Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.mail.sendmail > #8246 > unrolled thread

cdb access_db lookups don't return a result

Started byMarco Moock <mm@dorfdsl.de>
First post2026-02-01 12:51 +0100
Last post2026-02-02 09:43 +0100
Articles 9 — 3 participants

Back to article view | Back to comp.mail.sendmail


Contents

  cdb access_db lookups don't return a result Marco Moock <mm@dorfdsl.de> - 2026-02-01 12:51 +0100
    Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 20:01 +0000
      Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 21:10 +0000
        Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 21:21 +0000
          Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 21:33 +0000
          Re: cdb access_db lookups don't return a result Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> - 2026-02-02 01:13 -0500
            Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-02 08:10 +0000
    Re: cdb access_db lookups don't return a result Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> - 2026-02-02 03:05 -0500
      Re: cdb access_db lookups don't return a result Marco Moock <mm@dorfdsl.de> - 2026-02-02 09:43 +0100

#8246 — cdb access_db lookups don't return a result

FromMarco Moock <mm@dorfdsl.de>
Date2026-02-01 12:51 +0100
Subjectcdb access_db lookups don't return a result
Message-ID<20260201125137.54caee1c@ryz.dorfdsl.de>
Hello!

I am currently testing the Debian CDB builds.

Version 8.18.1
 Compiled with: DANE HAVE_SSL_CTX_dane_enable MAX_TLSA_RR=64 DNSMAP
                IPV6_FULL LDAPMAP LDAP_NETWORK_TIMEOUT LDAP_REFERRALS
LOG MAP_REGEX MATCHGECOS MAXDAEMONS=64 MILTER MIME7TO8 MIME8TO7
                NAMED_BIND NETINET NETINET6 NETUNIX NEWDB=5.3 CDB=2 NIS
NISPLUS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS TCPWRAPPERS TLS_EC
                TLS_VRFY_PER_CTX USERDB USE_LDAP_INIT XDEBUG
    OS Defines: ADDRCONFIG_IS_BROKEN HASFCHOWN HASFCHMOD HASFLOCK
                HASGETDTABLESIZE HAS_GETHOSTBYNAME2 HASGETUSERSHELL
                HASINITGROUPS HASLSTAT HASNICE HASRANDOM HASRRESVPORT
                HASSETREGID HASSETREUID HASSETRLIMIT HASSETSID
HASSETVBUF HASURANDOMDEV HASSTRERROR HASUNAME HASUNSETENV HASWAITPID
                IDENTPROTO IP_SRCROUTE NEEDSGETIPNODE REQUIRES_DIR_FSYNC
                SFS_VFS USE_DOUBLE_FORK USE_SIGLONGJMP USESETEUID
Kernel symbols: /boot/vmlinux
     Conf file: /etc/mail/submit.cf (default for MSP)
     Conf file: /etc/mail/sendmail.cf (default for MTA)
      Pid file: /var/run/sendmail/mta/sendmail.pid (default)
 libsm Defines: SM_CONF_LDAP_INITIALIZE SM_CONF_LDAP_MEMFREE
                SM_CONF_LONGLONG SM_CONF_MEMCHR SM_CONF_MSG SM_CONF_SEM
                SM_CONF_SIGSETJMP SM_CONF_SHM SM_CONF_SSIZE_T
SM_CONF_STDBOOL_H SM_CONF_STDDEF_H SM_CONF_SYS_CDEFS_H SM_CONF_UID_GID
                DO_NOT_USE_STRCPY SM_HEAP_CHECK SM_OS=sm_os_linux
SM_VA_STD FFR Defines: _FFR_BADRCPT_SHUTDOWN _FFR_MAIL_MACRO
_FFR_MTA_STS _FFR_NO_PIPE _FFR_QUEUE_SCHED_DBG _FFR_REJECT_NUL_BYTE
                _FFR_RESET_MACRO_GLOBALS _FFR_RHS _FFR_SHM_STATUS
                _FFR_SKIP_DOMAINS _FFR_TLS_ALTNAMES _FFR_M_ONLY_IPV4
Canonical name: deb-test.dorfdsl.de
 UUCP nodename: deb-test.dorfdsl.de
        a.k.a.: [IPv6:2a01:170:118f:2:0:0:0:f888]
     Conf file: /etc/mail/submit.cf (selected)
      Pid file: /var/run/sendmail/msp/sendmail.pid (selected)


I have:
root@deb-test:~# cdb -d /etc/mail/access.db 
+11,5:Connect:127->RELAY
+14,1:GreetPause:127->0
+14,1:ClientRate:127->0
+14,1:ClientConn:127->0
+16,5:Connect:IPv6:::1->RELAY
+14,5:Connect:10.0.0->RELAY
+19,1:GreetPause:IPv6:::1->0
+19,1:ClientRate:IPv6:::1->0
+19,1:ClientConn:IPv6:::1->0
+11,4:GreetPause:->5000
+11,2:ClientRate:->10
+11,2:ClientConn:->10
+16,6:Spam:postmaster@->FRIEND
+11,6:Spam:abuse@->FRIEND
+10,6:Spam:spam@->FRIEND
+7,6:reject@->REJECT
+21,46:From:googlegroups.com->ERROR:5.7.1:554 Google Groups not allowed
here +20,54:From:www.example.org->ERROR:5.7.1:554 www.example.org spam
not accepted here +16,50:From:example.org->ERROR:5.7.1:554 example.org
spam not accepted here +15,6:Connect:169.254->REJECT
+15,6:Connect:192.0.2->REJECT
+11,6:Connect:224->REJECT
+11,6:Connect:255->REJECT

root@deb-test:~# grep ^K /etc/mail/sendmail.cf
Kresolve host -a<OKR> -T<TEMP>
Karith arith
Kmacro macro
Kdequote dequote
Kaccess cdb -T<TMPF> /etc/mail/access
root@deb-test:~# 

The file access seems to work, I checked with auditd and also added
entries (without colons) that worked.

So I assumed that the following works, but the stuff with the colons
does not seem to work:

root@deb-test:~# sendmail -bt 
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> /map access Connect:IPv6:::1
map_lookup: access (Connect:IPv6:::1) no match (0)
> /map access reject@
map_lookup: access (reject@) returns REJECT (0)
> /map access Connect:192.0.2
map_lookup: access (Connect:192.0.2) no match (0)

On other Debian systems with db5.3, such lookups work.

What are I am doing wrong here?

-- 
kind regards
Marco

Send spam to 1769946177muell@stinkedores.dorfdsl.de

[toc] | [next] | [standalone]


#8247

Fromkalevi@kolttonen.fi (Kalevi Kolttonen)
Date2026-02-01 20:01 +0000
Message-ID<10lobec$2f7n$1@dont-email.me>
In reply to#8246
Marco Moock <mm@dorfdsl.de> wrote:
> On other Debian systems with db5.3, such lookups work.
> 
> What are I am doing wrong here?

No idea, but I just observed similar results on Fedora 43
having Sendmail 8.18.1 and tinycdb 0.80-5.

Maybe you should consider OpenLDAP or 389ds after all. Yes,
it may take some time to do the initial setup but it is not
that difficult.

br,
KK

[toc] | [prev] | [next] | [standalone]


#8248

Fromkalevi@kolttonen.fi (Kalevi Kolttonen)
Date2026-02-01 21:10 +0000
Message-ID<10lofh1$42or$1@dont-email.me>
In reply to#8247
Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
> Marco Moock <mm@dorfdsl.de> wrote:
>> On other Debian systems with db5.3, such lookups work.
>> 
>> What are I am doing wrong here?
> 
> No idea, but I just observed similar results on Fedora 43
> having Sendmail 8.18.1 and tinycdb 0.80-5.

Okay, I did some testing and checking. I found out that
Sendmail does cbd_find() with e.g. key like this:

  connect:127.0.0.1

Note the lower case 'c'. That is why lookups fail.

I have no time to investigate this any further and I am too
stupid anyway, but it seems like a Sendmail bug related to
cdb maps.

As a workaround, use lowercase cbd map keys.

br,
KK

[toc] | [prev] | [next] | [standalone]


#8249

Fromkalevi@kolttonen.fi (Kalevi Kolttonen)
Date2026-02-01 21:21 +0000
Message-ID<10log4h$495l$1@dont-email.me>
In reply to#8248
Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
> Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
>> Marco Moock <mm@dorfdsl.de> wrote:
>>> On other Debian systems with db5.3, such lookups work.
>>> 
>>> What are I am doing wrong here?
>> 
>> No idea, but I just observed similar results on Fedora 43
>> having Sendmail 8.18.1 and tinycdb 0.80-5.
> 
> Okay, I did some testing and checking. I found out that
> Sendmail does cbd_find() with e.g. key like this:
> 
>   connect:127.0.0.1
> 
> Note the lower case 'c'. That is why lookups fail.
> 
> I have no time to investigate this any further and I am too
> stupid anyway, but it seems like a Sendmail bug related to
> cdb maps.
> 
> As a workaround, use lowercase cbd map keys.

Now I figured it out! I guess this a feature after all and
not a Sendmail bug.

The crucial clue is in the makemap(8) man page:

#################################################################
 -f Normally all upper case letters in the key are folded to
 lower case. This flag disables that behaviour. This is
 intended to mesh with the -f flag in the K line in sendmail.cf.
 The value is never case folded.
#################################################################

So when you use makemap with BerkeleyBD/OracleDB, it automatically
downcases all the keys when it builds databases. With CDB, you
must use something like this to create databases. The following
works with bash:

  cdb -c -m access.db.cdb <(tr A-Z a-z < access)

br,
KK

[toc] | [prev] | [next] | [standalone]


#8250

Fromkalevi@kolttonen.fi (Kalevi Kolttonen)
Date2026-02-01 21:33 +0000
Message-ID<10logs2$4e20$1@dont-email.me>
In reply to#8249
Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
> With CDB, you must use something like this to create
> databases. The following works with bash:
> 
>   cdb -c -m access.db.cdb <(tr A-Z a-z < access)

Aargh, sorry, that is buggy because it downcases everything,
including the database values. This should work correctly:

cdb -c -m access.db.cdb <(awk '{print tolower($1) " " $2}' access)

br,
KK

[toc] | [prev] | [next] | [standalone]


#8252

FromClaus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org>
Date2026-02-02 01:13 -0500
Message-ID<10lpfa2$qeo$1@news.misty.com>
In reply to#8249
Kalevi Kolttonen wrote:

> So when you use makemap with BerkeleyBD/OracleDB, it automatically
> downcases all the keys when it builds databases. With CDB, you
> must use something like this to create databases. The following

Why don't you simply use makemap?

[toc] | [prev] | [next] | [standalone]


#8254

Fromkalevi@kolttonen.fi (Kalevi Kolttonen)
Date2026-02-02 08:10 +0000
Message-ID<10lpm5e$f6e5$1@dont-email.me>
In reply to#8252
Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> wrote:
> Why don't you simply use makemap?

Sorry! I did not realize it supports cdb too.

br,
KK

[toc] | [prev] | [next] | [standalone]


#8253

FromClaus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org>
Date2026-02-02 03:05 -0500
Message-ID<10lplsc$3be$1@news.misty.com>
In reply to#8246
Marco Moock  wrote:

> root@deb-test:~# cdb -d /etc/mail/access.db 
> +11,5:Connect:127->RELAY

How did you generate the map?

Did you use makemap?

[toc] | [prev] | [next] | [standalone]


#8255

FromMarco Moock <mm@dorfdsl.de>
Date2026-02-02 09:43 +0100
Message-ID<20260202094309.5412252c@ryz.dorfdsl.de>
In reply to#8253
On 02.02.2026 03:05 Uhr Claus Aßmann wrote:

> Marco Moock  wrote:
> 
> > root@deb-test:~# cdb -d /etc/mail/access.db 
> > +11,5:Connect:127->RELAY  
> 
> How did you generate the map?
> 
> Did you use makemap?

No, I did use
cdb -m -c /etc/mail/access.db /etc/mail/access

That doesn't change the LHS to lower case, which was the issue.

-- 
kind regards
Marco

Send spam to 1769997932muell@stinkedores.dorfdsl.de

[toc] | [prev] | [standalone]


Back to top | Article view | comp.mail.sendmail


csiph-web