On 1/22/2011 1:01 PM, Condor wrote:
On 1/22/2011 9:04 AM, Condor wrote:
On 1/22/2011 1:20 AM, Condor wrote:
On 1/21/2011 5:08 PM, Condor wrote:
Hello,
i have postfix 2.7.2 and i have problem with restrictions. I setup
smtpd_recipient_restrictions here is my main.cf config file:
Here is the log file sent from my yahoo account, i replace yahoo.com
with
yahoo-mail.com to did not receive spam from bots..
Jan 22 16:59:59 www postfix/smtpd[21535]: connect from
web36803.mail.mud.yahoo.com[209.191.85.54]
Jan 22 16:59:59 www dkimproxy.in[31073]: connect from 127.0.0.1
Jan 22 16:59:59 www dkimproxy.out[8864]: connect from 127.0.0.1
Jan 22 16:59:59 www postfix/smtpd[21539]: connect from
localhost[127.0.0.1]
Jan 22 16:59:59 www postfix/smtpd[21535]: NOQUEUE:
client=web36803.mail.mud.yahoo.com[209.191.85.54]
Jan 22 16:59:59 www postfix/smtpd[21539]: BBF49104E5C:
client=localhost[127.0.0.1]
Jan 22 17:00:00 www dkimproxy.in[31073]: DKIM verify - pass;
message-id=<120241.54679...@web36803.mail.mud.yahoo.com>,
signer=<con...@yahoo-mail.com>, from=<con...@yahoo-mail.com>
Jan 22 17:00:00 www dkimproxy.out[8864]: DKIM signing - skipped;
message-id=<120241.54679...@web36803.mail.mud.yahoo.com>,
from=<con...@yahoo-mail.com>
Jan 22 17:00:00 www postfix/cleanup[21540]: BBF49104E5C:
message-id=<120241.54679...@web36803.mail.mud.yahoo.com>
Jan 22 17:00:00 www postfix/qmgr[11730]: BBF49104E5C:
from=<con...@yahoo-mail.com>, size=2111, nrcpt=1 (queue active)
Jan 22 17:00:00 www postfix/smtpd[21535]: proxy-accept: END-OF-MESSAGE:
250 2.0.0 Ok: queued as BBF49104E5C; from=<con...@yahoo-mail.com>
to=<nob...@my-domain.com> proto=SMTP helo=<web36803.mail.mud.yahoo.com>
Jan 22 17:00:00 www spamd[1613]: spamd: connection from localhost
[127.0.0.1] at port 39319
Jan 22 17:00:00 www spamd[1613]: spamd: handle_user unable to find user:
'nob...@stz-bg.com'
Jan 22 17:00:00 www spamd[1613]: spamd: processing message
<120241.54679...@web36803.mail.mud.yahoo.com> for
nob...@my-domain.com:1002
Jan 22 17:00:01 www spamd[1613]: Use of uninitialized value in lc at
/usr/lib/perl5/site_perl/5.12.2/Mail/SpamAssassin/Plugin/MIMEEval.pm
line
501,<GEN467> line 40.
Jan 22 17:00:01 www postfix/smtpd[21535]: disconnect from
web36803.mail.mud.yahoo.com[209.191.85.54]
Jan 22 17:00:09 www spamd[1613]: spamd: clean message (-0.1/5.0) for
nob...@my-domain.com:1002 in 9.1 seconds, 2143 bytes.
Jan 22 17:00:09 www spamd[1613]: spamd: result: . 0 -
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,T_RP_MATCHES_RCVD,T_TO_NO_BRKTS_FREEMAIL
scantime=9.1,size=2143,user=nob...@my-domain.com,uid=1002,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=39319,mid=<120241.54679...@web36803.mail.mud.yahoo.com>,autolearn=ham
Jan 22 17:00:10 www dovecot: lda(nob...@my-domain.com): sieve:
msgid=<120241.54679...@web36803.mail.mud.yahoo.com>: stored mail into
mailbox 'INBOX'
Jan 22 17:00:10 www postfix/pipe[21541]: BBF49104E5C:
to=<nob...@my-domain.com>, relay=dovecot, delay=10,
delays=1.1/0.01/0/9.2,
dsn=2.0.0, status=sent (delivered via dovecot service)
Jan 22 17:00:10 www postfix/qmgr[11730]: BBF49104E5C: removed
Jan 22 17:00:10 www spamd[1609]: prefork: child states: II
Show unmodified "postconf -n" and non-comment entries from
master.cf (grep -v '^#' master.cf).
-- Noel Jones
Postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
disable_vrfy_command = yes
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_size_limit = 0
message_size_limit = 30720000
myhostname = mail.stzbg.com
mynetworks = 46.40.123.212/32 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
proxy_read_maps = $local_recipient_maps $mydestionation
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_invalid_helo_hostname, reject_unknown_helo_hostname,
reject_non_fqdn_helo_hostname, permit
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination, check_helo_access
hash:/etc/postfix/helo_checks, check_sender_access
hash:/etc/postfix/helo_checks, check_recipient_access
pcre:/etc/postfix/recipient_checks.pcre, reject_invalid_hostname,
reject_unauth_pipelining, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_non_fqdn_recipient,
reject_unknown_recipient_domain, reject_unlisted_sender,
reject_rhsbl_client dbl.spamhaus.org, reject_rhsbl_sender
dbl.spamhaus.org, reject_rbl_client relays.ordb.org, reject_rbl_client
b.barracudacentral.org, reject_rbl_client cbl.abuseat.org,
reject_rbl_client dyna.spamrats.com, reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org, reject_rbl_client opm.blitzed.org,
reject_rbl_client dnsbl.njabl.org, reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client db.wpbl.info, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/mail.stzbg.com.pem
smtpd_tls_cert_file = /etc/postfix/ssl/mail.stzbg.com.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.stzbg.com.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf
virtual_gid_maps = static:1005
virtual_mailbox_base = /var/spool/postmail
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:1004
master.cf
smtp inet n - n - - smtpd
-o smtpd_etrn_restrictions=reject
-o smtpd_sasl_auth_enable=yes
-o smtpd_proxy_filter=127.0.0.1:10021
-o smtpd_client_connection_count_limit=10
-o content_filter=dksign:[127.0.0.1]:10027
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/bin/spamc -u ${recipient} -e
/usr/local/libexec/dovecot/deliver -d ${recipient}
The above settings override your settings in main.cf.
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-o local_header_rewrite_clients=
127.0.0.1:10030 inet n - n - - smtpd
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks
dksign unix - - n - 4 smtp
-o smtp_send_xforward_command=yes
-o smtp_discard_ehlo_keywords=8bitmime,starttls
127.0.0.1:10028 inet n - n - 10 smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
