Tweaking Log Entries
I get a lot of the following kinds of log entries: May 6 03:24:46 wiggle_butt postfix/smtpd[20899]: connect from unknown[59.94.131.218] May 6 03:24:48 wiggle_butt postfix/smtpd[20899]: NOQUEUE: reject: RCPT from unknown[59.94.131.218]: 454 4.7.1 Service unavailable;$ May 6 03:24:49 wiggle_butt postfix/smtpd[20899]: lost connection after DATA from unknown[59.94.131.218] May 6 03:24:49 wiggle_butt postfix/smtpd[20899]: disconnect from unknown[59.94.131.218] May 6 03:24:50 wiggle_butt postfix/smtpd[20899]: warning: 121.246.80.192: hostname 121.246.80.192.ahmedabad-static.vsnl.net.in ver$ May 6 03:24:50 wiggle_butt postfix/smtpd[20899]: connect from unknown[121.246.80.192] May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: NOQUEUE: reject: RCPT from unknown[121.246.80.192]: 454 4.7.1 Service unavailable$ May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: lost connection after RCPT from unknown[121.246.80.192] May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: disconnect from unknown[121.246.80.192] My presumption is that these are all spam. I'd like to be able to suppress, or at least reduce, the number of log entries being generated as a result of bouncing this stuff. Is there a way to configure postfix to do that? I know that I'd be losing valuable information if I ever had a legitimate mail delivery problem. But I've never actually run into that. Thanks in advance. - Mark __ Information from ESET NOD32 Antivirus, version of virus signature database 5092 (20100506) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
mailman integration question
Thanks to mouss and others for helping me figure out how to configure postfix and amavisd to route mail to different endpoints based on whether the address is in a subdomain. I'm running into a GID problem in the interface between mailman and postfix. Here's the error message: (Command died with status 2: /usr/mailman/mail/mailman post mailman. Command output: Group mismatch error. Mailman expected the mail wrapper script to be executed as group mailman, but the system's mail server executed the mail script as group nogroup. Try tweaking the mail server to run the script as group mailman, or re-run configure, providing the command line option `--with-mail-gid=nogroup'.) In googling the problem I came across one purported solution which involved simply creating a separate aliases file for mailman aliases, whose group ownership was set to mailman. That didn't work, nor did setting the separate aliases file's group ownership to nogroup. Before I go in and reconfigure mailman I thought I'd check here and in the mailman users group to see if anyone had any other alternative solutions. - Mark Too much sanity may be madness! But maddest of all -- to see life as it is and not as it should be. __ Information from ESET NOD32 Antivirus, version of virus signature database 3677 (20081209) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
RE: mailman integration question
Thanks for confirming that. I'll go ahead and recompile mailman. - Mark Too much sanity may be madness! But maddest of all -- to see life as it is and not as it should be. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wietse Venema Sent: Tuesday, December 09, 2008 11:02 AM To: Postfix users Subject: Re: mailman integration question Mark A. Olbert: That's what I did, but it didn't work. Nor did chgrp nogroup. Postfix does not use the group of the aliases file. You may have to re-compile mailman so it expects the right group. Wietse __ Information from ESET NOD32 Antivirus, version of virus signature database 3678 (20081209) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com __ Information from ESET NOD32 Antivirus, version of virus signature database 3678 (20081209) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
RE: Info on Filtering Mail based on subdomain
: Info on Filtering Mail based on subdomain Mark A. Olbert a écrit : Sorry about the line endings. Let me try again: Error message: [EMAIL PROTECTED]:/etc/postfix# mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- 140DC2741FE 459 Sun Dec 7 17:57:07 [EMAIL PROTECTED] (host 127.0.0.1[127.0.0.1] said: 550 5.7.1 Unable to relay (in reply to end of DATA command)) [EMAIL PROTECTED] Always look at logs. They contain more infos than bounces or mailq output. postconf -n: [snip] mydestination = $myhostname, localhost.$mydomain, $mydomain, mail.$mydomain, www.$mydomain, ftp.$mydomain, list.$mydomain so list.arcabama.com is in mydestination. [snip] transport_maps = hash:/etc/postfix/transport can you show the contents of transport_maps? unknown_local_recipient_reject_code = 550 unverified_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual __ Information from ESET NOD32 Antivirus, version of virus signature database 3671 (20081208) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com __ Information from ESET NOD32 Antivirus, version of virus signature database 3671 (20081208) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
RE: Info on Filtering Mail based on subdomain
Hmm, no one listening on localhost port 25 is weird. I must've munged something
up in master.cf, but I'm not sure what. Here's what it looks like currently:
smtp inet n - n - - smtpd
pickupfifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounceunix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verifyunix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
# put in to support mailman
mailman unix - n n - - pipe
flags=FR user=mailman:mailman
argv=/usr/bin/mailman_wrapper.sh
${user} ${extension}
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmailunix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
scacheunix - - n - 1 scache
discard unix - - n - - discard
tlsmgrunix - - n 1000? 1 tlsmgr
465 inet n - n - - smtpd
# stuff added for reinjection/amavisd/maia mailguard
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o smtpd_milters=
-o local_header_rewrite_clients=
-o local_recipient_maps=
-o relay_recipient_maps=
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
I would have thought the local entry would mean a service was listening on
localhost port 25, but that must be incorrect given what was pointed out in an
earlier message.
Also, I did some more checking and found out that I've got maia mailguard
(amavisd) configured to re-inject mail that passes the spam filtering directly
to the exchange server. Someone on the maia users list suggested I change that
to re-inject it back into postfix, and configure postfix to deliver the mail to
either exchange or the unix box that hosts mailman. Is there a basic-level
howto on configuring postfix to do that?
- Mark
Too much sanity may be madness! But maddest of all -- to see life as it is and
not as it should be.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dario subbia
Cavallaro
Sent: Monday, December 08, 2008 7:24 AM
To: mouss
Cc: postfix-users@postfix.org
Info on Filtering Mail based on subdomain
I recently installed Exchange as my mail server, with postfix on a linux box serving as an anti-spam front end. This works great for all my regular mail. However, I'm having trouble figuring out how to integrate mailman into the setup. Previously, when mail delivery took place on my linux box with postfix it just worked. I think what I need to do is set postfix to distinguish between mail sent to my domain (e.g., [EMAIL PROTECTED]) and mail sent to a subdomain used only for mailman lists (e.g., [EMAIL PROTECTED]), and use a different final delivery mechanism for each. Domain mail (@arcabama.com) would continue to be sent to the Exchange server, while subdomain mail (@lists.arcabama.com) would be routed to mailman on the linux box. But I'm not sure if that's correct and, even if it is, I'm unclear as to how to proceed. I'd appreciate any hints, leads or tips. Thanks! - Mark Too much sanity may be madness! But maddest of all - -to see life as it is and not as it should be. __ Information from ESET NOD32 Antivirus, version of virus signature database 3669 (20081207) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
RE: Info on Filtering Mail based on subdomain
That almost makes sense, even in my ignorant state. Please bear with me.
I'm pretty sure I've overridden local because I use maia mailguard, which
re-injects email into the mail processing queue after running it through
amavisd/spamassassin. Here are the additions I made to the master.cf file when
I installed maia:
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o smtpd_milters=
-o local_header_rewrite_clients=
-o local_recipient_maps=
-o relay_recipient_maps=
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
If I remember the maia docs correctly, postfix does content filtering on the
mail by sending it to smtp-amavis, and then re-injects the result into
localhost (127.0.0.1) on port 10025 if it's not spam. But I'm not sure of that.
When I add a mailman transport, use a transport map and define the transport
map in main.cf I still get the same cannot relay error, which I think means
mail sent to @lists.arcabama.com is still being sent to the Exchange server,
when it should just be delivered to the local unix box.
Any other thoughts?
- Mark
Too much sanity may be madness! But maddest of all - -to see life as it is and
not as it should be.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of mouss
Sent: Sunday, December 07, 2008 4:12 PM
To: postfix-users@postfix.org
Subject: Re: Info on Filtering Mail based on subdomain
Mark A. Olbert a écrit :
I recently installed Exchange as my mail server, with postfix on a linux box
serving as an anti-spam front end. This works great for all my regular mail.
However, I'm having trouble figuring out how to integrate mailman into the
setup. Previously, when mail delivery took place on my linux box with postfix
it just worked.
I think what I need to do is set postfix to distinguish between mail sent to
my domain (e.g., [EMAIL PROTECTED]) and mail sent to a subdomain used only
for mailman lists (e.g., [EMAIL PROTECTED]), and use a different final
delivery mechanism for each. Domain mail (@arcabama.com) would continue to
be sent to the Exchange server, while subdomain mail (@lists.arcabama.com)
would be routed to mailman on the linux box.
But I'm not sure if that's correct and, even if it is, I'm unclear as to how
to proceed. I'd appreciate any hints, leads or tips. Thanks!
you can put lists.arcabama.com in mydestination. This way it will be
delivered by local. then use alias_maps to setup mailman aliases. This
assumes that you did not override or disable local.
An alternative is to define a mailman transport in master.cf.
something like
mailman unix - n n - - pipe
flags=FR user=mailman:mailman
argv=/usr/local/bin/mailman_wrapper.sh
${user} ${extension}
and use transport_maps:
lists.arcabama.com mailman:
__ Information from ESET NOD32 Antivirus, version of virus signature
database 3669 (20081207) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__ Information from ESET NOD32 Antivirus, version of virus signature
database 3669 (20081207) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
RE: Info on Filtering Mail based on subdomain
Error message: [EMAIL PROTECTED]:/etc/postfix# mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- 140DC2741FE 459 Sun Dec 7 17:57:07 [EMAIL PROTECTED] (host 127.0.0.1[127.0.0.1] said: 550 5.7.1 Unable to relay (in reply to end of DATA command)) [EMAIL PROTECTED] Output from postconf -n: alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/sbin debug_peer_level = 2 disable_vrfy_command = yes html_directory = no inet_interfaces = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/mail mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 1500 mydestination = $myhostname, localhost.$mydomain, $mydomain,mail.$mydomain, www.$mydomain, ftp.$mydomain, list.$mydomain mydomain = arcabama.com myhostname = mail.arcabama.com mynetworks = 192.168.1.0/24, 127.0.0.0/8 newaliases_path = /usr/bin/newaliases proxy_interfaces = 63.195.52.179 queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/share/doc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client sbl.spamhaus.org, reject_rbl_client list.dsbl.org, reject_rbl_client cbl.abuseat.org smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_unknown_recipient_domain, reject_unverified_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain smtpd_tls_CAfile = /etc/postfix/tls/arcabamaCAcert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/tls/mailssl.signed smtpd_tls_key_file = /etc/postfix/tls/mailssl.privkey smtpd_tls_loglevel = 0 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes soft_bounce = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 unverified_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual - Mark Too much sanity may be madness! But maddest of all - -to see life as it is and not as it should be. -Original Message- From: mouss [mailto:[EMAIL PROTECTED] Sent: Sunday, December 07, 2008 4:56 PM To: Mark A. Olbert Cc: postfix-users@postfix.org Subject: Re: Info on Filtering Mail based on subdomain Mark A. Olbert a écrit : That almost makes sense, even in my ignorant state. Please bear with me. I'm pretty sure I've overridden local because I use maia mailguard, which re-injects email into the mail processing queue after running it through amavisd/spamassassin. Here are the additions I made to the master.cf file when I installed maia: [snip] If I remember the maia docs correctly, postfix does content filtering on the mail by sending it to smtp-amavis, and then re-injects the result into localhost (127.0.0.1) on port 10025 if it's not spam. But I'm not sure of that. When I add a mailman transport, use a transport map and define the transport map in main.cf I still get the same cannot relay error, which I think means mail sent to @lists.arcabama.com is still being sent to the Exchange server, when it should just be delivered to the local unix box. Any other thoughts? Please show the log line where you see the error. I have no idea what cannot relay really means (Relay access denied is not the same thing as transport error... etc). Also show the output of 'postconf -n'. (you can hide private infos if you want, but do so coherently). the domain (lists.arcabama.com) must be listed in one of the available classes. as I said before, simply put it in mydestination and everything should be fine (you don't need to add a transport entry). __ Information from ESET NOD32 Antivirus, version of virus signature database 3669 (20081207) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com __ Information from ESET NOD32 Antivirus, version of virus signature database 3669 (20081207) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
RE: Info on Filtering Mail based on subdomain
Sorry about the line endings. Let me try again: Error message: [EMAIL PROTECTED]:/etc/postfix# mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- 140DC2741FE 459 Sun Dec 7 17:57:07 [EMAIL PROTECTED] (host 127.0.0.1[127.0.0.1] said: 550 5.7.1 Unable to relay (in reply to end of DATA command)) [EMAIL PROTECTED] postconf -n: alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/sbin debug_peer_level = 2 disable_vrfy_command = yes html_directory = no inet_interfaces = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/mail mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 1500 mydestination = $myhostname, localhost.$mydomain, $mydomain,mail.$mydomain, www.$mydomain, ftp.$mydomain, list.$mydomain mydomain = arcabama.com myhostname = mail.arcabama.com mynetworks = 192.168.1.0/24, 127.0.0.0/8 newaliases_path = /usr/bin/newaliases proxy_interfaces = 63.195.52.179 queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/share/doc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client sbl.spamhaus.org, reject_rbl_client list.dsbl.org, reject_rbl_client cbl.abuseat.org smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_unknown_recipient_domain, reject_unverified_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain smtpd_tls_CAfile = /etc/postfix/tls/arcabamaCAcert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/tls/mailssl.signed smtpd_tls_key_file = /etc/postfix/tls/mailssl.privkey smtpd_tls_loglevel = 0 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes soft_bounce = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 unverified_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual - Mark Too much sanity may be madness! But maddest of all - -to see life as it is and not as it should be. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark A. Olbert Sent: Sunday, December 07, 2008 4:35 PM To: postfix-users@postfix.org Subject: RE: Info on Filtering Mail based on subdomain That almost makes sense, even in my ignorant state. Please bear with me. I'm pretty sure I've overridden local because I use maia mailguard, which re-injects email into the mail processing queue after running it through amavisd/spamassassin. Here are the additions I made to the master.cf file when I installed maia: smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o smtpd_milters= -o local_header_rewrite_clients= -o local_recipient_maps= -o relay_recipient_maps= -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks If I remember the maia docs correctly, postfix does content filtering on the mail by sending it to smtp-amavis, and then re-injects the result into localhost (127.0.0.1) on port 10025 if it's not spam. But I'm not sure of that. When I add a mailman transport, use a transport map and define the transport map in main.cf I still get the same cannot relay error, which I think means mail sent to @lists.arcabama.com is still being sent to the Exchange server, when it should just be delivered to the local unix box. Any other thoughts? - Mark Too much sanity may be madness! But maddest of all - -to see life as it is and not as it should
