Re: dma crashes with simple configuration?

Ronald Klop writes:

> Van: Oscar Carlsson via freebsd-stable 
> <freebsd-stable@freebsd.org>
> Datum: woensdag, 30 juni 2021 15:10
> Aan: Dewayne Geraghty <dewayne@heuristicsystems.com.au>
> CC: Oscar Carlsson via freebsd-stable 
> <freebsd-stable@freebsd.org>, stable@freebsd.org
> Onderwerp: Re: dma crashes with simple configuration?
>>
>> Dewayne Geraghty writes:
>>  > On 25/06/2021 7:29 am, Oscar Carlsson via freebsd-stable 
>>  > wrote:
>> >> Hi,
>> >>
>> >> I've tried to configure dma(8) to use a smarthost (hosted by 
>> >> >> migadu.com)
>> >> with a simple setup, but it just consumes 100% CPU before >> 
>> >> crashing. I've
>> >> seen this on two FreeBSD systems on different major versions 
>> >> >> (13 and 12)
>> >> so I'm not sure if it's my configuration, my mailing 
>> >> provider >> or dma is
>> >> acting up.
>> >>
>> >> Any obvious ideas?
>> >>
>> >> Here's a log:
>> >>
>> >> Jun 24 23:17:02 hilda dma[1800f][846]: new mail from 
>> >> user=root >> uid=26 envelope_from=<root@hilda>
>> >> Jun 24 23:17:02 hilda dma[1800f][846]: mail >> 
>> >> to=<oscar@prutt.party> queued as 1800f.800e48050
>> >> Jun 24 23:17:02 hilda dma[1800f.800e48050][1203]: >> 
>> >> <oscar@prutt.party> trying delivery
>> >> Jun 24 23:17:02 hilda dma[1800f.800e48050][1203]: using >> 
>> >> smarthost (smtp.migadu.com:465)
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [2001:41d0:2:863f::] 
>> >> pref 0
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to 
>> >> >> smtp.migadu.com [2001:41d0:2:863f::] failed: No route to 
>> >> host
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [2001:41d0:2:aacc::] 
>> >> pref 0
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to 
>> >> >> smtp.migadu.com [2001:41d0:2:aacc::] failed: No route to 
>> >> host
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [2001:41d0:2:267::] 
>> >> pref 0
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: connect to 
>> >> >> smtp.migadu.com [2001:41d0:2:267::] failed: No route to 
>> >> host
>> >> Jun 24 23:17:03 hilda dma[1800f.800e48050][1203]: trying 
>> >> remote >> delivery to smtp.migadu.com [91.121.223.63] pref 0
>> >> Jun 24 23:22:03 hilda dma[1800f.800e48050][1203]: stack >> 
>> >> overflow detected; terminated
>> >>
>> >> My /etc/dma/dma.conf
>> >>
>> >> SMARTHOST smtp.migadu.com
>> >> PORT 465
>> >> AUTHPATH /etc/dma/auth.conf
>> >> SECURETRANSFER
>> >> STARTTLS
>> >>
>> >> My /etc/dma/auth.conf
>> >>
>> >> username@prutt.party|smtp.migadu.com:supersecretpassword
>> >>
>> >> My /usr/local/etc/mail/mailer.conf:
>> >>
>> >> sendmail      /usr/libexec/dma
>> >> mailq         /usr/libexec/dma
>> >> newaliases    /usr/libexec/dma
>> >> rmail         /usr/libexec/dma
>> >>
>> >>
>> >> Regards,
>> >> Oscar
>> >>
>> > Oscar,
>> > I think port 465 requires TLS and doesn't negotiate via > 
>> > STARTTLS,
>> > perhaps remove STARTTLS from your config?  (I have > 
>> > DAEMON_OPTIONS for
>> > port 465 with M=Eaps, which I think is normal for that port - 
>> > I > did this
>> > like 15 years ago ;) )
>> >
>> > If it works, please share so other dma users that experience 
>> > a > similar
>> > issue, may benefit. :)
>> > Kind regards, Dewayne
>> Hi,
>> I've tried removing STARTTLS from my configuration but it 
>> doesn't
>> help. :(
>> I can't change to port 25 (the provider recommends 465, not 
>> sure it
>> even
>> allows port 25) either.
>> I'm currently behind the same IP address as a FreeBSD host 
>> suffering
>> from this issue, so I don't think it's a blacklisting issue or 
>> so
>> either.  In that case this mail would not be delivered either.
>>
>> BR,
>> Oscar
>>
>>
>
>
> Your provider does have port 587 with STARTTLS available. Which 
> might work better. That is what I use with dma on my machines 
> (although with another provider).
>
> $ openssl s_client -connect smtp.migadu.com:587 -starttls smtp 
> -brief
> CONNECTION ESTABLISHED
> Protocol version: TLSv1.2
> Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
> Peer certificate: CN = smtp.migadu.com
> Hash used: SHA256
> Signature type: RSA-PSS
> Verification: OK
> Supported Elliptic Curve Point Formats: 
> uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
> Server Temp Key: X25519, 253 bits
> 250 CHUNKING
> EHLO test
> 250-out1.migadu.com
> 250-PIPELINING
> 250-SIZE 52428800
> 250-ETRN
> 250-AUTH PLAIN LOGIN
> 250-AUTH=PLAIN LOGIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250-DSN
> 250 CHUNKING
> QUIT
> DONE
>
> Regards,
> Ronald.

Hi,

I've changed my configuration to use port 587, and tested 
connecting to
my provider on port 587 to rule out any firewall issues:

# openssl s_client -connect smtp.migadu.com:587 -starttls smtp 
  -brief
CONNECTION ESTABLISHED
Protocol version: TLSv1.2
Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
Peer certificate: CN = smtp.migadu.com
Hash used: SHA256
Signature type: RSA-PSS
Verification: OK
Supported Elliptic Curve Point Formats: 
uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Server Temp Key: X25519, 253 bits
250 CHUNKING
EHLO test
250-out1.migadu.com
250-PIPELINING
250-SIZE 52428800
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

# echo "hello world" | mail -v -s "dma test!" oscar@prutt.party
# echo $?
0

And my /var/log/maillog:

Jun 30 17:20:32 hilda dma[180ec][48243]: new mail from user=root 
uid=26 envelope_from=<root@hilda>
Jun 30 17:20:32 hilda dma[180ec][48243]: mail 
to=<oscar@prutt.party> queued as 180ec.800e48050
Jun 30 17:20:32 hilda dma[180ec.800e48050][48399]: 
<oscar@prutt.party> trying delivery
Jun 30 17:20:32 hilda dma[180ec.800e48050][48399]: using smarthost 
(smtp.migadu.com:465)
# removed the ipv6 messages
Jun 30 17:20:32 hilda dma[180ec.800e48050][48399]: trying remote 
delivery to smtp.migadu.com [188.165.223.204] pref 0
Jun 30 17:25:32 hilda dma[180ec.800e48050][48399]: stack overflow 
detected; terminated

:(


BR,
Oscar