opensmtpd 5.4.4 in freebsd 9 jail
Eric Faurot
eric at faurot.net
Fri Feb 27 09:57:16 UTC 2015
On Tue, Feb 24, 2015 at 11:42:32AM +0100, Cedric Berger wrote:
> Hello,
>
> Since I upgraded my freebsd 9 jail with the latest opensmtpd 5.4.4_1,1 port,
> smtp-out refuse to send any email to the outside world.
>
> I've seen a similar issue reported by "Meutel" here, but with no apparent
> solution:
>
> http://blog.gmane.org/gmane.mail.opensmtpd.general/day=20150211, 2nd post.
>
> Based on ktrace analysis, I believe the faulty code starts at line 210 of
> getaddrinfo_async.c in libasr:
>
> https://github.com/OpenSMTPD/libasr/blob/libasr-1.0.1/src/getaddrinfo_async.c
>
> This code returns EAI_NONAME if there is no non-loopback interface
> configured
> in the jail. This is my case, as a jail by default has only loopback
> interfaces configured (this doesn't prevent connecting to the outside
> world).
>
> If my analysis is correct, I believe that if no non-loopback interface is
> found, the code should also (in a second step) consider loopback interfaces
> when selecting IPv4 versus IPv6, instead of just bailing out.
>
> That would make the code more robust.
Hello.
I'll think how asr can be improved in the way you suggest. In the
meantime, the regression you see is actually due to the following
change in smtpd. Try without it. Note that it will also retreive
inet6 addresses, so you might want to add "limit mta inet4" in
smtpd.conf if inet6 is not routable on your system.
Eric.
diff --git a/smtpd/dns.c b/smtpd/dns.c
index fc8bce6..ea5d430 100644
--- a/smtpd/dns.c
+++ b/smtpd/dns.c
@@ -448,6 +448,7 @@ dns_lookup_host(struct dns_session *s, const char *host, int preference)
s->refcount++;
memset(&hints, 0, sizeof(hints));
+ hints.ai_flags = AI_ADDRCONFIG;
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
as = getaddrinfo_async(host, NULL, &hints, NULL);
More information about the freebsd-ports
mailing list