Summary: | Qmail is strictly RFC w/ regards to bare LFs, email by bad host rejected by default | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Paul Sumner <paul> |
Component: | Current packages | Assignee: | Net-Mail Packages <net-mail+disabled> |
Status: | VERIFIED TEST-REQUEST | ||
Severity: | enhancement | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://cr.yp.to/docs/smtplf.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 29485 |
Description
Paul Sumner
2004-11-16 10:39:39 UTC
Oops. Actually, it should be the cmd right before qmail-smtp: # Stuff to run before tcpserver #QMAIL_TCPSERVER_PRE="" # Stuff to run qmail-smtpd QMAIL_SMTP_PRE="/usr/bin/fixcrio" Added to files/conf-smtpd, could you test it, please? Sure. Is the change in cvs HEAD? --I'm not finding it. It is already on the rsync-mirrors, but you have to remerge qmail after an It is already on the rsync-mirrors, but you have to remerge qmail after an «emerge --sync» and merge (or replace, but you may have to be careful) /var/qmail/control/conf-smtpd. Then you have to enable fixcrio in there, line 17. OK. I have a new server coming in today. I will just build it up w/ the new version (conf file) and report back. I sync'd, unmerged and remerged. I see the conf line change and it looks good. I've tested minimally and will be testing further with as I burn-test setup this new email server. I did notice 1 issue on my already setup email server at home. It appears that fixcrio may break ssl/tls; although, I need to verify my setup is correct to rule out user error and rule out a bad setup on the other end. To test this I used the following host: from usacycling.org (HELO pedal.usacycling.ORG) (209.177.135.180) by 192.168.1.2 with AES256-SHA encrypted SMTP; 5 Jan 2005 22:18:40 -0800 ..had it send me mail w/ and w/o fixcrio and found that qmail on my end would generate: @4000000041dcd80b0065863c tcpserver: pid 13510 from 209.177.135.180 @4000000041dcd80b077078ec tcpserver: ok 13510 :192.168.1.2:25 usacycling.org:209.177.135.180::60034 @4000000041dcd80b0f959214 tcpserver: end 13510 status 256 @4000000041dcd80b0f9599e4 tcpserver: status: 0/40 I seem to recall 256 being bad and my mail 1st (w/ fixcrio enabled) msg seems to get deferred. I'm not an expert on ssl/tls mail, but I imagine if fixcrio is changing the msg by removing those bare lfs then this might make sense. Although it would only then affect email servers generating ssl/tls msgs w/ bare lfs ;-) Hello Paul Thanks for the first test reports. It's very likely that fixcrio will break SSL/TLS. fixcrio replaces chars in the stream and SSL/TLS doesn't like that. However, I did not test it, because the current (old) SSL/TLS-patch is somehow broken on non-x86 platforms (I'm working on PowerPC). That's the cause why I'm currently integrating a new version of the patch and that needs a lot of rediffing. :/ Greets, Michael Hey Michael, Sorry for the delayed reply ;-) ....been busy w/ another server that was very problematic. Tuesday I finally begin work on our new email server. FYI, it is amd64. I'll report back how it goes. Closing. It's documented in bug 93958. |