From nobody Wed Jun 30 15:26:14 2021
X-Original-To: stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id CCC5611CCE7E;
	Wed, 30 Jun 2021 15:26:19 +0000 (UTC)
	(envelope-from oscar@prutt.party)
Received: from out0.migadu.com (out0.migadu.com [IPv6:2001:41d0:2:267::])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4GFQDC4m27z4ds7;
	Wed, 30 Jun 2021 15:26:19 +0000 (UTC)
	(envelope-from oscar@prutt.party)
References: <87lf6zdk9i.fsf@prutt.party>
 <19635912-3de4-3fda-d7f8-cd9d64e99ef3@heuristicsystems.com.au>
 <877dib7b1r.fsf@prutt.party> <87939549.74.1625061176842@localhost>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prutt.party; s=key1;
	t=1625066777;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=gFD94U2l3ZU7SfHpro8RPsHCJKSAmsjvoLrxLvE8+uA=;
	b=LjZcDCZeng2MeBE56RIVhSpRsU0iERG1Sc5ehUt0yPZNwJ9FpcSu8ApMqmcpooAc7x0aGC
	tVZMWrPtCyuyfnKoYIavoZrdsO5eVEsKA/sb296AXWAwP2aQw3Q5SlgiNoT/VonyMbICfn
	K3cPXXB/iVulNi8L0bRQy04kMXxgaBtyLhKxUw7v/2rw17pXvlnOaKmQ0GjNvTQOASvFBF
	JSlVrrOzMqIs4ylm3A883vVUKpUCjPKizsn8IJtksVeXwLn5l4pPO08y57kxyvvAipSR0L
	0glAYOfCGEPC74nACyW2RVmOLXQzUNJymgHDohyeqlzziIQ6rdfQmqCwricmJw==
X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers.
To: Ronald Klop <ronald-lists@klop.ws>
Cc: Dewayne Geraghty <dewayne@heuristicsystems.com.au>, Oscar Carlsson via
 freebsd-stable <freebsd-stable@freebsd.org>, stable@freebsd.org
Subject: Re: dma crashes with simple configuration?
In-reply-to: <87939549.74.1625061176842@localhost>
Message-ID: <871r8j74rt.fsf@prutt.party>
Date: Wed, 30 Jun 2021 17:26:14 +0200
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
X-Migadu-Flow: FLOW_OUT
X-Migadu-Auth-User: oscar@prutt.party
X-Rspamd-Queue-Id: 4GFQDC4m27z4ds7
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
Reply-To: oscar@prutt.party
From: Oscar Carlsson via freebsd-stable <freebsd-stable@freebsd.org>
X-Original-From: Oscar Carlsson <oscar@prutt.party>
X-Spam: Yes
X-ThisMailContainsUnwantedMimeParts: N


Ronald Klop writes:

> Van: Oscar Carlsson via freebsd-stable 
> <freebsd-stable@freebsd.org>
> Datum: woensdag, 30 juni 2021 15:10
> Aan: Dewayne Geraghty <dewayne@heuristicsystems.com.au>
> CC: Oscar Carlsson via freebsd-stable 
> <freebsd-stable@freebsd.org>, stable@freebsd.org
> Onderwerp: Re: dma crashes with simple configuration?
>>
>> Dewayne Geraghty writes:
>>  > On 25/06/2021 7:29 am, Oscar Carlsson via freebsd-stable 
>>  > wrote:
>> >> Hi,
>> >>
>> >> I've tried to configure dma(8) to use a smarthost (hosted by 
>> >> >> migadu.com)
>> >> with a simple setup, but it just consumes 100% CPU before >> 
>> >> crashing. I've
>> >> seen this on two FreeBSD systems on different major versions 
>> >> >> (13 and 12)
>> >> so I'm not sure if it's my configuration, my mailing 
>> >> provider >> or dma is
>> >> acting up.
>> >>
>> >> Any obvious ideas?
>> >>
>> >> Here's a log:
>> >>
>> >> Jun 24 23:17:02 hilda dma[1800f][846]: new mail from 
>> >> user=root >> uid=26 envelope_from=<root@hilda>
>> >> Jun 24 23:17:02 hilda dma[1800f][846]: mail >> 
>> >> to=<oscar@prutt.party> queued as 1800f.800e48050
>> >> Jun 24 23:17:02 hilda dma[1800f.800e48050][1203]: >> 
>> >> <oscar@prutt.party> trying delivery
>> >> Jun 24 23:17:02 hilda dma[1800f.800e48050][1203]: using >> 
>> >> smarthost (smtp.migadu.com:465)
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [2001:41d0:2:863f::] 
>> >> pref 0
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to 
>> >> >> smtp.migadu.com [2001:41d0:2:863f::] failed: No route to 
>> >> host
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [2001:41d0:2:aacc::] 
>> >> pref 0
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to 
>> >> >> smtp.migadu.com [2001:41d0:2:aacc::] failed: No route to 
>> >> host
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [2001:41d0:2:267::] 
>> >> pref 0
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to 
>> >> >> smtp.migadu.com [2001:41d0:2:267::] failed: No route to 
>> >> host
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [91.121.223.63] pref 0
>> >> Jun 24 23:22:03 hilda dma[1800f.800e48050][1203]: stack >> 
>> >> overflow detected; terminated
>> >>
>> >> My /etc/dma/dma.conf
>> >>
>> >> SMARTHOST smtp.migadu.com
>> >> PORT 465
>> >> AUTHPATH /etc/dma/auth.conf
>> >> SECURETRANSFER
>> >> STARTTLS
>> >>
>> >> My /etc/dma/auth.conf
>> >>
>> >> username@prutt.party|smtp.migadu.com:supersecretpassword
>> >>
>> >> My /usr/local/etc/mail/mailer.conf:
>> >>
>> >> sendmail      /usr/libexec/dma
>> >> mailq         /usr/libexec/dma
>> >> newaliases    /usr/libexec/dma
>> >> rmail         /usr/libexec/dma
>> >>
>> >>
>> >> Regards,
>> >> Oscar
>> >>
>> > Oscar,
>> > I think port 465 requires TLS and doesn't negotiate via > 
>> > STARTTLS,
>> > perhaps remove STARTTLS from your config?  (I have > 
>> > DAEMON_OPTIONS for
>> > port 465 with M=Eaps, which I think is normal for that port - 
>> > I > did this
>> > like 15 years ago ;) )
>> >
>> > If it works, please share so other dma users that experience 
>> > a > similar
>> > issue, may benefit. :)
>> > Kind regards, Dewayne
>> Hi,
>> I've tried removing STARTTLS from my configuration but it 
>> doesn't
>> help. :(
>> I can't change to port 25 (the provider recommends 465, not 
>> sure it
>> even
>> allows port 25) either.
>> I'm currently behind the same IP address as a FreeBSD host 
>> suffering
>> from this issue, so I don't think it's a blacklisting issue or 
>> so
>> either.  In that case this mail would not be delivered either.
>>
>> BR,
>> Oscar
>>
>>
>
>
> Your provider does have port 587 with STARTTLS available. Which 
> might work better. That is what I use with dma on my machines 
> (although with another provider).
>
> $ openssl s_client -connect smtp.migadu.com:587 -starttls smtp 
> -brief
> CONNECTION ESTABLISHED
> Protocol version: TLSv1.2
> Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
> Peer certificate: CN = smtp.migadu.com
> Hash used: SHA256
> Signature type: RSA-PSS
> Verification: OK
> Supported Elliptic Curve Point Formats: 
> uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
> Server Temp Key: X25519, 253 bits
> 250 CHUNKING
> EHLO test
> 250-out1.migadu.com
> 250-PIPELINING
> 250-SIZE 52428800
> 250-ETRN
> 250-AUTH PLAIN LOGIN
> 250-AUTH=PLAIN LOGIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250-DSN
> 250 CHUNKING
> QUIT
> DONE
>
> Regards,
> Ronald.

Hi,

I've changed my configuration to use port 587, and tested 
connecting to
my provider on port 587 to rule out any firewall issues:

# openssl s_client -connect smtp.migadu.com:587 -starttls smtp 
  -brief
CONNECTION ESTABLISHED
Protocol version: TLSv1.2
Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
Peer certificate: CN = smtp.migadu.com
Hash used: SHA256
Signature type: RSA-PSS
Verification: OK
Supported Elliptic Curve Point Formats: 
uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Server Temp Key: X25519, 253 bits
250 CHUNKING
EHLO test
250-out1.migadu.com
250-PIPELINING
250-SIZE 52428800
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

# echo "hello world" | mail -v -s "dma test!" oscar@prutt.party
# echo $?
0

And my /var/log/maillog:

Jun 30 17:20:32 hilda dma[180ec][48243]: new mail from user=root 
uid=26 envelope_from=<root@hilda>
Jun 30 17:20:32 hilda dma[180ec][48243]: mail 
to=<oscar@prutt.party> queued as 180ec.800e48050
Jun 30 17:20:32 hilda dma[180ec.800e48050][48399]: 
<oscar@prutt.party> trying delivery
Jun 30 17:20:32 hilda dma[180ec.800e48050][48399]: using smarthost 
(smtp.migadu.com:465)
# removed the ipv6 messages
Jun 30 17:20:32 hilda dma[180ec.800e48050][48399]: trying remote 
delivery to smtp.migadu.com [188.165.223.204] pref 0
Jun 30 17:25:32 hilda dma[180ec.800e48050][48399]: stack overflow 
detected; terminated

:(


BR,
Oscar