• Willkommen im Linux Club - dem deutschsprachigen Supportforum für GNU/Linux. Registriere dich kostenlos, um alle Inhalte zu sehen und Fragen zu stellen.

[geloest] Postfix Probs

Status
Für weitere Antworten geschlossen.

nubis

Newbie
Hallo,

bekomme seit Tagen in Minutentakt folgende Eintraege im mail log:

Sep 18 12:10:39 server01 postfix/qmgr[8523]: warning: connect to transport smtp-amavis: Connection refused
Sep 18 12:10:39 server01 postfix/qmgr[8523]: warning: connect to transport spamassassin: Connection refused

Wie kann ich das abstellen?

Gruss Frabko
 
OP
N

nubis

Newbie
Naja aber dann funktioniert ja mein Mailserver nicht mehr...

Woran koennte es sonst noch liegen?
 

dermichel

Advanced Hacker
was hat sich geaendert? update gemacht? einstellungen veraendert?

erzaehl ein wenig was....
sende eine mail und poste das mail-log....


es ist sonntag und die kristalkugel ist erst morgen wieder in betrieb :)
 
OP
N

nubis

Newbie
so hatte versucht Spamassissin zu konfigurieren, welches aber nicht klappte und dann habe ich meine bak-configs zurueckgeschrieben. Danach trat das Prob auf...

naja hier mal ein bissel aus dem mail Log:

Sep 18 00:03:15 server01 postfix/smtpd[10361]: connect from localhost[127.0.0.1]
Sep 18 00:03:15 server01 postfix/smtpd[10361]: 8E5AD32DB3: client=localhost[127.0.0.1]
Sep 18 00:03:15 server01 postfix/cleanup[10364]: 8E5AD32DB3: message-id=<1486.192.168.13.1.1126994595.squirrel@localhost>
Sep 18 00:03:15 server01 postfix/smtpd[10361]: disconnect from localhost[127.0.0.1]
Sep 18 00:03:15 server01 postfix/qmgr[8523]: 8E5AD32DB3: from=<nubis@directbox.com>, size=1537, nrcpt=1 (queue active)
Sep 18 00:03:20 server01 postfix/smtpd[10373]: connect from localhost[127.0.0.1]
Sep 18 00:03:20 server01 postfix/smtpd[10373]: EFCF932DAF: client=localhost[127.0.0.1]
Sep 18 00:03:21 server01 postfix/cleanup[10364]: EFCF932DAF: message-id=<1486.192.168.13.1.1126994595.squirrel@localhost>
Sep 18 00:03:21 server01 postfix/smtpd[10373]: disconnect from localhost[127.0.0.1]

Und noch ein Stueck:

Sep 18 12:49:56 server01 postfix/smtpd[13540]: connect from localhost[127.0.0.1]
Sep 18 12:49:56 server01 postfix/smtpd[13540]: 28CB432DC7: client=localhost[127.0.0.1]
Sep 18 12:49:56 server01 postfix/cleanup[13543]: 28CB432DC7: message-id=<002d01c5bc3e$15a29d20$1530e195@ckpc>
Sep 18 12:49:56 server01 postfix/qmgr[8523]: 28CB432DC7: from=<xxxx@cityweb.de>, size=7574, nrcpt=1 (queue active)
Sep 18 12:49:56 server01 postfix/smtpd[13540]: disconnect from localhost[127.0.0.1]
Sep 18 12:50:04 server01 postfix/smtpd[13558]: connect from localhost[127.0.0.1]
Sep 18 12:50:04 server01 postfix/smtpd[13558]: 3B1A835C40: client=localhost[127.0.0.1]
Sep 18 12:50:04 server01 postfix/cleanup[13543]: 3B1A835C40: message-id=<002d01c5bc3e$15a29d20$1530e195@ckpc>
Sep 18 12:50:04 server01 postfix/qmgr[8523]: 3B1A835C40: from=<xxxx@cityweb.de>, size=8010, nrcpt=1 (queue active)
Sep 18 12:50:04 server01 postfix/smtpd[13558]: disconnect from localhost[127.0.0.1]
Sep 18 12:50:04 server01 amavis[4642]: (04642-09) Passed CLEAN, [149.225.48.21] <xxxx@cityweb.de> -> <nubis@localhost.server01.hell>, Message-ID: <002d01c5bc3e$15a29d20$1530e195@ckpc>, Hits: 0
Sep 18 12:50:04 server01 postfix/smtp[13544]: 28CB432DC7: to=<nubis@localhost.server01.hell>, orig_to=<nubis@localhost>, relay=127.0.0.1[127.0.0.1], delay=8, status=sent (250 2.6.0 Ok, id=04642-09, from MTA: 250 Ok: queued as 3B1A835C40)
Sep 18 12:50:04 server01 postfix/qmgr[8523]: 28CB432DC7: removed
Sep 18 12:50:05 server01 postfix/lmtp[13560]: 3B1A835C40: to=<nubis@localhost.server01.hell>, relay=/var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp], delay=1, status=sent (250 2.1.5 Ok)
Sep 18 12:50:05 server01 postfix/qmgr[8523]: 3B1A835C40: removed

Wenn ich noch configs posten muss sag mir mal welche :)...

Danke schon mal im vorraus, Franko
 
OP
N

nubis

Newbie
master.cf:

smtp inet n - n - 2 smtpd -o content_filter=smtp:[127.0.0.1]:10024
#smtps inet n - n - 2 smtpd -o smtpd_tls_wrappermode=yes -o content_filter=smtp:[127.0.0.1]:10024
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_etrn_restrictions=reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
localhost:10025 inet n - n - - smtpd -o content_filter=
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}


main.cf:


queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

unknown_local_recipient_reject_code = 550

debug_peer_level = 2

debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5


sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = maildrop

html_directory = /usr/share/doc/packages/postfix/html

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/packages/postfix/samples

readme_directory = /usr/share/doc/packages/postfix/README_FILES
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = server01.hell
program_directory = /usr/lib/postfix
inet_interfaces = all
masquerade_domains =
mydestination = $myhostname,localhost.$mydomain,$mydomain
defer_transports =
disable_dns_lookups = no
relayhost = smtp.ish.de
mailbox_command =
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client relays.ordb.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 
OP
N

nubis

Newbie
und noch die amavisd.config:

use strict;

# a minimalistic configuration file for amavisd-new with all necessary settings
#
# (see amavisd.conf-default for a list of all variables with their defaults)
# (see amavisd.conf-sample for a traditional-style commented file)


# COMMONLY ADJUSTED SETTINGS:

# @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code
# @bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code

$max_servers = 2; # number of pre-forked children (2..15 is common)
$daemon_user = 'vscan';
$daemon_group = 'vscan';

$mydomain = 'hell';

$MYHOME = '/var/spool/amavis';
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = '/var/spool/amavis/virusmails';

# $daemon_chroot_dir = $MYHOME; # chroot directory or undef

# $db_home = "$MYHOME/db";
# $helpers_home = "$MYHOME/var"; # prefer $MYHOME clean and owned by root?
# $pid_file = "$MYHOME/var/amavisd.pid";
# $lock_file = "$MYHOME/var/amavisd.lock";
#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually

@local_domains_maps = ( [".$mydomain"] );
# @mynetworks = qw( 127.0.0.0/8 ::1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );

$log_level = 0; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';

$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter

$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent

$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant
# for SA 3.0, cf option is 'use_auto_whitelist')

# @lookup_sql_dsn =
# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'],
# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'] );

$virus_admin = "virusalert\@$mydomain"; # notifications recip.

$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh');

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use recent versions
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj'];
$unrar = ['rar', 'unrar'];
$zoo = 'zoo';
$lha = 'lha';
$cpio = ['gcpio','cpio'];
$dspam = 'dspam';

$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)

$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name


# OTHER MORE COMMON SETTINGS (defaults may suffice):

# $myhostname = 'host.example.com'; # must be a fully-qualified domain name!

# $notify_method = 'smtp:[127.0.0.1]:10025';
# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!

# $final_virus_destiny = D_DISCARD;
# $final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_PASS;
# $final_bad_header_destiny = D_PASS;


# SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all)

# $warnbadhsender,
# $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @warn*recip_maps)
#
# @bypass_virus_checks_maps, @bypass_spam_checks_maps,
# @bypass_banned_checks_maps, @bypass_header_checks_maps,
#
# @virus_lovers_maps, @spam_lovers_maps,
# @banned_files_lovers_maps, @bad_header_lovers_maps,
#
# @blacklist_sender_maps, @score_sender_maps,
#
# $virus_quarantine_to, $banned_quarantine_to,
# $bad_header_quarantine_to, $spam_quarantine_to,
#
# $defang_bad_header, $defang_undecipherable, $defang_spam


# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS

@viruses_that_fake_sender_maps = (new_RE(
[qr'\bEICAR\b'i => 0], # av test pattern name
[qr'^(WM97|OF97|Joke\.)'i => 0], # adjust names to match your AV scanner
[qr/.*/ => 1], # true for everything else
));

@keep_decoded_original_maps = (new_RE(
# qr'^MAIL$', # retain full original message for virus checking (can be slow)
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));


# for $banned_namepath_re, a new-style of banned table, see amavisd.conf-sample

$banned_filename_re = new_RE(
# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components

# block certain double extensions anywhere in the base name
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)\.?$'i,

# qr'[{}]', # curly braces in names (serve as Class ID extensions - CLSID)

qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,

# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types

# [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any type in Unix-compressed
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any type in Unix archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any type within such archives

qr'.\.(exe|vbs|pif|scr|bat|cmd|com)$'i, # banned extension - basic
# qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
# jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shb|shs|vb|
# vbe|vbs|wsc|wsf|wsh|
# app|fxp|prg|mdw|mdt|ops)$'ix, # banned extension - long

# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab.

qr'^\.(exe-ms)$', # banned file(1) types
# qr'^\.(exe|lha|tnef|cab)$', # banned file(1) types
);
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm


# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING

@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are summed

# ## per-recipient personal tables (NOTE: positive: black, negative: white)
# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}],
# 'user3@example.com' => [{'.ebay.com' => -3.0}],
# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0,
# '.cleargreen.com' => -5.0}],

## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost

new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),

{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'cert-advisory@us-cert.gov' => -3.0,
'owner-alert@iss.net' => -3.0,
'slashdot@slashdot.org' => -3.0,
'bugtraq@securityfocus.com' => -3.0,
'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
'security-alerts@linuxsecurity.com' => -3.0,
'mailman-announce-admin@python.org' => -3.0,
'amavis-user-admin@lists.sourceforge.net'=> -3.0,
'notification-return@lists.sophos.com' => -3.0,
'owner-postfix-users@postfix.org' => -3.0,
'owner-postfix-announce@postfix.org' => -3.0,
'owner-sendmail-announce@lists.sendmail.org' => -3.0,
'sendmail-announce-request@lists.sendmail.org' => -3.0,
'donotreply@sendmail.org' => -3.0,
'ca+envelope@sendmail.org' => -3.0,
'noreply@freshmeat.net' => -3.0,
'owner-technews@postel.acm.org' => -3.0,
'ietf-123-owner@loki.ietf.org' => -3.0,
'cvs-commits-list-admin@gnome.org' => -3.0,
'rt-users-admin@lists.fsck.com' => -3.0,
'clp-request@comp.nus.edu.sg' => -3.0,
'surveys-errors@lists.nua.ie' => -3.0,
'emailnews@genomeweb.com' => -5.0,
'yahoo-dev-null@yahoo-inc.com' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'clusternews@linuxnetworx.com' => -3.0,
lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0,
lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,

# soft-blacklisting (positive score)
'.jaxx.de' => 5.0,
'.nulltarif.de' => 5.0,
'.haburi.com' => 5.0,
'.news.messagizer.de' => 5.0,

},
], # end of site-wide tables
});


@av_scanners = (
### http://www.f-prot.com/ - backs up F-Prot Daemon
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
'-dumb -archive -packed {}', [0,8], [3,6],
qr/Infection: (.+)/ ],

);


@av_scanners_backup = (

### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

### http://www.f-prot.com/ - backs up F-Prot Daemon
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
'-dumb -archive -packed {}', [0,8], [3,6],
qr/Infection: (.+)/ ],
# # other options to consider: -mime -oe -idedir=/usr/local/sav

# always succeeds (uncomment to consider mail clean if all other scanners fail)
# ['always-clean', sub {0}],

);


1; # insure a defined return
 
OP
N

nubis

Newbie
So soweit gut... Die Warnings sind nun nicht mehr da :)

Aber jetzt ist ein neues Prob aufgetreten. Ich habe wie Du in Deinen Artikel beschrieben hast versucht eine Spam Mail zuschicken. mit folgenden Resultat:

- schicke ich sie von root an einen Benutzer bekommt der Benutzer KEINE eMail, wird geloescht

- schicke ich die Spam email ueber einen anderen eMail Account aus dem Inet bekomme ich folgende eMail zugestellt:

This is the Postfix program at host server01.hell.

I'm sorry to have to inform you that your message could not be
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The Postfix program

<nubis@localhost.server01.hell> (expanded from <nubis@localhost>): host
127.0.0.1[127.0.0.1] said: 550 5.1.0
<nubis+spam@localhost.server01.hell>: Recipient address rejected: User
unknown in local recipient table (in reply to end of DATA command)

Was habe ich denn nun falsch konfiguriert?
 
OP
N

nubis

Newbie
Problem geloest...


Habe in der main.cf nicht das Flag:

recipient_delimiter = +

gesetzt...

Danke an allen die mir geholfen haben...
 
Status
Für weitere Antworten geschlossen.
Oben