On Aug 4, 2009, at 3:01 PM, Noel Jones wrote:
Jason Hirsh wrote:
I raise this question here because it appears the basic postgrey
daemon is running
I have a FReebsd 7.0 server with Postfix, amavisd-new, Dovecot to
which i added Postgrey
I have postgrey runnng as a ps aux grep | postfix shows
postgrey 653 0.0 2.4 14384 12052 ?? Is 1:53PM 0:00.04 /
usr/local/sbin/postgrey --pidfile=/var/run/postgrey.pid --
inet=10023 -d --user=postgrey --group=postgrey --dbdir=/var/db/
postgrey (perl5.8.9)
There is no indication in the syslog maillog of any postgrey
activity so I am presuming that i have messed up the install or
configuration.. postconf -n shows
smtpd_recipient_restrictions = permit_sasl_authenticated,
check_relay_domains,
check_relay_domains is deprecated.
Note that check_relay_domains always resolves to either "permit" or
"reject". As a consequence, no restrictions after this are
evaluated. Use reject_unauth_destination instead, that should fix
your problem.
reject_rbl_client zen.spamhaus.org bl,reject_rbl_client
bl.spamcop.net,reject_rbl_client cbl.abuseat.org,reject_rbl_client
safe.dnsbl.sorbs.net,check_policy_service inet:127.0.0.1
cbl.abuseat.org is included in zen.spamhaus.org - no need to query
both.
sorbs is currently negotiating a change of ownership. Monitor
their web site and/or announcement mail list to decide if they
still meet your needs after the change is completed.
removed
Should be check_policy_service inet:127.0.0.1:10023
Make sure the port matches where postgrey is listening.
corrected
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostnamebroken_sasl_auth_clients = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated,
reject_rhsbl_sender dsn.rfc-ignorant.org, reject_rbl_client
bl.spamcop.net
rfc-ignorant.org is generally better used in a scoring system
rather than for outright rejects.
Why do you have some RBLs in smtpd_sender_restrictions and some in
smtpd_recipient_restrictions? pick one or the other.
Partial clean up I had seen similar discussion about douplicaton
between smtp_client_restriction and smtp_recipients_restriction.
thanks for making the point
-- Noel Jones
Based on above changes i have ths now
postgrey 651 0.0 2.4 14384 12028 ?? Is 3:24PM 0:00.04 /usr/
local/sbin/postgrey --pidfile=/var/run/postgrey.pid --
inet=127.0.0.1:10023 -d --user=postgrey --group=postgrey --dbdir=/var/
db/postgrey -verbose (perl5.8.9)
postconf -n
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
delay_warning_time = 4h
disable_vrfy_command = yes
header_checks = regexp:/usr/local/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
mail_owner = postfix
mail_spool_directory = /var/mail/vmail
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
maps_rbl_domains = bl.spamcop.net
mydestination = localhost.$mydomain, localhost
myhostname = batfish.theoceanwindow-bv.com
mynetworks = 127.0.0.0/8, 66.235.184.124, 66.148.83.94
myorigin = $myhostname
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
receive_override_options = no_address_mappings
relay_recipient_maps = hash:/usr/local/etc/postfix/relay_recipients
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp_tls_note_starttls_offer = yes
smtpd_banner = Hi This is the Ocean Window - BV
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated,
permit_mynetworks,check_helo_access hash:/usr/local/etc/postfix/
helo_access,reject_invalid_hostname,reject_unknown_hostname
smtpd_recipient_restrictions = permit_sasl_authenticated,
check_relay_domains,reject_rbl_client
zen.spamhaus.org,reject_rbl_client bl.spamcop.net,reject_rbl_client,
check_policy_service inet:127.0.0.1:10023
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostnamebroken_sasl_auth_clients = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated
smtpd_tls_CAfile = /etc/mail/certs/root.crt
smtpd_tls_cert_file = /etc/mail/certs/server.pem
smtpd_tls_key_file = /etc/mail/certs/server.key
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/usr/local/etc/postfix/virtual
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/mail/vmail
virtual_mailbox_domains = /usr/local/etc/postfix/virtual_domains
virtual_mailbox_maps = hash:/usr/local/etc/postfix/virtual_mailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:1003
and I got a
check_access: ja...@kasdivi.com
Aug 4 15:40:54 batfish postfix/smtpd[1326]: panic: check_access:
dictionary not found: inet:127.0.0.1:10023
Aug 4 15:40:55 batfish postfix/master[1057]: warning: process /usr/
local/libexec/postfix/smtpd pid 1326 killed by signal 6
Aug 4 15:40:55 batfish postfix/master[1057]: warning: /usr/local/
libexec/postfix/smtpd: bad command startup -- throttling
erro message which I assume is related to postgrey??
