Re: dma crashes with simple configuration?

From: Ronald Klop <ronald-lists_at_klop.ws>
Date: Wed, 30 Jun 2021 15:52:56 +0200 (CEST)
 
Van: Oscar Carlsson via freebsd-stable <freebsd-stable_at_freebsd.org>
Datum: woensdag, 30 juni 2021 15:10
Aan: Dewayne Geraghty <dewayne_at_heuristicsystems.com.au>
CC: Oscar Carlsson via freebsd-stable <freebsd-stable_at_freebsd.org>, stable_at_freebsd.org
Onderwerp: Re: dma crashes with simple configuration?
> 
> 
> Dewayne Geraghty writes:
> 
> > On 25/06/2021 7:29 am, Oscar Carlsson via freebsd-stable wrote:
> >> Hi,
> >>
> >> I've tried to configure dma(8) to use a smarthost (hosted by >> migadu.com)
> >> with a simple setup, but it just consumes 100% CPU before >> crashing. I've
> >> seen this on two FreeBSD systems on different major versions >> (13 and 12)
> >> so I'm not sure if it's my configuration, my mailing provider >> or dma is
> >> acting up.
> >>
> >> Any obvious ideas?
> >>
> >> Here's a log:
> >>
> >> Jun 24 23:17:02 hilda dma[1800f][846]: new mail from user=root >> uid=26 envelope_from=<root_at_hilda>
> >> Jun 24 23:17:02 hilda dma[1800f][846]: mail >> to=<oscar_at_prutt.party> queued as 1800f.800e48050
> >> Jun 24 23:17:02 hilda dma[1800f.800e48050][1203]: >> <oscar_at_prutt.party> trying delivery
> >> Jun 24 23:17:02 hilda dma[1800f.800e48050][1203]: using >> smarthost (smtp.migadu.com:465)
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying remote >> delivery to smtp.migadu.com [2001:41d0:2:863f::] pref 0
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to >> smtp.migadu.com [2001:41d0:2:863f::] failed: No route to host
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying remote >> delivery to smtp.migadu.com [2001:41d0:2:aacc::] pref 0
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to >> smtp.migadu.com [2001:41d0:2:aacc::] failed: No route to host
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying remote >> delivery to smtp.migadu.com [2001:41d0:2:267::] pref 0
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to >> smtp.migadu.com [2001:41d0:2:267::] failed: No route to host
> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying remote >> delivery to smtp.migadu.com [91.121.223.63] pref 0
> >> Jun 24 23:22:03 hilda dma[1800f.800e48050][1203]: stack >> overflow detected; terminated
> >>
> >> My /etc/dma/dma.conf
> >>
> >> SMARTHOST smtp.migadu.com
> >> PORT 465
> >> AUTHPATH /etc/dma/auth.conf
> >> SECURETRANSFER
> >> STARTTLS
> >>
> >> My /etc/dma/auth.conf
> >>
> >> username_at_prutt.party|smtp.migadu.com:supersecretpassword
> >>
> >> My /usr/local/etc/mail/mailer.conf:
> >>
> >> sendmail      /usr/libexec/dma
> >> mailq         /usr/libexec/dma
> >> newaliases    /usr/libexec/dma
> >> rmail         /usr/libexec/dma
> >>
> >>
> >> Regards,
> >> Oscar
> >>
> > Oscar,
> > I think port 465 requires TLS and doesn't negotiate via > STARTTLS,
> > perhaps remove STARTTLS from your config?  (I have > DAEMON_OPTIONS for
> > port 465 with M=Eaps, which I think is normal for that port - I > did this
> > like 15 years ago ;) )
> >
> > If it works, please share so other dma users that experience a > similar
> > issue, may benefit. :)
> > Kind regards, Dewayne
> 
> Hi,
> 
> I've tried removing STARTTLS from my configuration but it doesn't
> help. :(
> 
> I can't change to port 25 (the provider recommends 465, not sure it even
> allows port 25) either.
> 
> I'm currently behind the same IP address as a FreeBSD host suffering
> from this issue, so I don't think it's a blacklisting issue or so
> either.  In that case this mail would not be delivered either.
> 
> 
> BR,
> Oscar
>  
> 
> 
> 


Your provider does have port 587 with STARTTLS available. Which might work better. That is what I use with dma on my machines (although with another provider).

$ openssl s_client -connect smtp.migadu.com:587 -starttls smtp -brief
CONNECTION ESTABLISHED
Protocol version: TLSv1.2
Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
Peer certificate: CN = smtp.migadu.com
Hash used: SHA256
Signature type: RSA-PSS
Verification: OK
Supported Elliptic Curve Point Formats: uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Server Temp Key: X25519, 253 bits
250 CHUNKING
EHLO test
250-out1.migadu.com
250-PIPELINING
250-SIZE 52428800
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
QUIT
DONE

Regards,
Ronald.
 
Received on Wed Jun 30 2021 - 13:52:56 UTC

Original text of this message