correct indentation; no functional change
ok tb@

relax ORCPT syntax validation

We expected the ORCPT parameter to be a valid rfc822 address. This is
wrong on multiple levels:

- any other IANA-registered "addr-type" can be used
- the parameter

relax ORCPT syntax validation

We expected the ORCPT parameter to be a valid rfc822 address. This is
wrong on multiple levels:

- any other IANA-registered "addr-type" can be used
- the parameter may be encoded and we didn't decode it prior validation
- RFC3461 explicitly states that "[..] the address associated with the
ORCPT keyword is NOT constrained to conform to the syntax rules for
that 'addr-type'".

Instead, just validate the xtext and preserve the ORCPT value as-is.

Issue originally reported by Tim Kuijsten, Tassilo Philipp and others.

ok millert@

show more ...

RFC 7505 ("Null MX") handling

mail delivery will not be attempted if a domain advertises a single MX
record with preference 0 and a zero-length label.

based on an initial diff from Philipp (philipp

RFC 7505 ("Null MX") handling

mail delivery will not be attempted if a domain advertises a single MX
record with preference 0 and a zero-length label.

based on an initial diff from Philipp (philipp+openbsd [at] bureaucracy
[dot] de), thanks!

ok jung@

show more ...

add missing include of time.h

spotted after a report on OpenSMTPD-portable. While here include
sys/time.h in smtpd.h, as noted in event_init(3), since it includes
event.h.

ok millert@

some fatal -> fatalx to improved logging

errno doesn't generally contains anything useful after libtls functions,
and in most cases it's explicitly cleared to avoid misuse, so change a
few fatal() c

some fatal -> fatalx to improved logging

errno doesn't generally contains anything useful after libtls functions,
and in most cases it's explicitly cleared to avoid misuse, so change a
few fatal() calls to fatalx() when logging libtls failures. Also, add
the real error string, via tls_error() or tls_config_error(), that was
missing before.

ok millert@

show more ...

Revert changes to use the new libtls signer api
There are bugs in the new libtls signer that can lead to a crash.
OK tb@ jsing@

use new libtls signer api

ok tb@

Do not verify the cert or CA for a relay using opportunistic TLS.
If a relay is not explicitly configured to use TLS but the remote
side supports STARTTLS, we will try to use it. However, in this
ca

Do not verify the cert or CA for a relay using opportunistic TLS.
If a relay is not explicitly configured to use TLS but the remote
side supports STARTTLS, we will try to use it. However, in this
case we should not verify the cert or CA (which may be self-signed).
This restores the relay behavior before the switch to libtls was made.
There is no change if the relay is explicitly configured to use TLS.
OK eric@

show more ...

add required headers for smtpd.h and remove unnecessary ones in other files.

ok jung@

replaces calls to err(3)/errx(3) with fatal()/fatalx() from log.c
for code that runs in the daemon.

ok florian@ millert@

allow to specify tls ciphers and protocols on listeners

ok tb@

if cipher list is not specified for a relay action, use the global
cipher list if defined. otherwise fallback to libtls default.

ok millert@

allow to specify tls protocols and ciphers on relay actions

ok espie@ sthen@ tb@

Start porting smtpd to libtls.

Note that it changes the way SNI works: The certificate to use is now
selected by looking at the names found in the certificates themselves,
rather than the names of t

Start porting smtpd to libtls.

Note that it changes the way SNI works: The certificate to use is now
selected by looking at the names found in the certificates themselves,
rather than the names of the pki entries in the configuration file.
The set of certificates for a tls listener must be defined explicitly by
using the pki listener option multiple times.

ok tb@

show more ...

keep track of the relay action in relays, will be used for smtp-out
reporting

teach relay action how to do domain-based relay host, this allows declaring
a single relay action with a mapping of relay hosts per domain.

ok eric@

teach smtpd how to do SRS so hosts that act as forwarders don't break SPF.
this basic implementation does SRS0/SRS1 encoding/decoding, validating time
and checksums.

with insight from semarie@, ok e

teach smtpd how to do SRS so hosts that act as forwarders don't break SPF.
this basic implementation does SRS0/SRS1 encoding/decoding, validating time
and checksums.

with insight from semarie@, ok eric@ and millert@

show more ...

Implement server certificate validation in smtp(1).
Check certificate against MX name in smtpd(8) mta.

ok gilles@

in mta_relay_cmp() properly check that authlabel or backupname are not NULL
before comparing their value with other relays

diff from Caspar Schutijser <caspar@schutijser.com>

use a specific and more relevant status message for failed smarthost
resolution.

ok gilles@

simplify the runq interface:

- remove (unused) per-job callback
- rename runq_schedule() to runq_schedule_at() and runq_delay()
to runq_schedule()
- remove unused runq_next()

ok sunil@ gilles@

remove dead code

ok gilles@

Allow to use the "tls" keyword on any relay action to force TLS, with
strict certificate validation. The "no-verify" becomes optional.

ok gilles@ millert@ semarie@

rename the ill-named "flags" member to "as_host" in domain structure.
remove yet another useless relay flag while there.

ok gilles@

simplify code path for backup relay and remove useless flag

ok gilles@