PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Postfix-Konfiguration



mike175de
14.06.07, 08:53
Hallo,

bitte seit nachsichtig mit mir - bin noch ein Linux-Newbie und vielleicht stelle ich eine Frage, die ganz einfach zu beantworten wäre ;)
Aber ich bekomm es einfach nicht hin und habe auch nicht die entsprechenden Antworten in anderen Threads gefunden.

Zu meinem Problem:

Ich habe lokal zuhause einen Mailserver am laufen, der nach versch. Open Relay-Test bei bestimmten Testmethoden als eben solcher Open-Relay-Server einzuordnen ist, aber nur bei bestimmten Test-Methoden, siehe hier:


RELAY Test for
220 smtp.passthru
HELO trusontechnologies.com
250 smtp.passthru

Relay test 1
MAIL FROM:(nobody@trusontechnologies.com)
250 2.1.0 Ok
RCPT TO:(nobody@trusontechnologies.com)
250 2.1.5 Ok (Failed Test)
RSET
250 2.0.0 Ok

Relay test 2
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(nobody@trusontechnologies.com@trusontechnologi es.com)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 3
MAIL FROM:()
250 2.1.0 Ok
RCPT TO:(nobody@trusontechnologies.com)
250 2.1.5 Ok (Failed Test)
RSET
250 2.0.0 Ok

Relay test 4
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(nobody%trusontechnologies.com@84.149.83.176)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 5
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(nobody%trusontechnologies.com@84.149.83.176)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 6
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:("nobody@trusontechnologies.com")
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 7
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:("nobody%trusontechnologies.com")
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 8
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(nobody@trusontechnologies.com@84.149.83.176)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 9
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:("nobody@trusontechnologies.com"@84.149.83.176)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 10
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(nobody@trusontechnologies.com@84.149.83.176)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 11
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(@84.149.83.176:nobody@trusontechnologies.com)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
250 2.0.0 Ok

Relay test 12
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
501 5.1.7 Bad sender address syntax
RCPT TO:(84.149.83.176:nobody@trusontechnologies.com)
503 5.5.1 Error: need MAIL command (Passed Test)
RSET
421 4.7.0 melkkuh.kicks-ass.net Error: too many errors

Relay test 13
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
451 Local Error
RCPT TO:(trusontechnologies.com!nobody)
(Passed Test)
RSET

Relay test 14
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
RCPT TO:(trusontechnologies.com!nobody@84.149.83.176)
(Passed Test)
RSET

Relay test 15
MAIL FROM:(nobody@trusontechnologies.com@84.149.83.176)
RCPT TO:(!nobody@trusontechnologies.com@84.149.83.176)
(Passed Test)
RSET

Wie muss ich meinen Mail-Server einrichten, dass er komplett dicht ist.

Über Unterstützung wäre ich sehr dankbar. Anbei noch die Config-datei:


# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = Ubuntu-Server.Cartoonland, localhost.Cartoonland, , localhost
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
pwcheck_method = saslauthd
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names
myhostname = *****.kicks-ass.net
smtpd_helo_required = yes
smtpd_sender_restrictions = permit_mynetworks,reject_unknown_client,reject_inv alid_hostname,reject_unknown_hostname,reject_unkno wn_sender_domain
default_destination_recipient_limit = 5
default_destination_concurrency_limit = 5
smtpd_helo_restrictions = reject_invalid_hostname,reject_unknown_hostname,re ject_unknown_client,permit_mynetworks


Schon vorab vielen Dank.

mike175de

Roger Wilco
14.06.07, 14:22
http://www.postfix.org/SASL_README.html#server_sasl

mike175de
14.06.07, 14:38
@Roger Wilco:
Vielen Dank für Deinen Link, aber meine mail.cf beinhaltet doch genau diese aufgeführten Einstellungen. Von dem her müsste der Server eigentlich dicht sein.
Was er aber leider nicht ist.

Kannst Du mir vielleicht genauere Infos geben? Oder jemand anders.

Besten Dank.

mike175de