ScHrAnZ DiNgEnS
23.07.08, 11:58
Hallo, leider weiss ich bei meinem Mailserver nicht mehr weiter, und ich hoffe jemand kann mir dabei auf die Sprünge helfen oder mir eventuell zeigen was ich übersehen hab.
Systhem: Linux Debian 4.0 64 Bit (Etch)
Pakete zum Mailserver:
-Cyrus SASL
-Postfix
-Cyrus
-Postgrey
-ClamAV
-SpamAssassin
Webfrontend: WebCyradm & squirrelmail
Mail.log:
Jul 23 12:10:22 promillestube postfix/pickup[2877]: 32DC854F03: uid=0 from=<root>
Jul 23 12:10:22 promillestube postfix/cleanup[3453]: 32DC854F03: message-id=<20080723101022.32DC854F03@promillestube.de>
Jul 23 12:10:22 promillestube postfix/qmgr[2878]: 32DC854F03: from=<root@mail.promillestube.de>, size=688, nrcpt=1 (queue active)
Jul 23 12:10:22 promillestube postfix/qmgr[2878]: 32DC854F03: to=<root@mail.promillestube.de>, orig_to=<root>, relay=none, delay=20, delays=20/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Jul 23 12:10:51 promillestube postfix/smtpd[3629]: connect from localhost[127.0.0.1]
Jul 23 12:10:51 promillestube postfix/smtpd[3629]: 2868E54F13: client=localhost[127.0.0.1]
Jul 23 12:10:51 promillestube postfix/cleanup[3453]: 2868E54F13: message-id=<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 2868E54F13: from=<schranzdingens@promillestube.de>, size=786, nrcpt=1 (queue active)
Jul 23 12:10:51 promillestube postfix/smtpd[3629]: disconnect from localhost[127.0.0.1]
Jul 23 12:10:51 promillestube cyrus/master[3634]: about to exec /usr/lib/cyrus/bin/imapd
Jul 23 12:10:51 promillestube cyrus/imap[3634]: executed
Jul 23 12:10:51 promillestube cyrus/imap[3634]: accepted connection
Jul 23 12:10:51 promillestube cyrus/imap[3634]: login: localhost [127.0.0.1] schranzdingens.promillestube.de plaintext User logged in
Jul 23 12:10:51 promillestube spamd[2592]: prefork: ordered 2782 to accept
Jul 23 12:10:51 promillestube spamd[2592]: prefork: sysread(6) not ready, wait max 300 secs
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child 2782: entering state 2
Jul 23 12:10:51 promillestube spamd[2592]: prefork: new lowest idle kid: 2783
Jul 23 12:10:51 promillestube spamd[2782]: spamd: connection from localhost [127.0.0.1] at port 40154
Jul 23 12:10:51 promillestube spamd[2782]: spamd: using default config for nobody: /srv/Mail/spamassassin/user_prefs
Jul 23 12:10:51 promillestube spamd[2782]: info: user has changed
Jul 23 12:10:51 promillestube spamd[2782]: config: using "/srv/Mail/spamassassin" for user state dir
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: config: using "/srv/Mail/spamassassin" for user state dir
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: config: score set 1 chosen.
Jul 23 12:10:51 promillestube spamd[2782]: spamd: processing message <62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu> for nobody:0
Jul 23 12:10:51 promillestube spamd[2782]: dns: name server: 213.202.250.188, family: 2, ipv6: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: received-header: parsed as [ ip=127.0.0.1 rdns=localhost helo=paranoid-gaming.eu by=promillestube.de ident= envfrom= intl=0 id=2868E54F13 auth= ]
Jul 23 12:10:51 promillestube spamd[2782]: dns: looking up A records for 'promillestube.de'
Jul 23 12:10:51 promillestube spamd[2782]: dns: A records for 'promillestube.de': 85.131.163.240
Jul 23 12:10:51 promillestube spamd[2782]: received-header: 'from' 127.0.0.1 has private IP
Jul 23 12:10:51 promillestube spamd[2782]: dns: looking up A records for 'promillestube.de'
Jul 23 12:10:51 promillestube spamd[2782]: dns: A records for 'promillestube.de': 85.131.163.240
Jul 23 12:10:51 promillestube spamd[2782]: received-header: 'by' promillestube.de has public IP 85.131.163.240
Jul 23 12:10:51 promillestube spamd[2782]: received-header: relay 127.0.0.1 trusted? yes internal? no
Jul 23 12:10:51 promillestube spamd[2782]: received-header: ignored SquirrelMail injection: from 78.51.76.104 (SquirrelMail authenticated user schranzdingens.promillestube.de) by paranoid-gaming.eu with HTTP; Wed, 23 Jul 2008 12:10:51 +0200 (CEST)
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-Trusted: [ ip=127.0.0.1 rdns=localhost helo=paranoid-gaming.eu by=promillestube.de ident= envfrom= intl=0 id=2868E54F13 auth= ]
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-Untrusted:
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-Internal:
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-External: [ ip=127.0.0.1 rdns=localhost helo=paranoid-gaming.eu by=promillestube.de ident= envfrom= intl=0 id=2868E54F13 auth= ]
Jul 23 12:10:51 promillestube spamd[2782]: message: ---- MIME PARSER START ----
Jul 23 12:10:51 promillestube spamd[2782]: message: main message type: text/plain
Jul 23 12:10:51 promillestube spamd[2782]: message: parsing normal part
Jul 23 12:10:51 promillestube spamd[2782]: message: added part, type: text/plain
Jul 23 12:10:51 promillestube spamd[2782]: message: ---- MIME PARSER END ----
Jul 23 12:10:51 promillestube spamd[2782]: message: decoding other encoding type (8bit), ignoring
Jul 23 12:10:51 promillestube spamd[2782]: uridnsbl: domains to query:
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sa-accredit.habeas.com., set habeas-firsttrusted
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sa-other.bondedsender.org., set bsp-untrusted
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined.njabl.org., set njabl-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined.njabl.org., set njabl
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL list.dsbl.org., set dsbl-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL bl.spamcop.net., set spamcop
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sa-trusted.bondedsender.org., set bsp-firsttrusted
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL dnsbl.sorbs.net., set sorbs-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL dnsbl.sorbs.net., set sorbs
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted
Jul 23 12:10:51 promillestube spamd[2782]: check: running tests for priority: 0
Jul 23 12:10:51 promillestube spamd[2782]: rules: running header regexp tests; score so far=0
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_MSGID ======> got hit: "<"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __CT ======> got hit: "t"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_RCVD ======> got hit: "f"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __SANE_MSGID ======> got hit: "<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>
Jul 23 12:10:51 promillestube spamd[2782]: rules: "
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __CT_TEXT_PLAIN ======> got hit: "text/plain"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __MSGID_OK_HOST ======> got hit: "@paranoid-gaming.eu>"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __MIME_VERSION ======> got hit: "1"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __TOCC_EXISTS ======> got hit: "s"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __MSGID_OK_DIGITS ======> got hit: "1216807851"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __CTE ======> got hit: "8"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_X_PRIORITY ======> got hit: "3"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __USER_AGENT ======> got hit: "S"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_SUBJECT ======> got hit: "t"
Jul 23 12:10:51 promillestube spamd[2782]: spf: checking HELO (helo=paranoid-gaming.eu, ip=127.0.0.1)
Jul 23 12:10:51 promillestube spamd[2782]: spf: cannot load or create Mail::SPF::Query module: Can't locate Mail/SPF/Query.pm in @INC (@INC contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.8 /usr/local/share/perl/5.8.8 /usr/lib/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_perl) at /usr/share/perl5/Mail/SpamAssassin/Plugin/SPF.pm line 287, <GEN5> line 25.
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*From' addrs: schranzdingens@promillestube.de
Jul 23 12:10:51 promillestube spamd[2782]: eval: trying Received header date for real time: 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: time_t from date=1216807851, rcvd= 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: trying Received header date for real time: 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: time_t from date=1216807851, rcvd= 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*To' addrs: schranzdingens@aol.com
Jul 23 12:10:51 promillestube spamd[2782]: spf: relayed through one or more trusted relays, cannot use header-based Envelope-From, skipping
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran eval rule ALL_TRUSTED ======> got hit
Jul 23 12:10:51 promillestube spamd[2782]: spf: def_spf_whitelist_from: could not find useable envelope sender
Jul 23 12:10:51 promillestube spamd[2782]: eval: date chosen from message: Wed Jul 23 12:10:51 2008
Jul 23 12:10:51 promillestube spamd[2782]: spf: spf_whitelist_from: could not find useable envelope sender
Jul 23 12:10:51 promillestube spamd[2782]: rules: running body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran body rule __NONEMPTY_BODY ======> got hit: "t"
Jul 23 12:10:51 promillestube spamd[2782]: uri: running uri tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not scoring message, returning undef
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB expiry: tokens in DB: 79, Expiry max size: 150000, Oldest atime: 1216661065, Newest atime: 1216805366, Last expire: 0, Current time: 1216807851
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: rules: running raw-body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running full-text regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: pyzor: pyzor is not available: no pyzor executable found
Jul 23 12:10:51 promillestube spamd[2782]: pyzor: no pyzor found, disabling Pyzor
Jul 23 12:10:51 promillestube spamd[2782]: check: running tests for priority: 500
Jul 23 12:10:51 promillestube spamd[2782]: rules: running meta tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running header regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: uri: running uri tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running raw-body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running full-text regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: check: running tests for priority: 1000
Jul 23 12:10:51 promillestube spamd[2782]: rules: running meta tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running header regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: config: using "/srv/Mail/spamassassin" for user state dir
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: created /srv/Mail/spamassassin/auto-whitelist.lock.promillestube.de.2782
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: trying to get lock on /srv/Mail/spamassassin/auto-whitelist with 0 retries
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: link to /srv/Mail/spamassassin/auto-whitelist.lock: link ok
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: tie-ing to DB file of type DB_File R/W in /srv/Mail/spamassassin/auto-whitelist
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: db-based schranzdingens@promillestube.de|ip=none scores 2/-2.88
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: AWL active, pre-score: -1.44, autolearn score: -1.44, mean: -1.44, IP: undef
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: add_score: new count: 3, new totscore: -4.32
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: DB addr list: untie-ing and unlocking
Jul 23 12:10:51 promillestube cyrus/imap[3634]: seen_db: user schranzdingens^promillestube^de opened /var/lib/cyrus/user/s/schranzdingens^promillestube^de.seen
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: DB addr list: file locked, breaking lock
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_unlock: unlink /srv/Mail/spamassassin/auto-whitelist.lock
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: post auto-whitelist score: -1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: uri: running uri tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running raw-body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running full-text regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: plugin: Mail::SpamAssassin::Plugin::AutoLearnThreshold=HAS H(0x1fbb310) implements 'autolearn_discriminator'
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn: currently using scoreset 1
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn: message score: -1.44, computed score for autolearn: -1.44
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn? ham=0.1, spam=12, body-points=0, head-points=-1.44, learned-points=0
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn? yes, ham (-1.44 < 0.1)
Jul 23 12:10:51 promillestube spamd[2782]: learn: initializing learner
Jul 23 12:10:51 promillestube spamd[2782]: learn: learning ham
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*From' addrs: schranzdingens@promillestube.de
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*To' addrs: schranzdingens@aol.com
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: created /srv/Mail/spamassassin/bayes.lock.promillestube.de.2782
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: trying to get lock on /srv/Mail/spamassassin/bayes with 0 retries
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: link to /srv/Mail/spamassassin/bayes.lock: link ok
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/W /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/W /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: learned '98cf563865d8b36baf37f7ab001eb3d2e123d580@sa_gener ated', atime: 1216807851
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: files locked, now unlocking lock
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_unlock: unlink /srv/Mail/spamassassin/bayes.lock
Jul 23 12:10:51 promillestube spamd[2782]: learn: initializing learner
Jul 23 12:10:51 promillestube spamd[2782]: check: is spam? score=-1.44 required=5
Jul 23 12:10:51 promillestube spamd[2782]: check: tests=ALL_TRUSTED
Jul 23 12:10:51 promillestube spamd[2782]: check: subtests=__CT,__CTE,__CT_TEXT_PLAIN,__HAS_MSGID,__ HAS_RCVD,__HAS_SUBJECT,__HAS_X_PRIORITY,__MIME_VER SION,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__NONEMPTY_ BODY,__SANE_MSGID,__TOCC_EXISTS,__USER_AGENT
Jul 23 12:10:51 promillestube spamd[2782]: spamd: clean message (-1.4/5.0) for nobody:0 in 0.1 seconds, 765 bytes.
Jul 23 12:10:51 promillestube spamd[2782]: spamd: result: . -1 - ALL_TRUSTED scantime=0.1,size=765,user=nobody,uid=0,required_s core=5.0,rhost=localhost,raddr=127.0.0.1,rport=401 54,mid=<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>,autolearn=ham
Jul 23 12:10:51 promillestube spamd[2782]: config: copying current conf from backup
Jul 23 12:10:51 promillestube postfix/pickup[2877]: 6297D54F16: uid=65534 from=<schranzdingens@promillestube.de>
Jul 23 12:10:51 promillestube postfix/pipe[3633]: 2868E54F13: to=<schranzdingens@aol.com>, relay=spamassassin, delay=0.25, delays=0.06/0.01/0/0.18, dsn=2.0.0, status=sent (delivered via spamassassin service)
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 2868E54F13: removed
Jul 23 12:10:51 promillestube postfix/cleanup[3453]: 6297D54F16: message-id=<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>
Jul 23 12:10:51 promillestube spamd[2782]: prefork: sysread(7) not ready, wait max 300 secs
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child 2782: entering state 1
Jul 23 12:10:51 promillestube spamd[2592]: prefork: new lowest idle kid: 2782
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child reports idle
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child states: II
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: from=<schranzdingens@promillestube.de>, size=1099, nrcpt=1 (queue active)
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: to=<schranzdingens@aol.com>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Jul 23 12:10:51 promillestube cyrus/imap[3634]: accepted connection
Jul 23 12:10:51 promillestube cyrus/imap[3634]: login: localhost [127.0.0.1] schranzdingens.promillestube.de plaintext User logged in
Jul 23 12:10:51 promillestube cyrus/imap[3634]: open: user schranzdingens^promillestube^de opened INBOX
Jul 23 12:10:51 promillestube last message repeated 2 times
Jul 23 12:11:01 promillestube postfix/pickup[2877]: 3B0E72268F: uid=0 from=<root>
Jul 23 12:11:01 promillestube postfix/cleanup[3453]: 3B0E72268F: message-id=<20080723101101.3B0E72268F@promillestube.de>
Jul 23 12:11:01 promillestube postfix/qmgr[2878]: 3B0E72268F: from=<root@mail.promillestube.de>, size=619, nrcpt=1 (queue active)
Jul 23 12:11:01 promillestube postfix/qmgr[2878]: 3B0E72268F: to=<root@mail.promillestube.de>, orig_to=<root>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Auffällig erscheint mir dabei die Zeilen:
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: from=<schranzdingens@promillestube.de>, size=1099, nrcpt=1 (queue active)
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: to=<schranzdingens@aol.com>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Leider hab ich keine Idee woran es liegen könnte.
"postconf-n" spuckt folgendes aus:
postconf -n
alias_maps = $alias_database
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = scan:127.0.0.1:10026
disable_vrfy_command = yes
mailbox_transport = cyrus
mydestination = localhost, localhost.$mydomain, $mydomain, mail.$mydomain, mysql:/etc/postfix/mysql-mydestination.cf
mydomain = promillestube.de
mynetworks = 127.0.0.0/8
myorigin = mail.$mydomain
receive_override_options = no_address_mappings
relay_domains =
relayhost =
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
smtp_host_lookup = native,dns
smtp_use_tls = yes
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:60000, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client whois.rfc-ignorant.org, reject_rbl_client ix.dnsbl.manitu.org, reject_rbl_client multihop.dsbl.org, reject_rbl_client dnsbl.ahbl.org, reject_rbl_client rhsbl.ahbl.org, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
smtpd_tls_CAfile = /etc/ssl/certs/smtps.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/smtps.pem
smtpd_tls_key_file = /etc/ssl/certs/smtps.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
Und "netstat -tplen" sagt:
netstat -tplen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 0 4585 2545/postgrey.pid -
tcp 0 0 85.131.163.240:2337 0.0.0.0:* LISTEN 500 8527 3120/server_linux
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 0 5280 2793/cyrmaster
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 0 5292 2793/cyrmaster
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 0 5455 2871/master
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 104 4478 2496/mysqld
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 0 5286 2793/cyrmaster
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 0 5274 2793/cyrmaster
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 0 4799 2592/perl
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 0 3949 2179/portmap
tcp 0 0 127.0.0.1:2000 0.0.0.0:* LISTEN 0 5305 2793/cyrmaster
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 0 5332 2871/master
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN 0 5137 2802/inetd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 0 5135 2802/inetd
tcp 0 0 0.0.0.0:119 0.0.0.0:* LISTEN 0 5298 2793/cyrmaster
tcp 0 0 85.131.163.240:1337 0.0.0.0:* LISTEN 500 8528 3120/server_linux
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 5328 2871/master
tcp 0 0 0.0.0.0:57532 0.0.0.0:* LISTEN 103 5805 2949/rpc.statd
tcp6 0 0 :::993 :::* LISTEN 0 5278 2793/cyrmaster
tcp6 0 0 :::995 :::* LISTEN 0 5290 2793/cyrmaster
tcp6 0 0 :::27015 :::* LISTEN 0 5989 3000/apache2
tcp6 0 0 :::110 :::* LISTEN 0 5284 2793/cyrmaster
tcp6 0 0 :::143 :::* LISTEN 0 5272 2793/cyrmaster
tcp6 0 0 :::80 :::* LISTEN 0 5984 3000/apache2
tcp6 0 0 :::27030 :::* LISTEN 0 5994 3000/apache2
tcp6 0 0 :::22 :::* LISTEN 0 5697 2912/sshd
tcp6 0 0 :::119 :::* LISTEN 0 5296 2793/cyrmaster
tcp6 0 0 :::8090 :::* LISTEN 0 5999 3000/apache2
Die "master.cf" sieht so aus:
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ================================================== ========================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ================================================== ========================
smtp inet n - n - - smtpd
-o content_filter=spamassassin
smtps inet n - n - - smtpd
-o content_filter=spamassassin
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticate d,reject
spamassassin unix - n n - - pipe
user=nobody argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
# ================================================== ==================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ================================================== ==================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
cyrus unix - n n - - pipe
flags= user=cyrus argv=/usr/sbin/cyrdeliver -r ${sender} -m ${extension} ${user}
# Antivirus
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
127.0.0.1:10025 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
Ich hoffe es kann mir da irgendjemand weiterhelfen bzw es sieht irgendwer etwas was ich übersehn hab.
LG,
Matze
Systhem: Linux Debian 4.0 64 Bit (Etch)
Pakete zum Mailserver:
-Cyrus SASL
-Postfix
-Cyrus
-Postgrey
-ClamAV
-SpamAssassin
Webfrontend: WebCyradm & squirrelmail
Mail.log:
Jul 23 12:10:22 promillestube postfix/pickup[2877]: 32DC854F03: uid=0 from=<root>
Jul 23 12:10:22 promillestube postfix/cleanup[3453]: 32DC854F03: message-id=<20080723101022.32DC854F03@promillestube.de>
Jul 23 12:10:22 promillestube postfix/qmgr[2878]: 32DC854F03: from=<root@mail.promillestube.de>, size=688, nrcpt=1 (queue active)
Jul 23 12:10:22 promillestube postfix/qmgr[2878]: 32DC854F03: to=<root@mail.promillestube.de>, orig_to=<root>, relay=none, delay=20, delays=20/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Jul 23 12:10:51 promillestube postfix/smtpd[3629]: connect from localhost[127.0.0.1]
Jul 23 12:10:51 promillestube postfix/smtpd[3629]: 2868E54F13: client=localhost[127.0.0.1]
Jul 23 12:10:51 promillestube postfix/cleanup[3453]: 2868E54F13: message-id=<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 2868E54F13: from=<schranzdingens@promillestube.de>, size=786, nrcpt=1 (queue active)
Jul 23 12:10:51 promillestube postfix/smtpd[3629]: disconnect from localhost[127.0.0.1]
Jul 23 12:10:51 promillestube cyrus/master[3634]: about to exec /usr/lib/cyrus/bin/imapd
Jul 23 12:10:51 promillestube cyrus/imap[3634]: executed
Jul 23 12:10:51 promillestube cyrus/imap[3634]: accepted connection
Jul 23 12:10:51 promillestube cyrus/imap[3634]: login: localhost [127.0.0.1] schranzdingens.promillestube.de plaintext User logged in
Jul 23 12:10:51 promillestube spamd[2592]: prefork: ordered 2782 to accept
Jul 23 12:10:51 promillestube spamd[2592]: prefork: sysread(6) not ready, wait max 300 secs
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child 2782: entering state 2
Jul 23 12:10:51 promillestube spamd[2592]: prefork: new lowest idle kid: 2783
Jul 23 12:10:51 promillestube spamd[2782]: spamd: connection from localhost [127.0.0.1] at port 40154
Jul 23 12:10:51 promillestube spamd[2782]: spamd: using default config for nobody: /srv/Mail/spamassassin/user_prefs
Jul 23 12:10:51 promillestube spamd[2782]: info: user has changed
Jul 23 12:10:51 promillestube spamd[2782]: config: using "/srv/Mail/spamassassin" for user state dir
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: config: using "/srv/Mail/spamassassin" for user state dir
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: config: score set 1 chosen.
Jul 23 12:10:51 promillestube spamd[2782]: spamd: processing message <62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu> for nobody:0
Jul 23 12:10:51 promillestube spamd[2782]: dns: name server: 213.202.250.188, family: 2, ipv6: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: received-header: parsed as [ ip=127.0.0.1 rdns=localhost helo=paranoid-gaming.eu by=promillestube.de ident= envfrom= intl=0 id=2868E54F13 auth= ]
Jul 23 12:10:51 promillestube spamd[2782]: dns: looking up A records for 'promillestube.de'
Jul 23 12:10:51 promillestube spamd[2782]: dns: A records for 'promillestube.de': 85.131.163.240
Jul 23 12:10:51 promillestube spamd[2782]: received-header: 'from' 127.0.0.1 has private IP
Jul 23 12:10:51 promillestube spamd[2782]: dns: looking up A records for 'promillestube.de'
Jul 23 12:10:51 promillestube spamd[2782]: dns: A records for 'promillestube.de': 85.131.163.240
Jul 23 12:10:51 promillestube spamd[2782]: received-header: 'by' promillestube.de has public IP 85.131.163.240
Jul 23 12:10:51 promillestube spamd[2782]: received-header: relay 127.0.0.1 trusted? yes internal? no
Jul 23 12:10:51 promillestube spamd[2782]: received-header: ignored SquirrelMail injection: from 78.51.76.104 (SquirrelMail authenticated user schranzdingens.promillestube.de) by paranoid-gaming.eu with HTTP; Wed, 23 Jul 2008 12:10:51 +0200 (CEST)
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-Trusted: [ ip=127.0.0.1 rdns=localhost helo=paranoid-gaming.eu by=promillestube.de ident= envfrom= intl=0 id=2868E54F13 auth= ]
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-Untrusted:
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-Internal:
Jul 23 12:10:51 promillestube spamd[2782]: metadata: X-Spam-Relays-External: [ ip=127.0.0.1 rdns=localhost helo=paranoid-gaming.eu by=promillestube.de ident= envfrom= intl=0 id=2868E54F13 auth= ]
Jul 23 12:10:51 promillestube spamd[2782]: message: ---- MIME PARSER START ----
Jul 23 12:10:51 promillestube spamd[2782]: message: main message type: text/plain
Jul 23 12:10:51 promillestube spamd[2782]: message: parsing normal part
Jul 23 12:10:51 promillestube spamd[2782]: message: added part, type: text/plain
Jul 23 12:10:51 promillestube spamd[2782]: message: ---- MIME PARSER END ----
Jul 23 12:10:51 promillestube spamd[2782]: message: decoding other encoding type (8bit), ignoring
Jul 23 12:10:51 promillestube spamd[2782]: uridnsbl: domains to query:
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sa-accredit.habeas.com., set habeas-firsttrusted
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sa-other.bondedsender.org., set bsp-untrusted
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined.njabl.org., set njabl-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined.njabl.org., set njabl
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL list.dsbl.org., set dsbl-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL bl.spamcop.net., set spamcop
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL sa-trusted.bondedsender.org., set bsp-firsttrusted
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL dnsbl.sorbs.net., set sorbs-lastexternal
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL dnsbl.sorbs.net., set sorbs
Jul 23 12:10:51 promillestube spamd[2782]: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted
Jul 23 12:10:51 promillestube spamd[2782]: check: running tests for priority: 0
Jul 23 12:10:51 promillestube spamd[2782]: rules: running header regexp tests; score so far=0
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_MSGID ======> got hit: "<"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __CT ======> got hit: "t"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_RCVD ======> got hit: "f"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __SANE_MSGID ======> got hit: "<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>
Jul 23 12:10:51 promillestube spamd[2782]: rules: "
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __CT_TEXT_PLAIN ======> got hit: "text/plain"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __MSGID_OK_HOST ======> got hit: "@paranoid-gaming.eu>"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __MIME_VERSION ======> got hit: "1"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __TOCC_EXISTS ======> got hit: "s"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __MSGID_OK_DIGITS ======> got hit: "1216807851"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __CTE ======> got hit: "8"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_X_PRIORITY ======> got hit: "3"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __USER_AGENT ======> got hit: "S"
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran header rule __HAS_SUBJECT ======> got hit: "t"
Jul 23 12:10:51 promillestube spamd[2782]: spf: checking HELO (helo=paranoid-gaming.eu, ip=127.0.0.1)
Jul 23 12:10:51 promillestube spamd[2782]: spf: cannot load or create Mail::SPF::Query module: Can't locate Mail/SPF/Query.pm in @INC (@INC contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.8 /usr/local/share/perl/5.8.8 /usr/lib/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_perl) at /usr/share/perl5/Mail/SpamAssassin/Plugin/SPF.pm line 287, <GEN5> line 25.
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*From' addrs: schranzdingens@promillestube.de
Jul 23 12:10:51 promillestube spamd[2782]: eval: trying Received header date for real time: 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: time_t from date=1216807851, rcvd= 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: trying Received header date for real time: 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: time_t from date=1216807851, rcvd= 23 Jul 2008 12:10:51 +0200
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*To' addrs: schranzdingens@aol.com
Jul 23 12:10:51 promillestube spamd[2782]: spf: relayed through one or more trusted relays, cannot use header-based Envelope-From, skipping
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran eval rule ALL_TRUSTED ======> got hit
Jul 23 12:10:51 promillestube spamd[2782]: spf: def_spf_whitelist_from: could not find useable envelope sender
Jul 23 12:10:51 promillestube spamd[2782]: eval: date chosen from message: Wed Jul 23 12:10:51 2008
Jul 23 12:10:51 promillestube spamd[2782]: spf: spf_whitelist_from: could not find useable envelope sender
Jul 23 12:10:51 promillestube spamd[2782]: rules: running body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: ran body rule __NONEMPTY_BODY ======> got hit: "t"
Jul 23 12:10:51 promillestube spamd[2782]: uri: running uri tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/O /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
Jul 23 12:10:51 promillestube spamd[2782]: bayes: not scoring message, returning undef
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB expiry: tokens in DB: 79, Expiry max size: 150000, Oldest atime: 1216661065, Newest atime: 1216805366, Last expire: 0, Current time: 1216807851
Jul 23 12:10:51 promillestube spamd[2782]: bayes: DB journal sync: last sync: 0
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: rules: running raw-body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running full-text regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: pyzor: pyzor is not available: no pyzor executable found
Jul 23 12:10:51 promillestube spamd[2782]: pyzor: no pyzor found, disabling Pyzor
Jul 23 12:10:51 promillestube spamd[2782]: check: running tests for priority: 500
Jul 23 12:10:51 promillestube spamd[2782]: rules: running meta tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running header regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: uri: running uri tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running raw-body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running full-text regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: check: running tests for priority: 1000
Jul 23 12:10:51 promillestube spamd[2782]: rules: running meta tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running header regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: config: using "/srv/Mail/spamassassin" for user state dir
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: created /srv/Mail/spamassassin/auto-whitelist.lock.promillestube.de.2782
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: trying to get lock on /srv/Mail/spamassassin/auto-whitelist with 0 retries
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: link to /srv/Mail/spamassassin/auto-whitelist.lock: link ok
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: tie-ing to DB file of type DB_File R/W in /srv/Mail/spamassassin/auto-whitelist
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: db-based schranzdingens@promillestube.de|ip=none scores 2/-2.88
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: AWL active, pre-score: -1.44, autolearn score: -1.44, mean: -1.44, IP: undef
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: add_score: new count: 3, new totscore: -4.32
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: DB addr list: untie-ing and unlocking
Jul 23 12:10:51 promillestube cyrus/imap[3634]: seen_db: user schranzdingens^promillestube^de opened /var/lib/cyrus/user/s/schranzdingens^promillestube^de.seen
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: DB addr list: file locked, breaking lock
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_unlock: unlink /srv/Mail/spamassassin/auto-whitelist.lock
Jul 23 12:10:51 promillestube spamd[2782]: auto-whitelist: post auto-whitelist score: -1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: uri: running uri tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running raw-body-text per-line regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: rules: running full-text regexp tests; score so far=-1.44
Jul 23 12:10:51 promillestube spamd[2782]: plugin: Mail::SpamAssassin::Plugin::AutoLearnThreshold=HAS H(0x1fbb310) implements 'autolearn_discriminator'
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn: currently using scoreset 1
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn: message score: -1.44, computed score for autolearn: -1.44
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn? ham=0.1, spam=12, body-points=0, head-points=-1.44, learned-points=0
Jul 23 12:10:51 promillestube spamd[2782]: learn: auto-learn? yes, ham (-1.44 < 0.1)
Jul 23 12:10:51 promillestube spamd[2782]: learn: initializing learner
Jul 23 12:10:51 promillestube spamd[2782]: learn: learning ham
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*From' addrs: schranzdingens@promillestube.de
Jul 23 12:10:51 promillestube spamd[2782]: eval: all '*To' addrs: schranzdingens@aol.com
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: created /srv/Mail/spamassassin/bayes.lock.promillestube.de.2782
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: trying to get lock on /srv/Mail/spamassassin/bayes with 0 retries
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_lock: link to /srv/Mail/spamassassin/bayes.lock: link ok
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/W /srv/Mail/spamassassin/bayes_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: tie-ing to DB file R/W /srv/Mail/spamassassin/bayes_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: found bayes db version 3
Jul 23 12:10:51 promillestube spamd[2782]: bayes: learned '98cf563865d8b36baf37f7ab001eb3d2e123d580@sa_gener ated', atime: 1216807851
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_toks
Jul 23 12:10:51 promillestube spamd[2782]: bayes: untie-ing db_seen
Jul 23 12:10:51 promillestube spamd[2782]: bayes: files locked, now unlocking lock
Jul 23 12:10:51 promillestube spamd[2782]: locker: safe_unlock: unlink /srv/Mail/spamassassin/bayes.lock
Jul 23 12:10:51 promillestube spamd[2782]: learn: initializing learner
Jul 23 12:10:51 promillestube spamd[2782]: check: is spam? score=-1.44 required=5
Jul 23 12:10:51 promillestube spamd[2782]: check: tests=ALL_TRUSTED
Jul 23 12:10:51 promillestube spamd[2782]: check: subtests=__CT,__CTE,__CT_TEXT_PLAIN,__HAS_MSGID,__ HAS_RCVD,__HAS_SUBJECT,__HAS_X_PRIORITY,__MIME_VER SION,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__NONEMPTY_ BODY,__SANE_MSGID,__TOCC_EXISTS,__USER_AGENT
Jul 23 12:10:51 promillestube spamd[2782]: spamd: clean message (-1.4/5.0) for nobody:0 in 0.1 seconds, 765 bytes.
Jul 23 12:10:51 promillestube spamd[2782]: spamd: result: . -1 - ALL_TRUSTED scantime=0.1,size=765,user=nobody,uid=0,required_s core=5.0,rhost=localhost,raddr=127.0.0.1,rport=401 54,mid=<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>,autolearn=ham
Jul 23 12:10:51 promillestube spamd[2782]: config: copying current conf from backup
Jul 23 12:10:51 promillestube postfix/pickup[2877]: 6297D54F16: uid=65534 from=<schranzdingens@promillestube.de>
Jul 23 12:10:51 promillestube postfix/pipe[3633]: 2868E54F13: to=<schranzdingens@aol.com>, relay=spamassassin, delay=0.25, delays=0.06/0.01/0/0.18, dsn=2.0.0, status=sent (delivered via spamassassin service)
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 2868E54F13: removed
Jul 23 12:10:51 promillestube postfix/cleanup[3453]: 6297D54F16: message-id=<62447.78.51.76.104.1216807851.squirrel@paranoid-gaming.eu>
Jul 23 12:10:51 promillestube spamd[2782]: prefork: sysread(7) not ready, wait max 300 secs
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child 2782: entering state 1
Jul 23 12:10:51 promillestube spamd[2592]: prefork: new lowest idle kid: 2782
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child reports idle
Jul 23 12:10:51 promillestube spamd[2592]: prefork: child states: II
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: from=<schranzdingens@promillestube.de>, size=1099, nrcpt=1 (queue active)
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: to=<schranzdingens@aol.com>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Jul 23 12:10:51 promillestube cyrus/imap[3634]: accepted connection
Jul 23 12:10:51 promillestube cyrus/imap[3634]: login: localhost [127.0.0.1] schranzdingens.promillestube.de plaintext User logged in
Jul 23 12:10:51 promillestube cyrus/imap[3634]: open: user schranzdingens^promillestube^de opened INBOX
Jul 23 12:10:51 promillestube last message repeated 2 times
Jul 23 12:11:01 promillestube postfix/pickup[2877]: 3B0E72268F: uid=0 from=<root>
Jul 23 12:11:01 promillestube postfix/cleanup[3453]: 3B0E72268F: message-id=<20080723101101.3B0E72268F@promillestube.de>
Jul 23 12:11:01 promillestube postfix/qmgr[2878]: 3B0E72268F: from=<root@mail.promillestube.de>, size=619, nrcpt=1 (queue active)
Jul 23 12:11:01 promillestube postfix/qmgr[2878]: 3B0E72268F: to=<root@mail.promillestube.de>, orig_to=<root>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Auffällig erscheint mir dabei die Zeilen:
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: from=<schranzdingens@promillestube.de>, size=1099, nrcpt=1 (queue active)
Jul 23 12:10:51 promillestube postfix/qmgr[2878]: 6297D54F16: to=<schranzdingens@aol.com>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
Leider hab ich keine Idee woran es liegen könnte.
"postconf-n" spuckt folgendes aus:
postconf -n
alias_maps = $alias_database
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = scan:127.0.0.1:10026
disable_vrfy_command = yes
mailbox_transport = cyrus
mydestination = localhost, localhost.$mydomain, $mydomain, mail.$mydomain, mysql:/etc/postfix/mysql-mydestination.cf
mydomain = promillestube.de
mynetworks = 127.0.0.0/8
myorigin = mail.$mydomain
receive_override_options = no_address_mappings
relay_domains =
relayhost =
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
smtp_host_lookup = native,dns
smtp_use_tls = yes
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:60000, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client whois.rfc-ignorant.org, reject_rbl_client ix.dnsbl.manitu.org, reject_rbl_client multihop.dsbl.org, reject_rbl_client dnsbl.ahbl.org, reject_rbl_client rhsbl.ahbl.org, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
smtpd_tls_CAfile = /etc/ssl/certs/smtps.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/smtps.pem
smtpd_tls_key_file = /etc/ssl/certs/smtps.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
Und "netstat -tplen" sagt:
netstat -tplen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 0 4585 2545/postgrey.pid -
tcp 0 0 85.131.163.240:2337 0.0.0.0:* LISTEN 500 8527 3120/server_linux
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 0 5280 2793/cyrmaster
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 0 5292 2793/cyrmaster
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 0 5455 2871/master
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 104 4478 2496/mysqld
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 0 5286 2793/cyrmaster
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 0 5274 2793/cyrmaster
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 0 4799 2592/perl
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 0 3949 2179/portmap
tcp 0 0 127.0.0.1:2000 0.0.0.0:* LISTEN 0 5305 2793/cyrmaster
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 0 5332 2871/master
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN 0 5137 2802/inetd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 0 5135 2802/inetd
tcp 0 0 0.0.0.0:119 0.0.0.0:* LISTEN 0 5298 2793/cyrmaster
tcp 0 0 85.131.163.240:1337 0.0.0.0:* LISTEN 500 8528 3120/server_linux
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 5328 2871/master
tcp 0 0 0.0.0.0:57532 0.0.0.0:* LISTEN 103 5805 2949/rpc.statd
tcp6 0 0 :::993 :::* LISTEN 0 5278 2793/cyrmaster
tcp6 0 0 :::995 :::* LISTEN 0 5290 2793/cyrmaster
tcp6 0 0 :::27015 :::* LISTEN 0 5989 3000/apache2
tcp6 0 0 :::110 :::* LISTEN 0 5284 2793/cyrmaster
tcp6 0 0 :::143 :::* LISTEN 0 5272 2793/cyrmaster
tcp6 0 0 :::80 :::* LISTEN 0 5984 3000/apache2
tcp6 0 0 :::27030 :::* LISTEN 0 5994 3000/apache2
tcp6 0 0 :::22 :::* LISTEN 0 5697 2912/sshd
tcp6 0 0 :::119 :::* LISTEN 0 5296 2793/cyrmaster
tcp6 0 0 :::8090 :::* LISTEN 0 5999 3000/apache2
Die "master.cf" sieht so aus:
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ================================================== ========================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ================================================== ========================
smtp inet n - n - - smtpd
-o content_filter=spamassassin
smtps inet n - n - - smtpd
-o content_filter=spamassassin
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticate d,reject
spamassassin unix - n n - - pipe
user=nobody argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
# ================================================== ==================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ================================================== ==================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
cyrus unix - n n - - pipe
flags= user=cyrus argv=/usr/sbin/cyrdeliver -r ${sender} -m ${extension} ${user}
# Antivirus
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
127.0.0.1:10025 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
Ich hoffe es kann mir da irgendjemand weiterhelfen bzw es sieht irgendwer etwas was ich übersehn hab.
LG,
Matze