On Thu, Jul 25, 2024 at 01:47:31PM +0200, Philipp wrote:
> Hi
> 
> I have noticed that the ca option for relay is not documented in the
> action section of smtpd.conf(5). I have a patch for this.
> 

hi.

i think it was probably felt that the scenario was already covered by
this text:

     ca caname cert cafile
	     Associate the Certificate Authority (CA) certificate file cafile
	     with ca entry caname.  The ca entry can be referenced in listener
	     rules and relay actions.

however since we do list it for "listener rules" i guess we should be
consistent either way, so i agree it makes sense to document it.

i don;t actually like the terminology "listener rules" and "relay
action" though. the rules are "listen on" and "action ... relay".

so updated diff:

- sort your text into the correct place
- use "listen on" and "action ... relay"

looking for smtpd dev yays or nays...
jmc

Index: smtpd.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/smtpd.conf.5,v
diff -u -p -r1.271 smtpd.conf.5
--- smtpd.conf.5	24 Mar 2024 06:22:18 -0000	1.271
+++ smtpd.conf.5	25 Jul 2024 13:55:53 -0000
@@ -230,6 +230,14 @@ with higher priority.
 Operate as a backup mail exchanger delivering messages to any mail exchanger
 with higher priority than mail exchanger identified as
 .Ar name .
+.It Cm ca Ar caname
+For secure connections,
+use the certificate authority associated with
+.Ar caname
+(declared in a
+.Ic ca
+directive)
+to validate the server's identity.
 .It Cm helo Ar heloname
 Advertise
 .Ar heloname
@@ -366,7 +374,11 @@ Associate the Certificate Authority (CA)
 .Ar cafile
 with ca entry
 .Ar caname .
-The ca entry can be referenced in listener rules and relay actions.
+The ca entry can be referenced in
+.Cm listen on
+and
+.Cm action ... relay
+rules.
 .It Ic filter Ar chain-name Ic chain Brq Ar filter-name Op , Ar ...
 Register a chain of filters
 .Ar chain-name ,