Re: Problem with BCC in content_filter

[Wietse Venema]

Pawe? Grzesik:
> Mar  4 22:52:09 mailtest postfix/pipe[16692]: EA9ACC794C: to=,
> relay=dlp, delay=1.1, delays=0.31/0.01/0/0.78, dsn=2.0.0, status=sent
> (delivered via tool service)
> Mar  4 22:52:09 mailtest postfix/pipe[16693]: EA9ACC794C: to=,
> relay=dlp, delay=1.1, delays=0.31/0.01/0/0.82, dsn=2.0.0, status=sent
> (delivered via tool service)

Mail for both recipients was delivered to the tool. They were
delivered by different pipe daemon processes, one with pid=16692
and one with pid=16693.

> But then in my tool I don't see anything except the first testone@ -> pone@.
> Nothing about ptwo@.

So the tool lost the bcc recipient, i.e. the one that is not
present in the mail header.

> Am I doing somethings wrong? How can I debug it?

To debug, have the tool log the command line arguments.

Wietse

Re: How can I block this user...

[Bill Cole]

On 4 Mar 2016, at 9:47, Robert Chalmers wrote:


thanks, that seems to work - how to make it permanent next …

but, it should be working in postfix in any case shouldn’t it?

Wep, weekend coming up.
Robert


On 4 Mar 2016, at 13:48, L.P.H. van Belle  wrote:

Very simple, route it to localhost.

Like :
route add -host 174.46.142.137 127.0.0.1


That's really a sloppy fix. It works (until your next reboot) but 
routing packets to the loopback interface isn't scalable and ignores 
other problems that you clearly have:


1. You have a lot of postscreen settings but don't seem to actually have 
postscreen enabled, although it may be that you just didn't show the 
postscreen log lines. If you do have postscreen actually working, you 
can use the postscreen_access_list setting that you already have to 
blacklist that IP in the cidr map you seem to intend to be using.


2. In reference to this:

Mac. OSX 10.11
Postfix.

I’ve even tried setting it in the firewall - but I’m missing 
something, because there it

is again...

I have the domain IP in a blacklist on both the pf.conf firewall


I offer my condolences. Part of why I still run some things (including 
my personal Postfix instance) on older MacOS is that the newer and 
objectively better pf firewall has persistently confused me and I have 
all these little tools for ipfw that work around even the Apple-custom 
breakages in it. However, I do have *some* familiarity with pf so I can 
try to help.


If you THINK you have the IP blocked by a rule in pf.conf yet clearly do 
not, that's a serious problem. Either pf is turned off or there's a rule 
ordering problem or something more arcane, but in any case pf isn't 
doing what you think it should be doing, and that's never a good thing 
in a firewall. The first thing to check is whether you actually have an 
active pf rule or rules related to that IP, which you might not. Easy 
enough to check with the command:


pfctl -v -s rules

That will list your rules with some stats, and near the end of the list 
should be something like these:


	block return in log quick inet proto tcp from 174.46.142.137 to any 
port = 25

 [ Evaluations: 15858 Packets: 0 Bytes: 0 States: 0 ]
 [ Inserted: uid 0 pid 77467 ]
	block return in log quick inet proto tcp from 174.46.142.137 to any 
port = 465

 [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
 [ Inserted: uid 0 pid 77467 ]
	block return in log quick inet proto tcp from 174.46.142.137 to any 
port = 587

 [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
 [ Inserted: uid 0 pid 77467 ]

Which is the three active rules that would be generated by having this 
at the end of /etc/pf.conf when it was last reloaded:


	block return in log quick proto tcp from 174.46.142.137 to any port 
{25,465,587}


Your rule may differ in small ways, yet be entirely reasonable. If you 
have a rule in pf.conf that doesn't seem to have resulted in one or more 
in the active listing, maybe you just forgot to reload:


pfctl -f /etc/pf.conf

Or if the rule shows in the active list but isn't working, maybe this 
will help:


pfctl -e

Problem with BCC in content_filter

[Paweł Grzesik]

Hi All,

I'm having a problem when an e-mail has BCC. The problem is that I don't
see anything at my logs in my script, or in strace. It's somehow missing.
I'm sure that postfix (pipe) is calling my script since I have at the logs:

Mar  4 22:52:08 mailtest postfix/qmgr[16324]: EA9ACC794C:
from=, size=1511, nrcpt=2 (queue active)
Mar  4 22:52:09 mailtest postfix/pipe[16692]: EA9ACC794C: to=,
relay=dlp, delay=1.1, delays=0.31/0.01/0/0.78, dsn=2.0.0, status=sent
(delivered via tool service)
Mar  4 22:52:09 mailtest postfix/pipe[16693]: EA9ACC794C: to=,
relay=dlp, delay=1.1, delays=0.31/0.01/0/0.82, dsn=2.0.0, status=sent
(delivered via tool service)
Mar  4 22:52:09 mailtest postfix/qmgr[16324]: EA9ACC794C: removed

So as I see there is a:

(delivered via tool service)

in both to= and bcc= (which is the second one: ptwo@).
But then in my tool I don't see anything except the first testone@ -> pone@.
Nothing about ptwo@.
I used strace in content_filter but it's exactly the same result. Nothing
about ptwo@.

Am I doing somethings wrong? How can I debug it?

Thanks,
Pawel

Re: How can I block this user...

[Christian Kivalo]

On 2016-03-04 14:39, Robert Chalmers wrote:

How can I block this user from even attempting to access the mail
server?
Mac. OSX 10.11
Postfix.

I’ve even tried setting it in the firewall - but I’m missing
something, because there it is again...

I have the domain IP in a blacklist on both the pf.conf firewall, and
the postfix blacklist, and in spamassassin … impossible. I can not
stop this sucker.


What do you take as identifier for the user?

IP? Hostname?

Do you have more logs that show connections for this user / the same 
user?



Mar  4 12:41:48 zeus postfix/smtpd[1811]: connect from mail.bmwlaw.com
[1][174.46.142.137]
Mar  4 12:41:48 zeus postfix/smtpd[1811]: setting up TLS connection
from mail.bmwlaw.com [1][174.46.142.137]
Mar  4 12:41:48 zeus postfix/smtpd[1811]: mail.bmwlaw.com
[1][174.46.142.137]: TLS cipher list
"aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!SSLv2:!aNULL:!ADH:!eNULL"
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:before/accept
initialization
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client
hello A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
server hello A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
certificate A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write key
exchange A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
server done A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client
certificate A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client
key exchange A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read
certificate verify A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read
finished A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
change cipher spec A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
finished A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
Mar  4 12:41:48 zeus postfix/smtpd[1811]: Anonymous TLS connection
established from mail.bmwlaw.com [1][174.46.142.137]: TLSv1 with
cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Mar  4 12:41:49 zeus postfix/smtpd[1811]: NOQUEUE: reject: RCPT from
mail.bmwlaw.com [1][174.46.142.137]: 450 4.7.1 : Helo command rejected: Host not found; from=<>
to= proto=ESMTP
helo=
Mar  4 12:41:51 zeus postfix/smtpd[1811]: disconnect from
mail.bmwlaw.com [1][174.46.142.137] ehlo=2 starttls=1 mail=1 rcpt=0/1
quit=1 commands=5/6


You should leave smtpd_tls_loglevel set to the default of "1". Makes the 
logs easier to read.



The only thing I can think, is that soemthing is turning it back on,
after being turned off.?

postconf -n below.

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
default_rbl_reply = $rbl_code Service unavailable; $rbl_class
[$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} - see
http://$rbl_domain.
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
home_mailbox = Mail/Dovecot/
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
lmtp_tls_ciphers = $smtpd_tls_ciphers
lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
mail_owner = _postfix
mailbox_command = /usr/bin/procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 0
meta_directory = /usr/local/etc/postfix
milter_default_action = accept
mydestination = localhost mail.$mydomain, www.$mydomain
myhostname = zeus.chalmers.com.au [3]
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
non_smtpd_milters = inet:127.0.0.1:8891
postscreen_access_list = permit_mynetworks,
cidr:/usr/local/etc/postfix/postscreen_access.cidr,
cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit =
$smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?10}${stress:300}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps =
$smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_dnsbl_action = 

Re: Postfix Mailman integration

[@lbutlr]

On Feb 29, 2016, at 11:15 PM, Patrick Ben Koetter  wrote:
> * @lbutlr :
>> On Sun Feb 28 2016 19:56:48 Ruben Safir   said:
>>> 
>>> Maybe I'm just in a bad mood, but my view of mailmans software 
>>> archetecture, at this point, is very low.  He tries very hard to help 
>>> people and to work on it, but I think it is broken at the core.
>> 
>> I am not currently hosting any mailing lists, but I have used mailman for 
>> many years in the past, and I find this statement is not indicative of the 
>> software I ran.
> 
> At python.org we currently run ~300 hundred mailing lists without any issues 
> at all. We've been running them for about 10 years without any problems.

Yep, sounds about right to me.

The only problems I ever had with mailman were self-inflicted. And Mark has the 
patience of a saint when dealing with people with self-inflicted problems.

-- 
Han : Not a bad bit of rescuing, huh? You know, sometimes I amaze even
myself. Leia: That doesn't sound too hard.

Re: Postfix and UUCP

[@lbutlr]

On Mar 1, 2016, at 11:17 PM, Wolfe, Robert  wrote:
> Is this the only way that this can be done and if so, has anyone on the 
> mailing list ever successfully implemented the setup documented here?

I last used UUCP for a similar purpose, to get email and USENET posts from an 
BBS out to the Internet (though it was not with postfix as far as I recall). I 
doubt that any development or improvements have been made to this, as UUCP is 
nearly never used and dates from the days of email addresses with ! or % in 
them.

The setup looks reasonably straightforward, what problems are you seeing there?

-- 
In the words of one of the founding Igors: 'We belong dead? Ecthcuthe
me? Where doeth it thay "we"?'

Re: SPF

[@lbutlr]

On Mar 1, 2016, at 6:22 AM, Scott Kitterman  wrote:
> On Tuesday, March 01, 2016 10:19:26 AM JosC wrote:
>> Just upgraded to Postfix 3 - thanks for this release!
>> With SPF validation I now get stuck on following in my main.cfg:
>> 
>> Feb 29 10:14:33 ceto postfix/smtpd[50770]: warning: unknown smtpd
>> restriction: "reject_spf_invalid_sender" Feb 29 10:14:33 ceto
>> postfix/smtpd[50773]: warning: unknown smtpd restriction:
>> "permit_spf_valid_sender"
>> 
>> Can you tell me how to solve this?
> 
> It looks like you were using a postfix that had been patched internally to 
> add 
> SPF checking with libspf2 [1].  You don't say where your postfix came from, 
> but 
> I suspect the package provider dropped those patches since they were never, 
> as 
> far as I know, ported to postfix 3 (and it's been recommended to do this kind 
> of check via a policy service since that interface was introduced in postfix 
> 2.1).

I had this problem with ports under FreeBSD 9.2, IIRC. I removed the lisp from 
make setup and had no further problems.


-- 
I AM ZOMBOR! (kelly) ZOMBOR!

Re: How can I block this user...

[Phil Stracchino]

On 03/04/16 08:39, Robert Chalmers wrote:
> How can I block this user from even attempting to access the mail server?
> Mac. OSX 10.11
> Postfix.
> 
> I’ve even tried setting it in the firewall - but I’m missing something,
> because there it is again...
> 
> I have the domain IP in a blacklist on both the pf.conf firewall, and
> the postfix blacklist, and in spamassassin … impossible. I can not stop
> this sucker.

If you've blocked the source IP at your firewall, and it's still coming
through, then either you applied the block incorrectly, or the IP is
spoofed and you're blocking the wrong source IP.  You need to spend some
quality time with your firewall and Postfix logs and tcpdump/wireshark.


-- 
  Phil Stracchino
  Babylon Communications
  ph...@caerllewys.net
  p...@co.ordinate.org
  Landline: 603.293.8485

Re: How can I block this user...

[Robert Chalmers]

thanks, that seems to work - how to make it permanent next …

but, it should be working in postfix in any case shouldn’t it?

Wep, weekend coming up.
Robert

> On 4 Mar 2016, at 13:48, L.P.H. van Belle  wrote:
> 
> Very simple, route it to localhost. 
>  
> Like : 
> route add -host 174.46.142.137 127.0.0.1 
>  
> Have a nice weekend ;-) 
>  
>  
> Greetz, 
>  
> Louis
>  
>  
> Van: rob...@chalmers.com.au [mailto:owner-postfix-us...@postfix.org] Namens 
> Robert Chalmers
> Verzonden: vrijdag 4 maart 2016 14:39
> Aan: Postfix users
> Onderwerp: How can I block this user...
>  
> How can I block this user from even attempting to access the mail server?
> Mac. OSX 10.11
> Postfix.
>  
> I’ve even tried setting it in the firewall - but I’m missing something, 
> because there it is again...
>  
> I have the domain IP in a blacklist on both the pf.conf firewall, and the 
> postfix blacklist, and in spamassassin … impossible. I can not stop this 
> sucker.
>  
>  
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: connect from 
> mail.bmwlaw.com[174.46.142.137]
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: setting up TLS connection from 
> mail.bmwlaw.com[174.46.142.137]
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: mail.bmwlaw.com[174.46.142.137]: 
> TLS cipher list 
> "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!SSLv2:!aNULL:!ADH:!eNULL"
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:before/accept 
> initialization
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client hello A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write server hello 
> A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write certificate A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write key exchange 
> A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write server done A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client 
> certificate A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client key 
> exchange A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read certificate 
> verify A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read finished A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write change 
> cipher spec A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write finished A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: Anonymous TLS connection 
> established from mail.bmwlaw.com[174.46.142.137]: TLSv1 with cipher 
> ECDHE-RSA-AES256-SHA (256/256 bits)
> Mar  4 12:41:49 zeus postfix/smtpd[1811]: NOQUEUE: reject: RCPT from 
> mail.bmwlaw.com[174.46.142.137]: 450 4.7.1 : Helo 
> command rejected: Host not found; from=<> 
> to= proto=ESMTP 
> helo=
> Mar  4 12:41:51 zeus postfix/smtpd[1811]: disconnect from 
> mail.bmwlaw.com[174.46.142.137] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 
> commands=5/6
>  
>  
> The only thing I can think, is that soemthing is turning it back on, after 
> being turned off.?
>  
>  
> postconf -n below.
>  
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/local/sbin
> compatibility_level = 2
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/local/libexec/postfix
> data_directory = /var/lib/postfix
> debug_peer_level = 2
> debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb 
> $daemon_directory/$process_name $process_id & sleep 5
> default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] 
> blocked using $rbl_domain${rbl_reason?; $rbl_reason} - see http://$rbl_domain.
> disable_vrfy_command = yes
> dovecot_destination_recipient_limit = 1
> home_mailbox = Mail/Dovecot/
> html_directory = /usr/share/doc/postfix/html
> inet_interfaces = all
> inet_protocols = all
> lmtp_tls_ciphers = $smtpd_tls_ciphers
> lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
> mail_owner = _postfix
> mailbox_command = /usr/bin/procmail -a "$EXTENSION"
> mailbox_size_limit = 0
> mailq_path = /usr/local/bin/mailq
> manpage_directory = /usr/share/man
> message_size_limit = 0
> meta_directory = /usr/local/etc/postfix
> milter_default_action = accept
> mydestination = localhost mail.$mydomain, www.$mydomain
> myhostname = zeus.chalmers.com.au
> mynetworks_style = host
> newaliases_path = /usr/local/bin/newaliases
> non_smtpd_milters = inet:127.0.0.1:8891
> postscreen_access_list = permit_mynetworks, 
> cidr:/usr/local/etc/postfix/postscreen_access.cidr, 
> cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr
> postscreen_bare_newline_action = ignore
> postscreen_bare_newline_enable = no
> postscreen_bare_newline_ttl = 30d
> postscreen_blacklist_action = drop
> postscreen_cache_cleanup_interval = 12h
> 

How can I block this user...

[Robert Chalmers]

How can I block this user from even attempting to access the mail server?
Mac. OSX 10.11
Postfix.

I’ve even tried setting it in the firewall - but I’m missing something, because 
there it is again...

I have the domain IP in a blacklist on both the pf.conf firewall, and the 
postfix blacklist, and in spamassassin … impossible. I can not stop this sucker.


Mar  4 12:41:48 zeus postfix/smtpd[1811]: connect from mail.bmwlaw.com 
[174.46.142.137]
Mar  4 12:41:48 zeus postfix/smtpd[1811]: setting up TLS connection from 
mail.bmwlaw.com [174.46.142.137]
Mar  4 12:41:48 zeus postfix/smtpd[1811]: mail.bmwlaw.com 
[174.46.142.137]: TLS cipher list 
"aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!SSLv2:!aNULL:!ADH:!eNULL"
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:before/accept 
initialization
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client hello A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write server hello A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write certificate A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write key exchange A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write server done A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client 
certificate A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client key 
exchange A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read certificate 
verify A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read finished A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write change cipher 
spec A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write finished A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
Mar  4 12:41:48 zeus postfix/smtpd[1811]: Anonymous TLS connection established 
from mail.bmwlaw.com [174.46.142.137]: TLSv1 with 
cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Mar  4 12:41:49 zeus postfix/smtpd[1811]: NOQUEUE: reject: RCPT from 
mail.bmwlaw.com [174.46.142.137]: 450 4.7.1 
http://bmw-ex2010.bmwroa.com/>>: Helo command rejected: 
Host not found; from=<> to=> proto=ESMTP 
helo=http://bmw-ex2010.bmwroa.com/>>
Mar  4 12:41:51 zeus postfix/smtpd[1811]: disconnect from mail.bmwlaw.com 
[174.46.142.137] ehlo=2 starttls=1 mail=1 rcpt=0/1 
quit=1 commands=5/6


The only thing I can think, is that soemthing is turning it back on, after 
being turned off.?


postconf -n below.

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb 
$daemon_directory/$process_name $process_id & sleep 5
default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] 
blocked using $rbl_domain${rbl_reason?; $rbl_reason} - see http://$rbl_domain.
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
home_mailbox = Mail/Dovecot/
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
lmtp_tls_ciphers = $smtpd_tls_ciphers
lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
mail_owner = _postfix
mailbox_command = /usr/bin/procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 0
meta_directory = /usr/local/etc/postfix
milter_default_action = accept
mydestination = localhost mail.$mydomain, www.$mydomain
myhostname = zeus.chalmers.com.au
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
non_smtpd_milters = inet:127.0.0.1:8891
postscreen_access_list = permit_mynetworks, 
cidr:/usr/local/etc/postfix/postscreen_access.cidr, 
cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?10}${stress:300}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps = 
$smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_dnsbl_action = enforce