• Willkommen im Linux Club - dem deutschsprachigen Supportforum für GNU/Linux. Registriere dich kostenlos, um alle Inhalte zu sehen und Fragen zu stellen.

fetchmail->postfix->Spam_>Postfix->cyrus

Status
Für weitere Antworten geschlossen.
Hy,

sorry dafür, aber ich weiß einfach nicht mehr weiter.
Dial-in, fetchmail geht (mails in mailq)
SuSE 9.1, alle Updates
Virenscanner antivir
Grüße
Carsten

PS: in den .logs steht, daß der Service smtp/tcp fehlt, nur warum???

Hier meine .confs:

amavis.conf
Code:
use strict;
$MYHOME = '/var/spool/amavis';
$mydomain = 'wi-mi.del';      # (no useful default)
$myhostname = 'main.wi-mi.del';
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$TEMPBASE = $MYHOME;	        # (must be set if other config vars use is)
$ENV{TMPDIR} = $TEMPBASE;       # wise to set TMPDIR, but not obligatory
$forward_method = 'smtp:127.0.0.1:10025';  # where to forward checked mail
$notify_method = $forward_method;          # where to submit notifications
$max_servers  =  2;   # number of pre-forked children          (default 2)
$max_requests = 10;   # retire a child after that many accepts (default 10)

$child_timeout=5*60;  # abort child if it does not complete each task in n sec
                      # (default: 8*60 seconds)

@local_domains_acl = ( ".$mydomain" );  # $mydomain and its subdomains
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
$inet_socket_port = 10024;        # accept SMTP on this local TCP port
                                  # (default is undef, i.e. disabled)
@inet_acl = qw( 127.0.0.1 );      # allow SMTP access only from localhost IP
                                  # (default is qw( 127.0.0.1 ) )

$DO_SYSLOG = 0;                   # (defaults to false)
$LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)

$log_level = 2;		  # (defaults to 0)

# log both infected and noninfected messages (default):
$log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #
<%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';

$final_virus_destiny      = D_DISCARD;  # (defaults to D_BOUNCE)
$final_banned_destiny     = D_BOUNCE;  # (defaults to D_BOUNCE)
$final_spam_destiny = D_DISCARD;
$final_bad_header_destiny = D_PASS;  # (defaults to D_PASS), D_BOUNCE suggested
$warnvirusrecip = 1;	# (defaults to false (undef))
$viruses_that_fake_sender_re = new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
  qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
  qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
  qr'@mm|@MM',    # mass mailing viruses as labeled by f-prot and uvscan
  qr'Worm'i,      # worms as labeled by ClamAV, Kaspersky, etc
  [qr'^(EICAR|Joke\.|Junk\.)'i         => 0],
  [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i  => 0],
  [qr/.*/ => 1],  # true by default  (remove or comment-out if undesired)
);


$virus_admin = "root\@$mydomain";
$mailfrom_notify_admin     = "root\@$mydomain";
$mailfrom_notify_recip     = "root\@$mydomain";
$mailfrom_notify_spamadmin = "root\@$mydomain";
$mailfrom_to_quarantine = '';   # override sender address with null return path

$QUARANTINEDIR = '/var/spool/amavis/virusmails';
$virus_quarantine_to  = 'virus-quarantine';    # traditional local quarantine
$spam_quarantine_to = undef;
$X_HEADER_TAG = 'X-Virus-Scanned';	# (default: undef)
$X_HEADER_LINE = "by amavisd-new at $mydomain";
$undecipherable_subject_tag = '***UNCHECKED*** ';  # undef disables it

$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
$remove_existing_spam_headers  = 1;     # remove existing spam headers if
					# spam scanning is enabled (default)
$keep_decoded_original_re = new_RE(
# qr'^MAIL$',   # retain full original message for virus checking (can be slow)
  qr'^MAIL-UNDECIPHERABLE$',  # retain full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
# qr'^Zip archive data',
);


$banned_filename_re = new_RE(
#  qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components
   qr'\.[^.]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)$'i, # double extension
#  qr'.\.(exe|vbs|pif|scr|bat|cmd|com)$'i,           # banned extension - basic
#  qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
#         jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|
#         vbe|vbs|wsc|wsf|wsh)$'ix,                  # banned extension - long
#  qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab.
#  qr'^\.(zip|lha|tnef|cab)$'i,                      # banned file(1) types
   qr'^\.exe$'i,                                     # banned file(1) types
   qr'^application/x-msdownload$'i,                  # banned MIME types
   qr'^application/x-msdos-program$'i,
#  qr'^message/partial$'i, qr'^message/external-body$'i, # block rfc2046
);
$sql_select_white_black_list = undef;  # undef disables SQL white/blacklisting


$recipient_delimiter = '+';		# (default is '+')
$localpart_is_case_sensitive = 0;	# (default is false)

$blacklist_sender_re = new_RE(
    qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
    qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,
    qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
    qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
    qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
    qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
);

$whitelist_sender{''} = 1;  # don't spam-check MTA bounces

map { $whitelist_sender{lc($_)}=1 } (qw(
  nobody@cert.org
  owner-alert@iss.net
  slashdot@slashdot.org
  bugtraq@securityfocus.com
  NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
  security-alerts@linuxsecurity.com
  amavis-user-admin@lists.sourceforge.net
  notification-return@lists.sophos.com
  mailman-announce-admin@python.org
  owner-postfix-users@postfix.org
  owner-postfix-announce@postfix.org
  owner-sendmail-announce@Lists.Sendmail.ORG
  owner-technews@postel.ACM.ORG
  lvs-users-admin@LinuxVirtualServer.org
  ietf-123-owner@loki.ietf.org
  cvs-commits-list-admin@gnome.org
  rt-users-admin@lists.fsck.com
  clp-request@comp.nus.edu.sg
  surveys-errors@lists.nua.ie
  emailNews@genomeweb.com
  owner-textbreakingnews@CNNIMAIL12.CNN.COM
  yahoo-dev-null@yahoo-inc.com
  returns.groups.yahoo.com
));


$MAXLEVELS = 14;		# (default is undef, no limit)
$MAXFILES = 1500;		# (default is undef, no limit)
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)
$MIN_EXPANSION_FACTOR =   5;  # times original mail size  (must be specified)
$MAX_EXPANSION_FACTOR = 500;  # times original mail size  (must be specified)


$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file   = 'file';   # file(1) utility; use 3.41 or later to avoid vulnerability

$gzip   = 'gzip';
$bzip2  = 'bzip2';
$lzop   = 'lzop';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc        = ['nomarch', 'arc'];
$unarj      = ['arj', 'unarj'];  # both can extract, arj is recommended
$unrar      = ['rar', 'unrar'];  # both can extract, same options
$zoo    = 'zoo';
$lha    = 'lha';
$cpio   = ['gcpio','cpio']; # gcpio is a GNU cpio on OpenBSD, which supports
                            # the options needed; the rest of us use cpio


$sa_local_tests_only = 1;   # (default: false)
#$sa_auto_whitelist = 1;    # turn on AWL (default: false)

$sa_timeout = 30;           # timeout in seconds for a call to SpamAssassin
			    # (default is 30 seconds, undef disables it)
$sa_mail_body_size_limit = 150*1024; # don't waste time on SA if mail is larger
			    # (less than 1% of spam is > 64k)
			    # default: undef, no limitations

# default values, can be overridden by more specific lookups, e.g. SQL
$sa_tag_level_deflt  = 3.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 20.0; # triggers spam evasive actions
			    # at or above that level: bounce/reject/drop,
			    # quarantine, and adding mail address extension

$sa_dsn_cutoff_level = 10;  # spam level beyond which a DSN is not sent,
                            # effectively turning D_BOUNCE into D_DISCARD;
                            # undef disables this feature and is a default;

$sa_spam_subject_tag = '***SPAM*** ';	# (defaults to undef, disabled)

$sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true

@av_scanners = (

  ### http://www.hbedv.com/ or http://www.centralcommand.com/
  ['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
    ['antivir','vexira'],
    '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
    qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
         (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
    # NOTE: if you only have a demo version, remove -z and add 214, as in:
    #  '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,

);

#-------------
1;  # insure a defined return

cyrus.conf
Code:
START {
  # do not delete this entry!
  recover	cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled		cmd="idled"
}

SERVICES {
  # add or remove based on preferences
  imap		cmd="imapd" listen="imap" prefork=0
#  imaps		cmd="imapd -s" listen="imaps" prefork=0
  pop3		cmd="pop3d" listen="pop3" prefork=0
#  pop3s		cmd="pop3d -s" listen="pop3s" prefork=0
  sieve		cmd="timsieved" listen="sieve" prefork=0

  # at least one LMTP is required for delivery
  lmtpunix	cmd="lmtpd" listen="/var/spool/postfix/public/lmtp" prefork=1

}

EVENTS {
  # this is required
  checkpoint	cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="cyr_expire -E 3" at=0400

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="tls_prune" at=0400

}
Code:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
mydomain = wi-mi.del
myorigin = $myhostname

unknown_local_recipient_reject_code = 450
mynetworks = 192.168.2.0/24, 127.0.0.0/8
smtpd_banner = $myhostname ESMTP $mail_name
debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = main.wi-mi.del
program_directory = /usr/lib/postfix
inet_interfaces = all
#masquerade_domains = wi-mi.del
masquerade_domains = 
mydestination = wi-mi.del, $myhostname, localhost.$mydomain
defer_transports = 
disable_dns_lookups = no
relayhost = 
#content_filter = vscan:
content_filter = smtp-amavis:[127.0.0.1]:10024
mailbox_command = 
mailbox_transport = lmtp:unix:public/lmtp
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions = 
smtpd_helo_required = no
smtpd_helo_restrictions = 
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
smtp_sasl_security_options = 
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

master.
Code:
smtp      inet  n       -       y       -       2       smtpd 
        -o content_filter=smtp:[localhost]:10024
pickup    fifo  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      fifo  n       -       y       300     1       qmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       y       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
localhost:10025 inet	n	-	y	-	-	smtpd 
         -o content_filter=
	 -o local_recipient_maps=
	 -o relay_recipient_maps=
	 -o smtpd_restriction_classes=
	 -o smtpd_client_restrictions=
	 -o smtpd_helo_restrictions=
	 -o smtpd_sender_restrictions=
	 -o smtpd_recipient_restrictions=permit_mynetworks,reject
	 -o mynetworks=127.0.0.0/8
	 -o strict_rfc821_envelopes=yes
	 -o smtpd_error_sleep_time=0
	 -o smtpd_soft_error_limit=1001
	 -o smtpd_hard_error_limit=1000
smtp-amavis unix -      -       y       -       2       smtp
         -o smtp_data_done_timeout=1200
	 -o smtp_send_xforward_command=yes
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus	  unix	-	n	n	-	-	pipe
  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp	  unix	-	n	n	-	-	pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
vscan     unix  -       n       n       -       10       pipe
  user=vscan argv=/usr/sbin/amavis ${sender} ${recipient}
procmail  unix  -       n       n       -       -       pipe
  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}

postconf -n, wenn N etz an ist (Dial on Demand)
Code:
alias_maps = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports = 
disable_dns_lookups = no
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = 
mailbox_size_limit = 0
mailbox_transport = lmtp:unix:public/lmtp
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = 
masquerade_exceptions = root
message_size_limit = 10240000
mydestination = wi-mi.del, $myhostname, localhost.$mydomain
mydomain = wi-mi.del
myhostname = main.wi-mi.del
mynetworks = 192.168.2.0/24, 127.0.0.0/8
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relayhost = 
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = 
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = 
smtpd_helo_required = no
smtpd_helo_restrictions = 
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450
Postconf -n, wenn Netz aus ist
Code:
alias_maps = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports = smtp
disable_dns_lookups = yes
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = 
mailbox_size_limit = 0
mailbox_transport = lmtp:unix:public/lmtp
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = 
masquerade_exceptions = root
message_size_limit = 10240000
mydestination = wi-mi.del, $myhostname, localhost.$mydomain
mydomain = wi-mi.del
myhostname = main.wi-mi.del
mynetworks = 192.168.2.0/24, 127.0.0.0/8
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relayhost = 
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = 
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = 
smtpd_helo_required = no
smtpd_helo_restrictions = 
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450
 

oc2pus

Ultimate Guru
gib mal die exakte Fehlermeldung aus für den oben beschriebenen Vorgang
tail -f /var/log/messages
und
tail -f /var/log/mail

ls -al /var/spool/postfix/public/
hier die rechte von lmtp kontrollieren (sollte sein srwxrwxrwx)
 

dermichel

Advanced Hacker
bei "netstat -lntp" duerfte kein port 10025 bei localhost erscheinen mit deiner master.cf, denn

localhost:10025 inet n - y - - smtpd -o content_filter=

ist FALSCH! es laeuft keine instanz von postfix weil dort ein "-" steht!

richtig:

localhost:10025 inet n - y - 1 smtpd -o content_filter=



du kannst das auch mit "telnet localhost 10025" ausprobieren...
statt der "1" kannst du auch mehr instanzen laufen lassen - je nach auslastung deines servers!
 
OP
C

carsten

Guru
Hy Michel,

das wär ne Idee, die ich mal probiere (heut abend oder morgen abend).

In den Logs steht nix übles, bis auf die Tatsache, daß ein smtp/tcp-Port fehlt, was ja zum Michel passen würde.

Ich meld mich.

Grüße und danke erstmal
 
OP
C

carsten

Guru
Danke, das wars *uff*

Manchmal sieht man den Wald vor lauter Bäumen nicht.

Grüße
Carsten
 
Status
Für weitere Antworten geschlossen.
Oben