OK guys, I generally have a server up and running on FreeBSD.  I have a couple of issues though.

 

1.       I created my first domain and users and all emails are being rejected:  2016-04-14 04:04:48 H=<domain.tld> [35.9.75.75] F=<> rejected RCPT <emailaddress@firstdomain.tld>: relay not permitted

 

1.a. I checked the mysql database, the domain and all users are created and all point to the proper mail reporistory.

 

1.b. I checked directory create permissions by creating a directory in the mailstore directory:

 

root@svr6:/usr/local/etc # su -l exim4u

$ pwd

/usr/home/exim4u

$ ls

mail            public_html

$ cd mail

$ mkdir test.com

$ ls -l

total 4

drwxr-xr-x  2 exim4u  exim4u  512 Apr 14 04:16 test.com

$ exit

 

1.c. I created a new virtual domain just to be able to work with a domain that is not critical.  The postmaster welcome email was sent:

 

./maillog:Apr 14 04:26:51 svr6 sendmail[3131]: u3EBQocI003131: to=postmaster@<seconddomain.tld>, ctladdr=www (80/80), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30396, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (OK id=1aqfQA-0000oW-Qq)

 

But no domain directory was created in the mailstore.

 

1.d. I checked the exim mainlog and found the reject:

./mainlog:2016-04-14 04:26:51 H=(svr6.fritz.us.com) [10.10.0.250] F=<www@svr6.fritz.us.com> rejected RCPT <postmaster@seconddomain.tld>: relay not permitted

./mainlog:2016-04-14 04:26:51 1aqfQA-0000oW-Qq ** postmaster@ seconddomain.tld R=dnslookup T=remote_smtp H=svr6.fritz.us.com [216.70.235.150]: SMTP error from remote mail server after RCPT TO:<postmaster@ seconddomain.tld>: 550 relay not permitted

 

        1.e.  Any ideas?

 

2.       I installed dovecot 2 from packages: pkg install dovecot2 but I am not sure I can use it?  It seems like it is not compiled with the mysql auth method!  Am I correct?  do I need to configure and compile it from ports?

./maillog:Apr 14 02:20:54 svr6 dovecot: auth: Fatal: Support not compiled in for passdb driver 'sql'

 

 

 

Thx for any help.  I have actually kept a ‘log’ of the steps and progress and can hopefully publish a complete single steps-to-install-and confirgure doc for FreeBSD (once it will works of course!).

 

Helmut

 

 

 

 

 

 

From: users [mailto:users-bounces@exim4u.org] On Behalf Of Helmut Fritz
Sent: Wednesday, April 06, 2016 1:21 PM
To: 'Exim4U General Discussion'
Subject: Re: [Exim4U] [SPAM] issues with php-extesions install

 

Odhiambo,

Yessir – using 10.3.

 

Odhiambo/Gordon,

Thx for the tips.  I was, of course, compiling and installing everything that way.  Old habit.

 

I may well start over and just use packages to keep things clean.

 

Helmut

 

 

 

From: users [mailto:users-bounces@exim4u.org] On Behalf Of Gordon Dickens
Sent: Wednesday, April 06, 2016 5:37 AM
To: Exim4U General Discussion
Subject: Re: [Exim4U] [SPAM] issues with php-extesions install

 

Odhiambo is spot on here.  You don't need to compile most of the software that you are going to use with FreeBSD.  You can if  you want, but that will be alot more time consuming.  The "pkg" command is equivalent to "yum" in CentOS.  However, "yum" refreshes the repositories automatically whereas you need to run "pkg update"  to refresh repositories and then "pkg install" or "pkg update" to install or update packages.  AFAIK, there are only two packages that you will need to compile using the ports collection in order to get Exim4U working: exim and dovecot2.  You should compile these two packages in order to customize the configurations to work with mysql, sqlite, etc.  Otherwise, you should be able to install everything  with the "pkg" command.

Also, FreeBSD has another command that maintains the main operating system called "freebsd-update".  "freebsd-update" manages the kernel and the core operating system components. Use "freebsd-update fetch", freebsd-update install" to keep the core FreeBSD components up to date.

You also need to manage your ports collection to make sure that you have the most up to date source code.  To do that, use the "portsnap" command.  For example: "portsnap fetch" and "portsnap update"

These are your friends:

man freebsd-update
man portsnap
man pkg

FYI,

Gordon



On 04/06/2016 06:54 AM, Odhiambo Washington wrote:

In FreeBSD, please try to search for clues in  /usr/ports/UPDATING whenever you encounter a weird issue.

 

Also try and use pkg instead of ports whenever you can:

 

man pkg

 

I hope you are using FreeBSD 10.3 now that you are just starting and it was released this week:)

 

 

 

On 6 April 2016 at 08:55, Helmut Fritz <helmut@fritz.us.com> wrote:

OK – in general just ignore the below.

 

I redid all the php stuff (make deinstall, make clean, make install clean) in the default php5, all good,  same thing in php5-extensions, except this time I unchecked php-phar since it was not in the list of required modules.  Everything went well.

 

Sorry to potentially have wasted anybody’s time, I might get the hang of this UNIX stuff (again) yet.

 

The only mild concern is that the default version of php5 is deprecated, which will lead to an php-mbstrings STOP (unless is it overridden as I noted below) if php56 is attempted.

 

From: users [mailto:users-bounces@exim4u.org] On Behalf Of Helmut Fritz
Sent: Tuesday, April 05, 2016 9:21 PM
To: 'Exim4U General Discussion'
Subject: [SPAM] [Exim4U] issues with php-extesions install

 

OK, first issue, probably minor.

 

I get this installing the default php:

 

“This port is deprecated; you may wish to reconsider installing it:

 

PHP 5.4 is End of Life http://php.net/supported-versions.php.

 

It is scheduled to be removed on or after 2016-01-15.”

 

Figuring I should go to the latest version then, I installed php56 and then progressed to php56-extensions.  All good except that I found two of the extensions listed as required in the appendix for BSD are not present in the extensions setup to select.  Those two are:

 

php-spl

php-pcre

 

unfortunately the same issue is present in the base/default php-extensions as I went back there to see if they were present.

 

I also get a STOP when php-mbstring comes up, saying it has vulnerabilities in the latest php56.  I get a deprecated in the base/default php-extensions build.

 

While compiling the default/base php5-extensions I get a STOP on building php5-phar.  This is not in the list of required extensions but is listed as a dependency for php5-pdo (during its make).

 

“===>  php5-phar-5.4.45 has known vulnerabilities:

php5-phar-5.4.45 is vulnerable:

php -- multiple vulnerabilities

CVE: CVE-2015-7804

CVE: CVE-2015-7803

WWW: https://vuxml.FreeBSD.org/freebsd/c1da8b75-6aef-11e5-9909-002590263bf5.html

 

So maybe three questions:

 

1.       Should I use the deprecated (but seemingly default/base) php5 (5.4.x) or the newer php56?

2.       Do the two missing extensions matter?  if so, where do I get them? (see 2.a below!)

3.       For the default php5-phar, am I safe setting ‘DISABLE_VULNERABILITIES=yes' for make?  I could do the same for the newer version and ignore the mbstring vulnerability.

 

2.a. Interestingly enough when I run php –m, it shows both SPL and pcre as loaded – I think they are actually in core for quite a long while now?  perhaps they should be removed from the required list (unless it is assumed people are smarter than I and know they are part of core?)?

 

So this whole thing is probably OK except for the issues with mbstring and phar vulnerabilities?

 

 

 

 

 


_______________________________________________
users mailing list
users@exim4u.org
https://exim4u.org/mailman/listinfo/users



 

--

Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."



_______________________________________________
users mailing list
users@exim4u.org
https://exim4u.org/mailman/listinfo/users