Bug 275996 - mail/sendmail: Fix MTA-STS support, to local-deliverable with MTA-STS enabled (workaround)
Summary: mail/sendmail: Fix MTA-STS support, to local-deliverable with MTA-STS enabled...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Dirk Meyer
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-12-29 11:33 UTC by Norikatsu Shigemura
Modified: 2024-02-08 03:16 UTC (History)
2 users (show)

See Also:
dinoex: maintainer-feedback+

Attachments
diff for cf/m4/proto.m4 (1.50 KB, patch)
2023-12-29 11:33 UTC, Norikatsu Shigemura 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Norikatsu Shigemura 2023-12-29 11:33:34 UTC 
Created attachment 247331 [details]
diff for cf/m4/proto.m4

I and hrs (hrs@FreeBSD.org) researched this issue. So hrs@ found a order bug to refer /etc/mail/acccess and a workaround.

- MTA-STS support almost work to outer MTA.
- MTA-STS enabled to local doesn't work to inner MTA. Because...
  - MTA-STS request TLS to UNIX domain socket, we think this is a bug.
  - hrs@ found a workaround to disable by TLS_Srv in /etc/mail/access. 
  - But TLS_Srv doesn't work to MTA-STS by not activate access table.


I confirmed that I can delivery to my local domain by MTA-STS enabled, to apply attached patch, and set `TLS_Srv:localhost NONE` in /etc/mail/access (and generated /etc/mail/access.db).
Comment 1 Dirk Meyer freebsd_committer freebsd_triage 2023-12-29 22:02:43 UTC 
Looks fine, I will test
Comment 2 commit-hook freebsd_committer freebsd_triage 2023-12-29 22:27:55 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=4281b33b63ee7666da9177cefd1c55e08a74e034

commit 4281b33b63ee7666da9177cefd1c55e08a74e034
Author:     Dirk Meyer <dinoex@FreeBSD.org>
AuthorDate: 2023-12-29 22:23:07 +0000
Commit:     Dirk Meyer <dinoex@FreeBSD.org>
CommitDate: 2023-12-29 22:27:29 +0000

    l/sendmaili-devel: Fix MTA-STS support, to local-deliverable with MTA-STS enabled

    PR: 275996
    Submitted by: Hiroki Sato
    Submitted by: Norikatsu Shigemura

 mail/sendmail-devel/Makefile                     |  2 +-
 mail/sendmail-devel/files/patch-cfproto.m4 (new) | 24 ++++++++++++++++++++++++
 mail/sendmail-devel/files/patch-cfsts.m4         |  6 +++---
 mail/sendmail-devel/files/patch-daemon.c         |  4 ++--
 mail/sendmail-devel/files/patch-makeinfo.sh      |  4 ++--
 mail/sendmail-devel/files/patch-readcf.c         |  8 ++++----
 mail/sendmail-devel/files/patch-sendmail.8       |  8 ++++----
 mail/sendmail-devel/files/patch-smrsh.8          |  4 ++--
 mail/sendmail-devel/files/patch-usersmtp.c       |  6 +++---
 9 files changed, 45 insertions(+), 21 deletions(-)
Comment 3 commit-hook freebsd_committer freebsd_triage 2023-12-29 22:28:56 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=cbe669b1f9b1c617680b20b7a3ecb1d853b75982

commit cbe669b1f9b1c617680b20b7a3ecb1d853b75982
Author:     Dirk Meyer <dinoex@FreeBSD.org>
AuthorDate: 2023-12-29 22:28:22 +0000
Commit:     Dirk Meyer <dinoex@FreeBSD.org>
CommitDate: 2023-12-29 22:28:22 +0000

    mail/sendmail: Fix MTA-STS support, to local-deliverable with MTA-STS enabled

    PR: 275996
    Submitted by: Hiroki Sato
    Submitted by: Norikatsu Shigemura

 mail/sendmail/Makefile                     |  2 +-
 mail/sendmail/files/patch-cfproto.m4 (new) | 24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)