From owner-freebsd-stable@freebsd.org Tue Aug 11 14:22:23 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 329443AFAA9 for ; Tue, 11 Aug 2020 14:22:23 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4BQw5V5dmKz4ZDX for ; Tue, 11 Aug 2020 14:22:22 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: by mailman.nyi.freebsd.org (Postfix) id C18193AFA63; Tue, 11 Aug 2020 14:22:22 +0000 (UTC) Delivered-To: stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C14803AF838 for ; Tue, 11 Aug 2020 14:22:22 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BQw5T6cnwz4Z7X for ; Tue, 11 Aug 2020 14:22:21 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id 07BEM7b0028731 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 11 Aug 2020 14:22:08 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: bengt.ahlgren@ri.se Received: from [10.58.0.10] (dadvw [10.58.0.10]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id 07BEM9Fh065168 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 11 Aug 2020 21:22:09 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: 11.4 sendmail with SASL and ports openssl? To: Bengt Ahlgren , stable@freebsd.org References: From: Eugene Grosbein Message-ID: Date: Tue, 11 Aug 2020 21:22:00 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * -0.0 SPF_PASS SPF: sender matches SPF record * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * 2.6 LOCAL_FROM From my domains * -0.0 NICE_REPLY_A Looks like a legit reply (A) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 4BQw5T6cnwz4Z7X X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=permerror (mx1.freebsd.org: domain of eugen@grosbein.net uses mechanism not recognized by this client) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-0.90 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.69)[-0.691]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-0.999]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_PERMFAIL(0.00)[empty SPF record]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.11)[-0.114]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Aug 2020 14:22:23 -0000 11.08.2020 20:49, Bengt Ahlgren wrote: > I have since long compiled sendmail in base with SASL using a src.conf > like this: > > # sendmail with SASL required for outgoing SMTP AUTH, see: > # https://www.freebsd.org/doc/en/books/handbook/SMTP-Auth.html > # depends on port security/cyrus-sasl2 > SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL > SENDMAIL_LDFLAGS=-L/usr/local/lib > SENDMAIL_LDADD=-lsasl2 > > Since I'm still using 11.4, I had to start using openssl from ports due > to qt5 5.15. Then the above didn't work anymore, so a bit reluctantly I > added -I/usr/local/include to the CFLAGS above, fearing that some other > random include file could be picked up. The Handbook was updated. Take a look to the link you have in the comment above for new settings. > It however compiled and the > resulting binary is linked thus: > > # ldd /usr/obj/usr/src/usr.sbin/sendmail/sendmail > /usr/obj/usr/src/usr.sbin/sendmail/sendmail: > libsasl2.so.3 => /usr/local/lib/libsasl2.so.3 (0x8008db000) > libutil.so.9 => /lib/libutil.so.9 (0x800af9000) > libssl.so.11 => /usr/local/lib/libssl.so.11 (0x800d0d000) > libcrypto.so.11 => /usr/local/lib/libcrypto.so.11 (0x801000000) > libwrap.so.6 => /usr/lib/libwrap.so.6 (0x8014cb000) > libc.so.7 => /lib/libc.so.7 (0x8016d4000) > libdl.so.1 => /usr/lib/libdl.so.1 (0x801a8b000) > libthr.so.3 => /lib/libthr.so.3 (0x801c8c000) > > Does this look right? Are there any know issues with this? If it's working for you, that's fine. If you like to minimize linking with ports libraries, use updated instructions from the Handbook. Sendmail will build and link with base system libssl/libcrypto and use only libsasl2 from ports/packages.