The outgoing alert messages from monit don't do such activity (it
behave like normal SMTP client) - the messages appear in policy server
log because monit is configured to monitor your policy server.
The protocol test "postfix-policy" sends the request which contains
the triplet seen in your logs:
--8<--
int check_postfix_policy(Socket_T s) {
char buf[STRLEN];
ASSERT(s);
if(socket_print(s,
"request=smtpd_access_policy\n"
"protocol_state=RCPT\n"
"protocol_name=SMTP\n"
"[EMAIL PROTECTED]"
"[EMAIL PROTECTED]"
"client_address=1.2.3.4\n"
"client_name=mx.foo.tld\n"
"\n") < 0) {
LogError("POSTFIX-POLICY: error sending data -- %s\n", STRERROR);
return FALSE;
}
--8<--
=> monit is watching policy server because it was configured to do so,
please check your monit configuration.
Thanks,
Martin
On Sep 25, 2008, at 5:53 AM, Len Conrad wrote:
We have monit setup to send to a remote mail server, NOT to
localhost. That works fine.
However, we find what looks like monit's stuff in postgrey's logging:
Sep 24 21:45:20 mx1 postgrey[785]: 2008/09/24-21:45:20 CONNECT TCP
Peer: "127.0.0.1:60923" Local: "127.0.0.1:10023"
Sep 24 21:45:20 mx1 postgrey[785]: action=pass, reason=triplet
found, client_name=mx.foo.tld, client_address=1.2.3.4, sender=
[EMAIL PROTECTED], [EMAIL PROTECTED]
mx1# egrep -ic 'client_name=mx.foo.tld' /var/log/maillog
1293
how/why is monit apparently sending to policy-server:10023?
btw, our policy servers are after permit_mynetworks. I put
1.2.3.4/32 in mynetworks, but that doesn't stop these log lines. I
don't think this traffic is going through postfix at all.
Len
______________________________________________
IMGate OpenSource Mail Firewall www.IMGate.net
--
To unsubscribe:
http://lists.nongnu.org/mailman/listinfo/monit-general
--
To unsubscribe:
http://lists.nongnu.org/mailman/listinfo/monit-general
