Re: [AMaViS-user] log error
Dale, > May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[25407]: > (25407-13) DENIED ACCESS from IP 10.1.100.11, policy bank '' > $forward_method = 'smtp:*:*'; > $notify_method = $forward_method; > $inet_socket_port = [10024,10026]; > @inet_acl = qw(127.0.0.1 [::1] 10.1.100.11); Don't know, the setting of @inet_acl seems correct. Perhaps you have a later assignment to @inet_acl which overrides the above correct assignment. Perhaps turning up log level to 5 and searching for 'lookup_ip_acl' in the log might shed some light. > Setting the above socket, is this for amavisd-new to listen on? Yes, $inet_socket_port determines TCP ports on which amavisd will listen. > Will the mail recieved on 10024 be send out on 10025 and the mail > recieved on 10026 be sent out on 10027? Yes, if you use 'smtp:*:*'. You can also make port explicit, e.g. 'smtp:*:10025' which will feed mail back to the IP address it came from, but always on port 10025, regardless of the incomming port number. > The forward and notify, I haven't been using these so do I need to > use them now??? If you need non-default values, yes. Default values are listed in amavisd.conf-default. Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] log error
At 03:52 PM 5/31/2005, Andy Loates wrote: /etc/postfix/main.cf: mynetworks = 127.0.0.1/32,10.1.100.11/32,10.1.100.20/32 # Dale, Just a suggestion, but isn't Postfix a touch sensitive about having whitespace between items in lists. Try some spaces in the above i.e mynetworks = 127.0.0.1/32, 10.1.100.11/32, 10.1.100.20/32 ^ ^ That's not it. Postfix treats whitespace and commas the same when parsing main.cf. So either/or/both is acceptable in main.cf. -- Noel Jones --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] log error
Dale Walsh said the following on 31/5/05 20:55: /etc/postfix/main.cf: mynetworks = 127.0.0.1/32,10.1.100.11/32,10.1.100.20/32 # Dale, Just a suggestion, but isn't Postfix a touch sensitive about having whitespace between items in lists. Try some spaces in the above i.e mynetworks = 127.0.0.1/32, 10.1.100.11/32, 10.1.100.20/32 ^ ^ /etc/postfixalt/main.cf: mynetworks = 127.0.0.1/32,10.1.100.11/32,10.1.100.20/32 ^ ^ # # and try the same in this one. good luck Andy --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] log error
On May 29, 2005, at 06:19 PM, Mark Martinec wrote: Dale, I have two iinstances of postfix running, all IP's are listed in mynetwork settings. ... May 29 02:08:50 daleenterprise.com /usr/bin/amavisd[282]: (00282-09) DENIED ACCESS from IP 10.1.100.11, policy bank '' You need to add 10.1.100.11 to @inet_acl to allow access to amavisd from this IP address, e.g.: @inet_acl = qw(127.0.0.1 10.1.100.11); While I see mentioned on the list that some are using two instances of amavisd-new, is it possible that amavisd-new can be defined to run on 2 pairs of ports in a single config file? Yes. What I am getting at is the following: 10024,10025 and 10026,10027 If received on port 10024, send on port 10025 if recieved on port 10026, send on port 10027 $inet_socket_port = [10024,10026]; $forward_method = 'smtp:*:*'; $notify_method = 'smtp:*:*'; See comments in amavisd.conf-sample. If you want, you can now assign a separate policy bank to port 10024 or 10026 if you need different settings, but need not if both services can do with same settings. or can this only be achieved by using two separate config files? No need. Your setup is pretty much straightforward. Mark Well Mark, I tried using your recommended settings, it still doesn't work. Here's the log information. /var/log/mail.log: = Monday, May 30, 2005 09:18:58 AM US/Eastern = May 30 09:19:04 dellc postfix-secondary/pickup[26109]: 2F9F510C6FC: uid=27 from=<[EMAIL PROTECTED]> orig_id=0582610C6F3 May 30 09:19:04 dellc postfix-secondary/cleanup[26124]: 2F9F510C6FC: message- id=<[EMAIL PROTECTED]> May 30 09:19:04 dellc postfix-secondary/qmgr[26110]: 2F9F510C6FC: from=<[EMAIL PROTECTED]>, size=3786, nrcpt=1 (queue active) May 30 09:19:04 dellc postfix-secondary/pickup[26109]: 31A5510C6FD: uid=27 from=<[EMAIL PROTECTED]> orig_id=0A59710C6F4 May 30 09:19:04 dellc postfix-secondary/cleanup[26127]: 31A5510C6FD: message-id=<[EMAIL PROTECTED]> May 30 09:19:04 dellc postfix-secondary/qmgr[26110]: 31A5510C6FD: from=<[EMAIL PROTECTED]>, size=6278, nrcpt=1 (queue active) May 30 09:19:04 dellc postfix-secondary/smtp[26128]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10026) May 30 09:19:04 dellc postfix-secondary/pickup[26109]: 34A5D10C6FE: uid=27 from=<[EMAIL PROTECTED]> orig_id=ED71B10C6F2 May 30 09:19:04 dellc postfix-secondary/smtp[26128]: 2F9F510C6FC: to=<[EMAIL PROTECTED]>, relay=none, delay=-941, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting) May 30 09:19:04 dellc postfix-secondary/cleanup[26124]: 34A5D10C6FE: message-id=<[EMAIL PROTECTED]> May 30 09:19:04 dellc postfix-secondary/smtp[26126]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10026) May 30 09:19:04 dellc postfix-secondary/qmgr[26110]: 34A5D10C6FE: from=<[EMAIL PROTECTED]>, size=4695, nrcpt=1 (queue active) May 30 09:19:04 dellc postfix-secondary/smtp[26126]: 31A5510C6FD: to=<[EMAIL PROTECTED]>, relay=none, delay=-941, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting) May 30 09:19:04 dellc postfix-secondary/smtp[26128]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10026) May 30 09:19:04 dellc postfix-secondary/smtp[26128]: 34A5D10C6FE: to=<[EMAIL PROTECTED]>, relay=none, delay=-941, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting) /var/log/amavisd.log: = Monday, May 30, 2005 09:19:01 AM US/Eastern = May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[25407]: (25407-13) DENIED ACCESS from IP 10.1.100.11, policy bank '' May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[24823]: (24823-11) DENIED ACCESS from IP 10.1.100.11, policy bank '' May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[25407]: (25407-13) DENIED ACCESS from IP 10.1.100.11, policy bank '' Here is the relevant information contained in each config file. /etc/postfix/main.cf: mynetworks = 127.0.0.1/32,10.1.100.11/32,10.1.100.20/32 # # == # AMAVIS - CLAMAV # == # content_filter=smtp-amavis:[127.0.0.1]:10024 /etc/postfix/master.cf: # # == # AMAVIS - CLAMAV # == # smtp-amavis unix - - y - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n -
Re: [AMaViS-user] log error
On May 29, 2005, at 06:19 PM, Mark Martinec wrote: Dale, I have two iinstances of postfix running, all IP's are listed in mynetwork settings. ... May 29 02:08:50 daleenterprise.com /usr/bin/amavisd[282]: (00282-09) DENIED ACCESS from IP 10.1.100.11, policy bank '' You need to add 10.1.100.11 to @inet_acl to allow access to amavisd from this IP address, e.g.: @inet_acl = qw(127.0.0.1 10.1.100.11); While I see mentioned on the list that some are using two instances of amavisd-new, is it possible that amavisd-new can be defined to run on 2 pairs of ports in a single config file? Yes. What I am getting at is the following: 10024,10025 and 10026,10027 If received on port 10024, send on port 10025 if recieved on port 10026, send on port 10027 $inet_socket_port = [10024,10026]; $forward_method = 'smtp:*:*'; $notify_method = 'smtp:*:*'; See comments in amavisd.conf-sample. If you want, you can now assign a separate policy bank to port 10024 or 10026 if you need different settings, but need not if both services can do with same settings. or can this only be achieved by using two separate config files? No need. Your setup is pretty much straightforward. Mark Well Mark, I tried using your recommended settings, it still doesn't work. Here's the log information. /var/log/mail.log: = Monday, May 30, 2005 09:18:58 AM US/Eastern = May 30 09:19:04 dellc postfix-secondary/pickup[26109]: 2F9F510C6FC: uid=27 from=<[EMAIL PROTECTED]> orig_id=0582610C6F3 May 30 09:19:04 dellc postfix-secondary/cleanup[26124]: 2F9F510C6FC: message- id=<[EMAIL PROTECTED]> May 30 09:19:04 dellc postfix-secondary/qmgr[26110]: 2F9F510C6FC: from=<[EMAIL PROTECTED]>, size=3786, nrcpt=1 (queue active) May 30 09:19:04 dellc postfix-secondary/pickup[26109]: 31A5510C6FD: uid=27 from=<[EMAIL PROTECTED]> orig_id=0A59710C6F4 May 30 09:19:04 dellc postfix-secondary/cleanup[26127]: 31A5510C6FD: message-id=<[EMAIL PROTECTED]> May 30 09:19:04 dellc postfix-secondary/qmgr[26110]: 31A5510C6FD: from=<[EMAIL PROTECTED]>, size=6278, nrcpt=1 (queue active) May 30 09:19:04 dellc postfix-secondary/smtp[26128]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10026) May 30 09:19:04 dellc postfix-secondary/pickup[26109]: 34A5D10C6FE: uid=27 from=<[EMAIL PROTECTED]> orig_id=ED71B10C6F2 May 30 09:19:04 dellc postfix-secondary/smtp[26128]: 2F9F510C6FC: to=<[EMAIL PROTECTED]>, relay=none, delay=-941, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting) May 30 09:19:04 dellc postfix-secondary/cleanup[26124]: 34A5D10C6FE: message-id=<[EMAIL PROTECTED]> May 30 09:19:04 dellc postfix-secondary/smtp[26126]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10026) May 30 09:19:04 dellc postfix-secondary/qmgr[26110]: 34A5D10C6FE: from=<[EMAIL PROTECTED]>, size=4695, nrcpt=1 (queue active) May 30 09:19:04 dellc postfix-secondary/smtp[26126]: 31A5510C6FD: to=<[EMAIL PROTECTED]>, relay=none, delay=-941, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting) May 30 09:19:04 dellc postfix-secondary/smtp[26128]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10026) May 30 09:19:04 dellc postfix-secondary/smtp[26128]: 34A5D10C6FE: to=<[EMAIL PROTECTED]>, relay=none, delay=-941, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting) /var/log/amavisd.log: = Monday, May 30, 2005 09:19:01 AM US/Eastern = May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[25407]: (25407-13) DENIED ACCESS from IP 10.1.100.11, policy bank '' May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[24823]: (24823-11) DENIED ACCESS from IP 10.1.100.11, policy bank '' May 30 09:19:04 daleenterprise.com /usr/bin/amavisd[25407]: (25407-13) DENIED ACCESS from IP 10.1.100.11, policy bank '' Here is the relevant information contained in each config file. /etc/postfix/main.cf: mynetworks = 127.0.0.1/32,10.1.100.11/32,10.1.100.20/32 # # == # AMAVIS - CLAMAV # == # content_filter=smtp-amavis:[127.0.0.1]:10024 /etc/postfix/master.cf: # # == # AMAVIS - CLAMAV # == # smtp-amavis unix - - y - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n
Re: [AMaViS-user] log error
Dale, > I have two iinstances of postfix running, all IP's are listed in > mynetwork settings. ... > May 29 02:08:50 daleenterprise.com /usr/bin/amavisd[282]: (00282-09) > DENIED ACCESS from IP 10.1.100.11, policy bank '' You need to add 10.1.100.11 to @inet_acl to allow access to amavisd from this IP address, e.g.: @inet_acl = qw(127.0.0.1 10.1.100.11); > While I see mentioned on the list that some are using two instances > of amavisd-new, is it possible that amavisd-new can be defined to run > on 2 pairs of ports in a single config file? Yes. > What I am getting at is the following: > > 10024,10025 and 10026,10027 > > If received on port 10024, send on port 10025 if recieved on port > 10026, send on port 10027 $inet_socket_port = [10024,10026]; $forward_method = 'smtp:*:*'; $notify_method = 'smtp:*:*'; See comments in amavisd.conf-sample. If you want, you can now assign a separate policy bank to port 10024 or 10026 if you need different settings, but need not if both services can do with same settings. > or can this only be achieved by using two > separate config files? No need. Your setup is pretty much straightforward. Mark --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] log error
I have two iinstances of postfix running, all IP's are listed in mynetwork settings. I have the content filter assigned in both and the listen directive assigned in the primary postfix instance as defined by the shared content filter configuration of postfix. Now I still receive the following message when e-mail is received for processing in the second postfix instance. When everything was contained in a single postfix instance I had no problems accepting the connection from either IP so I don't understand the problem now. May 29 02:08:50 daleenterprise.com /usr/bin/amavisd[282]: (00282-09) DENIED ACCESS from IP 10.1.100.11, policy bank '' While I see mentioned on the list that some are using two instances of amavisd-new, is it possible that amavisd-new can be defined to run on 2 pairs of ports in a single config file? What I am getting at is the following: 10024,10025 and 10026,10027 If received on port 10024, send on port 10025 if recieved on port 10026, send on port 10027 or can this only be achieved by using two separate config files? -- Dale --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/