Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.mail.sendmail > #8246 > unrolled thread
| Started by | Marco Moock <mm@dorfdsl.de> |
|---|---|
| First post | 2026-02-01 12:51 +0100 |
| Last post | 2026-02-02 09:43 +0100 |
| Articles | 9 — 3 participants |
Back to article view | Back to comp.mail.sendmail
cdb access_db lookups don't return a result Marco Moock <mm@dorfdsl.de> - 2026-02-01 12:51 +0100
Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 20:01 +0000
Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 21:10 +0000
Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 21:21 +0000
Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-01 21:33 +0000
Re: cdb access_db lookups don't return a result Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> - 2026-02-02 01:13 -0500
Re: cdb access_db lookups don't return a result kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-02-02 08:10 +0000
Re: cdb access_db lookups don't return a result Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> - 2026-02-02 03:05 -0500
Re: cdb access_db lookups don't return a result Marco Moock <mm@dorfdsl.de> - 2026-02-02 09:43 +0100
| From | Marco Moock <mm@dorfdsl.de> |
|---|---|
| Date | 2026-02-01 12:51 +0100 |
| Subject | cdb access_db lookups don't return a result |
| Message-ID | <20260201125137.54caee1c@ryz.dorfdsl.de> |
Hello!
I am currently testing the Debian CDB builds.
Version 8.18.1
Compiled with: DANE HAVE_SSL_CTX_dane_enable MAX_TLSA_RR=64 DNSMAP
IPV6_FULL LDAPMAP LDAP_NETWORK_TIMEOUT LDAP_REFERRALS
LOG MAP_REGEX MATCHGECOS MAXDAEMONS=64 MILTER MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB=5.3 CDB=2 NIS
NISPLUS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS TCPWRAPPERS TLS_EC
TLS_VRFY_PER_CTX USERDB USE_LDAP_INIT XDEBUG
OS Defines: ADDRCONFIG_IS_BROKEN HASFCHOWN HASFCHMOD HASFLOCK
HASGETDTABLESIZE HAS_GETHOSTBYNAME2 HASGETUSERSHELL
HASINITGROUPS HASLSTAT HASNICE HASRANDOM HASRRESVPORT
HASSETREGID HASSETREUID HASSETRLIMIT HASSETSID
HASSETVBUF HASURANDOMDEV HASSTRERROR HASUNAME HASUNSETENV HASWAITPID
IDENTPROTO IP_SRCROUTE NEEDSGETIPNODE REQUIRES_DIR_FSYNC
SFS_VFS USE_DOUBLE_FORK USE_SIGLONGJMP USESETEUID
Kernel symbols: /boot/vmlinux
Conf file: /etc/mail/submit.cf (default for MSP)
Conf file: /etc/mail/sendmail.cf (default for MTA)
Pid file: /var/run/sendmail/mta/sendmail.pid (default)
libsm Defines: SM_CONF_LDAP_INITIALIZE SM_CONF_LDAP_MEMFREE
SM_CONF_LONGLONG SM_CONF_MEMCHR SM_CONF_MSG SM_CONF_SEM
SM_CONF_SIGSETJMP SM_CONF_SHM SM_CONF_SSIZE_T
SM_CONF_STDBOOL_H SM_CONF_STDDEF_H SM_CONF_SYS_CDEFS_H SM_CONF_UID_GID
DO_NOT_USE_STRCPY SM_HEAP_CHECK SM_OS=sm_os_linux
SM_VA_STD FFR Defines: _FFR_BADRCPT_SHUTDOWN _FFR_MAIL_MACRO
_FFR_MTA_STS _FFR_NO_PIPE _FFR_QUEUE_SCHED_DBG _FFR_REJECT_NUL_BYTE
_FFR_RESET_MACRO_GLOBALS _FFR_RHS _FFR_SHM_STATUS
_FFR_SKIP_DOMAINS _FFR_TLS_ALTNAMES _FFR_M_ONLY_IPV4
Canonical name: deb-test.dorfdsl.de
UUCP nodename: deb-test.dorfdsl.de
a.k.a.: [IPv6:2a01:170:118f:2:0:0:0:f888]
Conf file: /etc/mail/submit.cf (selected)
Pid file: /var/run/sendmail/msp/sendmail.pid (selected)
I have:
root@deb-test:~# cdb -d /etc/mail/access.db
+11,5:Connect:127->RELAY
+14,1:GreetPause:127->0
+14,1:ClientRate:127->0
+14,1:ClientConn:127->0
+16,5:Connect:IPv6:::1->RELAY
+14,5:Connect:10.0.0->RELAY
+19,1:GreetPause:IPv6:::1->0
+19,1:ClientRate:IPv6:::1->0
+19,1:ClientConn:IPv6:::1->0
+11,4:GreetPause:->5000
+11,2:ClientRate:->10
+11,2:ClientConn:->10
+16,6:Spam:postmaster@->FRIEND
+11,6:Spam:abuse@->FRIEND
+10,6:Spam:spam@->FRIEND
+7,6:reject@->REJECT
+21,46:From:googlegroups.com->ERROR:5.7.1:554 Google Groups not allowed
here +20,54:From:www.example.org->ERROR:5.7.1:554 www.example.org spam
not accepted here +16,50:From:example.org->ERROR:5.7.1:554 example.org
spam not accepted here +15,6:Connect:169.254->REJECT
+15,6:Connect:192.0.2->REJECT
+11,6:Connect:224->REJECT
+11,6:Connect:255->REJECT
root@deb-test:~# grep ^K /etc/mail/sendmail.cf
Kresolve host -a<OKR> -T<TEMP>
Karith arith
Kmacro macro
Kdequote dequote
Kaccess cdb -T<TMPF> /etc/mail/access
root@deb-test:~#
The file access seems to work, I checked with auditd and also added
entries (without colons) that worked.
So I assumed that the following works, but the stuff with the colons
does not seem to work:
root@deb-test:~# sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> /map access Connect:IPv6:::1
map_lookup: access (Connect:IPv6:::1) no match (0)
> /map access reject@
map_lookup: access (reject@) returns REJECT (0)
> /map access Connect:192.0.2
map_lookup: access (Connect:192.0.2) no match (0)
On other Debian systems with db5.3, such lookups work.
What are I am doing wrong here?
--
kind regards
Marco
Send spam to 1769946177muell@stinkedores.dorfdsl.de
[toc] | [next] | [standalone]
| From | kalevi@kolttonen.fi (Kalevi Kolttonen) |
|---|---|
| Date | 2026-02-01 20:01 +0000 |
| Message-ID | <10lobec$2f7n$1@dont-email.me> |
| In reply to | #8246 |
Marco Moock <mm@dorfdsl.de> wrote: > On other Debian systems with db5.3, such lookups work. > > What are I am doing wrong here? No idea, but I just observed similar results on Fedora 43 having Sendmail 8.18.1 and tinycdb 0.80-5. Maybe you should consider OpenLDAP or 389ds after all. Yes, it may take some time to do the initial setup but it is not that difficult. br, KK
[toc] | [prev] | [next] | [standalone]
| From | kalevi@kolttonen.fi (Kalevi Kolttonen) |
|---|---|
| Date | 2026-02-01 21:10 +0000 |
| Message-ID | <10lofh1$42or$1@dont-email.me> |
| In reply to | #8247 |
Kalevi Kolttonen <kalevi@kolttonen.fi> wrote: > Marco Moock <mm@dorfdsl.de> wrote: >> On other Debian systems with db5.3, such lookups work. >> >> What are I am doing wrong here? > > No idea, but I just observed similar results on Fedora 43 > having Sendmail 8.18.1 and tinycdb 0.80-5. Okay, I did some testing and checking. I found out that Sendmail does cbd_find() with e.g. key like this: connect:127.0.0.1 Note the lower case 'c'. That is why lookups fail. I have no time to investigate this any further and I am too stupid anyway, but it seems like a Sendmail bug related to cdb maps. As a workaround, use lowercase cbd map keys. br, KK
[toc] | [prev] | [next] | [standalone]
| From | kalevi@kolttonen.fi (Kalevi Kolttonen) |
|---|---|
| Date | 2026-02-01 21:21 +0000 |
| Message-ID | <10log4h$495l$1@dont-email.me> |
| In reply to | #8248 |
Kalevi Kolttonen <kalevi@kolttonen.fi> wrote: > Kalevi Kolttonen <kalevi@kolttonen.fi> wrote: >> Marco Moock <mm@dorfdsl.de> wrote: >>> On other Debian systems with db5.3, such lookups work. >>> >>> What are I am doing wrong here? >> >> No idea, but I just observed similar results on Fedora 43 >> having Sendmail 8.18.1 and tinycdb 0.80-5. > > Okay, I did some testing and checking. I found out that > Sendmail does cbd_find() with e.g. key like this: > > connect:127.0.0.1 > > Note the lower case 'c'. That is why lookups fail. > > I have no time to investigate this any further and I am too > stupid anyway, but it seems like a Sendmail bug related to > cdb maps. > > As a workaround, use lowercase cbd map keys. Now I figured it out! I guess this a feature after all and not a Sendmail bug. The crucial clue is in the makemap(8) man page: ################################################################# -f Normally all upper case letters in the key are folded to lower case. This flag disables that behaviour. This is intended to mesh with the -f flag in the K line in sendmail.cf. The value is never case folded. ################################################################# So when you use makemap with BerkeleyBD/OracleDB, it automatically downcases all the keys when it builds databases. With CDB, you must use something like this to create databases. The following works with bash: cdb -c -m access.db.cdb <(tr A-Z a-z < access) br, KK
[toc] | [prev] | [next] | [standalone]
| From | kalevi@kolttonen.fi (Kalevi Kolttonen) |
|---|---|
| Date | 2026-02-01 21:33 +0000 |
| Message-ID | <10logs2$4e20$1@dont-email.me> |
| In reply to | #8249 |
Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
> With CDB, you must use something like this to create
> databases. The following works with bash:
>
> cdb -c -m access.db.cdb <(tr A-Z a-z < access)
Aargh, sorry, that is buggy because it downcases everything,
including the database values. This should work correctly:
cdb -c -m access.db.cdb <(awk '{print tolower($1) " " $2}' access)
br,
KK
[toc] | [prev] | [next] | [standalone]
| From | Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> |
|---|---|
| Date | 2026-02-02 01:13 -0500 |
| Message-ID | <10lpfa2$qeo$1@news.misty.com> |
| In reply to | #8249 |
Kalevi Kolttonen wrote: > So when you use makemap with BerkeleyBD/OracleDB, it automatically > downcases all the keys when it builds databases. With CDB, you > must use something like this to create databases. The following Why don't you simply use makemap?
[toc] | [prev] | [next] | [standalone]
| From | kalevi@kolttonen.fi (Kalevi Kolttonen) |
|---|---|
| Date | 2026-02-02 08:10 +0000 |
| Message-ID | <10lpm5e$f6e5$1@dont-email.me> |
| In reply to | #8252 |
Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> wrote: > Why don't you simply use makemap? Sorry! I did not realize it supports cdb too. br, KK
[toc] | [prev] | [next] | [standalone]
| From | Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> |
|---|---|
| Date | 2026-02-02 03:05 -0500 |
| Message-ID | <10lplsc$3be$1@news.misty.com> |
| In reply to | #8246 |
Marco Moock wrote: > root@deb-test:~# cdb -d /etc/mail/access.db > +11,5:Connect:127->RELAY How did you generate the map? Did you use makemap?
[toc] | [prev] | [next] | [standalone]
| From | Marco Moock <mm@dorfdsl.de> |
|---|---|
| Date | 2026-02-02 09:43 +0100 |
| Message-ID | <20260202094309.5412252c@ryz.dorfdsl.de> |
| In reply to | #8253 |
On 02.02.2026 03:05 Uhr Claus Aßmann wrote: > Marco Moock wrote: > > > root@deb-test:~# cdb -d /etc/mail/access.db > > +11,5:Connect:127->RELAY > > How did you generate the map? > > Did you use makemap? No, I did use cdb -m -c /etc/mail/access.db /etc/mail/access That doesn't change the LHS to lower case, which was the issue. -- kind regards Marco Send spam to 1769997932muell@stinkedores.dorfdsl.de
[toc] | [prev] | [standalone]
Back to top | Article view | comp.mail.sendmail
csiph-web