PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Probleme mit Postfix als AntiSpamRelay


andrew-the-webb
31.01.06, 13:58
Hallo Leute,

ich habe Suse 9.3 (inkl. Updates) und hier folgende SW installiert:
Postfix
AmavisDnew
Clamav
dspam

Es soll folgendes erreicht werden:

Mails werden abgeholt bzw. per SMTP an den LinuxPC geliefert.
Dort gehts folgendermassen weiter:

Virusfreie Mail - Postfix SMTP - smtp-amavis localhost:10024 - dspam localhost:10025 - postfix queue - MDA (in diesem Fall Exchange)

Mail mit Virus - Postfix SMTP - smtp-amavis localhost:10024 - localhost:10026 -- Mail in Quarantäneodrner verschieben - Mail an Virusadmin schicken, dass Mail in Quarantäne

Meine postconf -n:


alias_maps = hash:/etc/aliases
biff = no
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 10240000
mydestination = $myhostname, localhost.$mydomain, 192.168.10.115
myhostname = mailsrv.local
mynetworks = 127.0.0.0/8, 192.168.10.0/24
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relayhost = delphi.rif.local
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_use_tls = no
smtpd_banner = ESMTP MS Exchange 2000
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_rfc821_envelopes = no
transport_maps = regexp:/etc/postfix/transport_regexp, hash:/etc/postfix/transport.domain
unknown_local_recipient_reject_code = 550

Meine Master.cf



# amavisd-new + clamav : virus checker
# dspam : spam checker

smtp inet n - n - - smtpd -v -v
-o content_filter=smtp-amavis:[127.0.0.1]:10024

proxymap unix - - n - - proxymap

smtp-amavis unix - - n - 2 lmtp -v -v
-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - n - - smtpd -v -v
-o cleanup_service_name=pre-cleanup
-o content_filter=dspam
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000

127.0.0.1:10026 inet n - n - - smtpd -v -v
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000



dspam unix - n n - 10 pipe -v -v
flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --deliver=innocent,spam --feature=chained,noise -i -f ${sender} -- %u --user ${recipient}


cleanup unix n - n - 0 cleanup
-o header_checks=
-o mime_header_checks=
-o nested_header_checks=
-o body_checks=

pre-cleanup unix n - n - 0 cleanup
-o canonical_maps=
-o sender_canonical_maps=
-o recipient_canonical_maps=
-o masquerade_domains=
-o virtual_alias_maps=
-o always_bcc=
-o sender_bcc_maps=
-o recipient_bcc_maps=

local unix - n n - - local
-o content_filter=
-o myhostname=localhost
-o local_recipient_maps=
-o relay_recipient_maps=
-o mynetworks=127.0.0.0/8
-o mynetworks_style=host
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect

dspam-add unix - n n - - pipe
--addspam
flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user ${user}@${nexthop} --class=spam --source=error

dspam-del unix - n n - - pipe
--falsepositive
flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user ${user}@${nexthop} --class=innocent --source=error


Mein netstat -a


Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:dnp *:* LISTEN
tcp 0 0 localhost:10024 *:* LISTEN
tcp 0 0 localhost:10025 *:* LISTEN
tcp 0 0 localhost:10026 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:ndmp *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:www-http *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 pc001:ssh pc001.rif.loca:udpradio ESTABLISHED
tcp 0 0 minint-qint1l:ssh pc001.rif.loca:ardusuni ESTABLISHED
udp 0 0 *:ndmp *:*
udp 0 0 *:dnp *:*
udp 0 0 *:bootpc *:*
udp 0 0 *:sunrpc *:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 16975 /var/run/powersave_clientsocket
unix 2 [ ACC ] STREAM LISTENING 16130 /var/lib/clamav/clamd-socket
unix 2 [ ACC ] STREAM LISTENING 16950 public/pre-cleanup
unix 2 [ ACC ] STREAM LISTENING 16958 private/dspam-add
unix 2 [ ACC ] STREAM LISTENING 15622 /var/run/.resmgr_socket
unix 2 [ ACC ] STREAM LISTENING 16581 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 16962 private/dspam-del
unix 2 [ ACC ] STREAM LISTENING 16183 /var/run/nscd/socket
unix 2 [ ACC ] STREAM LISTENING 16233 /var/lib/mysql/mysql.sock
unix 9 [ ] DGRAM 9051 /dev/log
unix 2 [ ACC ] STREAM LISTENING 17185 /var/spool/amavis/amavisd.sock
unix 2 [ ] DGRAM 17214 @/var/run/hal/hotplug_socket
unix 2 [ ] DGRAM 5747 @udevd
unix 2 [ ACC ] STREAM LISTENING 9077 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 16946 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 16926 private/proxymap
unix 2 [ ACC ] STREAM LISTENING 16954 private/local
unix 2 [ ACC ] STREAM LISTENING 16930 private/smtp-amavis
unix 2 [ ACC ] STREAM LISTENING 16942 private/dspam
unix 2 [ ACC ] STREAM LISTENING 16971 /var/run/powersave_socket
unix 3 [ ] STREAM CONNECTED 20326
unix 3 [ ] STREAM CONNECTED 20325
unix 3 [ ] STREAM CONNECTED 20324
unix 3 [ ] STREAM CONNECTED 20323
unix 3 [ ] STREAM CONNECTED 20280
unix 3 [ ] STREAM CONNECTED 20279
unix 3 [ ] STREAM CONNECTED 20278
unix 3 [ ] STREAM CONNECTED 20277
unix 2 [ ] STREAM CONNECTED 20134
unix 2 [ ] STREAM CONNECTED 20132
unix 2 [ ] DGRAM 17378
unix 3 [ ] STREAM CONNECTED 17213 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 17212
unix 2 [ ] DGRAM 17162
unix 2 [ ] DGRAM 16984
unix 3 [ ] STREAM CONNECTED 16974 /var/run/acpid.socket
unix 3 [ ] STREAM CONNECTED 16973
unix 3 [ ] STREAM CONNECTED 16965
unix 3 [ ] STREAM CONNECTED 16964
unix 3 [ ] STREAM CONNECTED 16961
unix 3 [ ] STREAM CONNECTED 16960
unix 3 [ ] STREAM CONNECTED 16957
unix 3 [ ] STREAM CONNECTED 16956
unix 3 [ ] STREAM CONNECTED 16953
unix 3 [ ] STREAM CONNECTED 16952
unix 3 [ ] STREAM CONNECTED 16949
unix 3 [ ] STREAM CONNECTED 16948
unix 3 [ ] STREAM CONNECTED 16945
unix 3 [ ] STREAM CONNECTED 16944
unix 3 [ ] STREAM CONNECTED 16941
unix 3 [ ] STREAM CONNECTED 16940
unix 3 [ ] STREAM CONNECTED 16937
unix 3 [ ] STREAM CONNECTED 16936
unix 3 [ ] STREAM CONNECTED 16933
unix 3 [ ] STREAM CONNECTED 16932
unix 3 [ ] STREAM CONNECTED 16929
unix 3 [ ] STREAM CONNECTED 16928
unix 3 [ ] STREAM CONNECTED 16925
unix 3 [ ] STREAM CONNECTED 16924
unix 2 [ ] DGRAM 16850
unix 2 [ ] DGRAM 15954
unix 2 [ ] DGRAM 15928
unix 2 [ ] DGRAM 11279
unix 3 [ ] STREAM CONNECTED 9080
unix 3 [ ] STREAM CONNECTED 9079

(Bin gerade per SSH auf Rechner)

Hier das das voller Spannung erwartete Problem:

Ich sende eine Mail von einem Rechner an den LinuxMailgateway, hier die Ausgabe von mail.info:



Jan 31 14:34:41 linux clamd[4976]: Daemon started.
Jan 31 14:34:41 linux clamd[4976]: clamd daemon 0.88 (OS: linux-gnu, ARCH: i386, CPU: i686)
Jan 31 14:34:41 linux clamd[4976]: Log file size limited to 2097152 bytes.
Jan 31 14:34:41 linux clamd[4976]: Running as user vscan (UID 65, GID 102)
Jan 31 14:34:41 linux clamd[4976]: Reading databases from /var/lib/clamav
Jan 31 14:34:41 linux freshclam[4979]: Daemon started.
Jan 31 14:34:41 linux freshclam[5041]: freshclam daemon 0.88 (OS: linux-gnu, ARCH: i386, CPU: i686)
Jan 31 14:34:41 linux freshclam[5041]: ClamAV update process started at Tue Jan 31 14:34:41 2006
Jan 31 14:34:42 linux freshclam[5041]: main.cvd is up to date (version: 35, sigs: 41649, f-level: 6, builder: tkojm)
Jan 31 14:34:42 linux freshclam[5041]: daily.cvd is up to date (version: 1262, sigs: 2229, f-level: 7, builder: diego)
Jan 31 14:34:42 linux freshclam[5041]: --------------------------------------
Jan 31 14:34:42 linux clamd[4976]: Protecting against 43878 viruses.
Jan 31 14:34:42 linux clamd[4976]: Unix socket file /var/lib/clamav/clamd-socket
Jan 31 14:34:42 linux clamd[4976]: Setting connection queue length to 15
Jan 31 14:34:42 linux clamd[4976]: Archive: Compression ratio limit set to 250.
Jan 31 14:34:42 linux clamd[4976]: Archive support enabled.
Jan 31 14:34:42 linux clamd[4976]: Archive: RAR support disabled.
Jan 31 14:34:42 linux clamd[4976]: Portable Executable support enabled.
Jan 31 14:34:42 linux clamd[4976]: Detection of broken executables enabled.
Jan 31 14:34:42 linux clamd[4976]: Mail files support enabled.
Jan 31 14:34:42 linux clamd[4976]: OLE2 support enabled.
Jan 31 14:34:42 linux clamd[4976]: HTML support enabled.
Jan 31 14:34:42 linux clamd[4976]: Self checking every 600 seconds.
Jan 31 14:34:49 linux postfix/postfix-script: starting the Postfix mail system
Jan 31 14:34:49 linux postfix/master[5293]: daemon started -- version 2.2.1, configuration /etc/postfix
Jan 31 14:34:52 linux amavis[5062]: user=, EUID: 0 (0); group=, EGID: 0 (0)
Jan 31 14:34:52 linux amavis[5062]: INFO: no optional modules: Sys::Hostname::Long Mail::SPF::Query Razor2::Client Net::CIDR::Lite
Jan 31 14:34:52 linux amavis[5386]: Net::Server: Process Backgrounded
Jan 31 14:34:52 linux amavis[5386]: Net::Server: 2006/01/31-14:34:52 Amavis (type Net::Server::PreForkSimple) starting! pid(5386)
Jan 31 14:34:53 linux amavis[5386]: Net::Server: Binding to UNIX socket file /var/spool/amavis/amavisd.sock using SOCK_STREAM
Jan 31 14:34:53 linux amavis[5386]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Jan 31 14:34:53 linux amavis[5386]: Net::Server: Setting gid to "102 102"
Jan 31 14:34:53 linux amavis[5386]: Net::Server: Setting uid to "65"
Jan 31 14:34:53 linux amavis[5386]: SpamControl: initializing Mail::SpamAssassin
Jan 31 14:34:55 linux amavis[5386]: SpamControl: done
Jan 31 14:34:55 linux amavis[5413]: TIMING [total 107 ms] - bdb-open: 107 (100%), rundown: 0 (0%)
Jan 31 14:34:55 linux amavis[5414]: TIMING [total 17 ms] - bdb-open: 17 (100%), rundown: 0 (0%)
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_update: content_filter = smtp-amavis:[127.0.0.1]:10024
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_lookup: syslog_facility = (notfound)
Jan 31 14:36:02 linux postfix/smtpd[5636]: mac_parse: mail
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_eval: const mail
....
---------schnipp---------
.....
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_open: hash:/etc/postfix/virtual
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_register: hash:/etc/postfix/virtual(0,100) 1
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? debug_peer_list
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? fast_flush_domains
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? mynetworks
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? permit_mx_backup_networks
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? relay_domains
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: smtpd_access_maps ~? smtpd_access_maps
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_open: hash:/etc/postfix/access
Jan 31 14:36:02 linux postfix/smtpd[5636]: dict_register: hash:/etc/postfix/access 1
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: fast_flush_domains ~? debug_peer_list
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_string: fast_flush_domains ~? fast_flush_domains
Jan 31 14:36:02 linux postfix/smtpd[5636]: chroot (none) user postfix
Jan 31 14:36:02 linux postfix/smtpd[5636]: attr_clnt_create: transport=local endpoint=private/anvil
Jan 31 14:36:02 linux postfix/smtpd[5636]: watchdog_create: 0x80a9760 18000
Jan 31 14:36:02 linux postfix/smtpd[5636]: watchdog_stop: 0x80a9760
Jan 31 14:36:02 linux postfix/smtpd[5636]: watchdog_start: 0x80a9760
Jan 31 14:36:02 linux postfix/smtpd[5636]: connection established
Jan 31 14:36:02 linux postfix/smtpd[5636]: master_notify: status 0
Jan 31 14:36:02 linux postfix/smtpd[5636]: name_mask: resource
Jan 31 14:36:02 linux postfix/smtpd[5636]: name_mask: software
Jan 31 14:36:02 linux postfix/smtpd[5636]: connect from pc001.rif.local[192.168.10.50]
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_list_match: pc001.rif.local: no match
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_list_match: 192.168.10.50: no match
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_list_match: pc001.rif.local: no match
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_list_match: 192.168.10.50: no match
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_hostname: pc001.rif.local ~? 127.0.0.0/8
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_hostaddr: 192.168.10.50 ~? 127.0.0.0/8
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_hostname: pc001.rif.local ~? 192.168.10.0/24
Jan 31 14:36:02 linux postfix/smtpd[5636]: match_hostaddr: 192.168.10.50 ~? 192.168.10.0/24
Jan 31 14:36:02 linux postfix/smtpd[5636]: > pc001.rif.local[192.168.10.50]: 220 ESMTP MS Exchange 2000
Jan 31 14:36:02 linux postfix/smtpd[5636]: watchdog_pat: 0x80a9760
Jan 31 14:36:02 linux postfix/smtpd[5636]: < pc001.rif.local[192.168.10.50]: HELO pc001
Jan 31 14:36:02 linux postfix/smtpd[5636]: > pc001.rif.local[192.168.10.50]: 250 mailsrv.local
Jan 31 14:36:02 linux postfix/smtpd[5636]: watchdog_pat: 0x80a9760
Jan 31 14:36:02 linux postfix/smtpd[5636]: < pc001.rif.local[192.168.10.50]: RSET
Jan 31 14:36:02 linux postfix/smtpd[5636]: > pc001.rif.local[192.168.10.50]: 250 Ok
Jan 31 14:36:02 linux postfix/smtpd[5636]: watchdog_pat: 0x80a9760
Jan 31 14:36:02 linux postfix/smtpd[5636]: < pc001.rif.local[192.168.10.50]: MAIL FROM: <mailadresse@LABBER.de>
Jan 31 14:36:02 linux postfix/smtpd[5636]: extract_addr: input: <mailadresse@LABBER.de>
Jan 31 14:36:02 linux postfix/smtpd[5636]: smtpd_check_addr: addr=mailadresse@LABBER.de
Jan 31 14:36:02 linux postfix/smtpd[5636]: connect to subsystem private/rewrite: Connection refused
Jan 31 14:36:12 linux postfix/smtpd[5636]: connect to subsystem private/rewrite: Connection refused
Jan 31 14:36:22 linux postfix/smtpd[5636]: connect to subsystem private/rewrite: Connection refused


Also (lt. meiner Meinung) kann der Postfix die Mails nicht an amavis zur Überprüfung weiterleiten.

Lt. netstat laufen auf den Ports bzw. Sockets aber die Dienste.

Verbinden per Telnet auf 25/10024/10025/10026 geht auch (127.0.0.1)
Auch auf Port 25 vom entfernten Rechner geht.

Wo kann ich ansetzen bzw. dem Postfix beibringen, mir mehr Informationen als die letzten 3 Zeilen zu geben?

Vielen lieben Dank für Eure Hilfe.

André
MiGo
31.01.06, 21:48
Stell mal bei amavis ein eigenes Logfile ein (/etc/amavisd.conf)
# Log file (if not using syslog)
$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
und den Loglevel hoch:
$log_level = 3; # (defaults to 0)

Das sollte die Fehlersuche vereinfachen ;)