listen directive may use a table for authentication, to make this work the

table has to be defined BEFORE consequently move all tables in the examples to the beginning and before the listen directive to avoid tables not being found no functional change ran into this myself earlier, also reported by cjones via irc ok gilles
2025-01-10 06:47:55 -08:00 · 2016-05-03 18:43:45 +00:00 · 2016-05-03 18:43:45 +00:00 · 73ef410d8f
commit 73ef410d8f
parent 24faf8be05
2 changed files with 15 additions and 13 deletions
--- a/etc/mail/smtpd.conf
+++ b/etc/mail/smtpd.conf
@ -1,14 +1,14 @@
-#	$OpenBSD: smtpd.conf,v 1.8 2015/12/21 16:25:44 sunil Exp $
+#	$OpenBSD: smtpd.conf,v 1.9 2016/05/03 18:43:45 jung Exp $

 # This is the smtpd server system-wide configuration file.
 # See smtpd.conf(5) for more information.

+table aliases file:/etc/mail/aliases
+
 # To accept external mail, replace with: listen on all
 #
 listen on lo0

-table aliases file:/etc/mail/aliases
-
 # Uncomment the following to accept external mail for domain "example.org"
 #
 # accept from any for domain "example.org" alias <aliases> deliver to mbox
--- a/usr.sbin/smtpd/smtpd.conf.5
+++ b/usr.sbin/smtpd/smtpd.conf.5
@ -1,4 +1,4 @@
-.\"	$OpenBSD: smtpd.conf.5,v 1.158 2016/04/21 14:27:41 jsing Exp $
+.\"	$OpenBSD: smtpd.conf.5,v 1.159 2016/05/03 18:43:45 jung Exp $
 .\"
 .\" Copyright (c) 2008 Janne Johansson <jj@openbsd.org>
 .\" Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net>
@ -17,7 +17,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
 .\"
-.Dd $Mdocdate: April 21 2016 $
+.Dd $Mdocdate: May 3 2016 $
 .Dt SMTPD.CONF 5
 .Os
 .Sh NAME
@ -1051,9 +1051,11 @@ A secrets file is needed to specify a username and password:
 .Nm
 would look like this:
 .Bd -literal -offset indent
-listen on lo0
 table aliases file:/etc/mail/aliases
 table secrets file:/etc/mail/secrets
+
+listen on lo0
+
 accept for local alias <aliases> deliver to mbox
 accept for any relay via tls+auth://label@smtp.example.com \e
 	auth <secrets>
@ -1081,11 +1083,11 @@ The configuration file would look like this:
 pki mail.example.com certificate "/etc/ssl/mail.example.com.crt"
 pki mail.example.com key "/etc/ssl/private/mail.example.com.key"

+table aliases file:/etc/mail/aliases
+
 listen on lo0
 listen on egress tls pki mail.example.com auth

-table aliases file:/etc/mail/aliases
-
 accept for local alias <aliases> deliver to mda "/path/to/mda \-f \-"
 accept from any for domain example.com \e
 	deliver to mda "/path/to/mda \-f \-"
@ -1100,11 +1102,11 @@ but all outgoing mail is passed to dkimproxy_out on port 10027
 for signing.
 The signed messages are received on port 10028 and tagged for relaying.
 .Bd -literal -offset indent
+table aliases file:/etc/mail/aliases
+
 listen on lo0
 listen on lo0 port 10028 tag DKIM

-table aliases file:/etc/mail/aliases
-
 accept for local alias <aliases> deliver to mbox
 accept tagged DKIM for any relay
 accept from local for any relay via smtp://127.0.0.1:10027
@ -1118,12 +1120,12 @@ The table
 can be used to specify the IP addresses of relays that may legitimately
 originate mail with your domain as the sender.
 .Bd -literal -offset indent
-listen on lo0
-listen on egress
-
 table aliases file:/etc/mail/aliases
 table other-relays file:/etc/mail/other-relays

+listen on lo0
+listen on egress
+
 accept for local alias <aliases> deliver to mbox
 accept from local for any relay
 reject from ! source <other-relays> sender "@example.com" for any