diff options
| author |   kn <kn@openbsd.org> | 2019-07-24 20:44:21 +0000 |
|---|---|---|
| committer | kn <kn@openbsd.org> | 2019-07-24 20:44:21 +0000 |
| commit | 1fa40e15fb395558ac4ed278cbdc2c99e8e45c2b (patch) | |
| tree | bf14bcae767375cbeb859f5be8b5de68f74ca3da | |
| parent | mrt.h only needs to be included by mrt.c (diff) | |
| download | wireguard-openbsd-1fa40e15fb395558ac4ed278cbdc2c99e8e45c2b.tar.xz wireguard-openbsd-1fa40e15fb395558ac4ed278cbdc2c99e8e45c2b.zip | |
Make SMTPS default to port 465 in relay-host
While the other protocols either require an explicit port (LTMP) or
correctly default to 25 for plaintext as well as STARTTLS, SMTP with forced
TLS never happens on 25, so default to the well defined standard instead.
Input and OK gilles
| -rw-r--r-- | usr.sbin/smtpd/smtpd.conf.5 | 9 | ||||
| -rw-r--r-- | usr.sbin/smtpd/to.c | 19 |
2 files changed, 16 insertions, 12 deletions
diff --git a/usr.sbin/smtpd/smtpd.conf.5 b/usr.sbin/smtpd/smtpd.conf.5 index 2013faeeec0..467752038e4 100644 --- a/usr.sbin/smtpd/smtpd.conf.5 +++ b/usr.sbin/smtpd/smtpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: smtpd.conf.5,v 1.211 2019/07/24 15:31:53 kmos Exp $ +.\" $OpenBSD: smtpd.conf.5,v 1.212 2019/07/24 20:44:21 kn Exp $ .\" .\" Copyright (c) 2008 Janne Johansson <jj@openbsd.org> .\" Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net> @@ -250,9 +250,14 @@ Normal SMTP session with mandatory STARTTLS. Plain text SMTP session without TLS. .It lmtp LMTP session. +.Ar port +is required. .It smtps -SMTP session with forced TLS on connection. +SMTP session with forced TLS on connection, default port is 465. .El +Unless noted, +.Ar port +defaults to 25. .Pp The .Ar label diff --git a/usr.sbin/smtpd/to.c b/usr.sbin/smtpd/to.c index 2462b48970c..e9b95ca6239 100644 --- a/usr.sbin/smtpd/to.c +++ b/usr.sbin/smtpd/to.c @@ -1,4 +1,4 @@ -/* $OpenBSD: to.c,v 1.36 2019/07/22 23:01:48 kn Exp $ */ +/* $OpenBSD: to.c,v 1.37 2019/07/24 20:44:21 kn Exp $ */ /* * Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net> @@ -305,16 +305,18 @@ text_to_relayhost(struct relayhost *relay, const char *s) const char *name; int tls; uint16_t flags; + uint16_t port; } schemas [] = { /* * new schemas should be *appended* otherwise the default * schema index needs to be updated later in this function. */ - { "smtp://", RELAY_TLS_OPPORTUNISTIC, 0 }, - { "smtp+tls://", RELAY_TLS_STARTTLS, 0 }, - { "smtp+notls://", RELAY_TLS_NO, 0 }, - { "lmtp://", RELAY_TLS_NO, RELAY_LMTP }, - { "smtps://", RELAY_TLS_SMTPS, 0 } + { "smtp://", RELAY_TLS_OPPORTUNISTIC, 0, 25 }, + { "smtp+tls://", RELAY_TLS_STARTTLS, 0, 25 }, + { "smtp+notls://", RELAY_TLS_NO, 0, 25 }, + /* need to specify an explicit port for LMTP */ + { "lmtp://", RELAY_TLS_NO, RELAY_LMTP, 0 }, + { "smtps://", RELAY_TLS_SMTPS, 0, 465 } }; const char *errstr = NULL; char *p, *q; @@ -346,10 +348,7 @@ text_to_relayhost(struct relayhost *relay, const char *s) relay->tls = schemas[i].tls; relay->flags = schemas[i].flags; - - /* need to specify an explicit port for LMTP */ - if (relay->flags & RELAY_LMTP) - relay->port = 0; + relay->port = schemas[i].port; /* first, we extract the label if any */ if ((q = strchr(p, '@')) != NULL) { |