwxr-x /mail/lib
d-rwxrwxr-x /mail/queue
d-rwxrwxrwx /mail/tmp
d-rwxrwxr-x /mail
cpu% 

My client shows following log after sending the mail:

; tail /sys/log/smtp.fail 
cirno Aug 11 11:45:40 delivery chris@chrisfroeschl.de  at tcp!test.chrisfroeschl.de!587 (test.chrisfroeschl.de:185.183.157.17) rcptto failed: 554 5.7.1 mail refused:  from 'test.chrisfroeschl.de!chris'
; tail /sys/log/smtp
cirno Aug 11 11:45:37 started TLS to test.chrisfroeschl.de
; tail /sys/log/mail
cirno Aug 11 11:45:35 remote chrisfroeschl.de!chris From chris@test.chrisfroeschl.de Thu Aug 11 11:45:35 +0200 2022 (chris@chrisfroeschl.de) 220

Can't test the whole thing from my s-nail client because it demands a
cert that is not self signed.  I could probably configure it to ignore
it somehow, but I'm not really interested in running s-nail anyway.

Am I going to run into issues if I use a self signed cert in
communication with other smtp daemons?  I would really like to avoid
signing certs to be honest.

Anyway, I don't see how the FQA information alone could work.  Is this
indeed the current configuration of the (9front.org|cat-v.org|...)
mail server?  Any updates or insights would be very helpful.

chris

  reply	other threads:[~2022-08-11 12:39 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-06 13:17 chris
2022-08-06 19:46 ` william
2022-08-06 19:47 ` william
2022-08-08 10:26   ` chris
2022-08-09  8:21     ` william
2022-08-09 18:09       ` chris
2022-08-11 12:37         ` chris [this message]
2022-08-11 14:29           ` Stanley Lieber
2022-08-11 21:17             ` chris
2022-08-12  6:23               ` william
2022-08-12 13:47                 ` Stanley Lieber
2022-08-12  6:33               ` sirjofri
2022-08-12  7:10                 ` sirjofri
2022-08-12 15:27                   ` chris
2022-08-12 18:49                     ` sirjofri
2022-08-12 20:53                       ` chris
2022-08-12 22:25                     ` ori
2022-08-13  9:56                       ` Steve Simon
2022-08-07  0:56 ` sl

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=FFD81696065588F5600039815A71C2C7@chrisfroeschl.de \
    --to=chris@chrisfroeschl.de \
    --cc=9front@9front.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).