[postfix-users] Spamassassin will nicht mehr
Matthias Schmidt
beta at admilon.net
Sa Sep 6 04:52:19 CEST 2008
Am/On Sat, 6 Sep 2008 00:29:00 +0000 schrieb/wrote Stefan Fricke:
>Hallo, ich kriege beim Start von Postfix immer folgende Warnung:
>
>postfix/qmgr[xxxx]: warning: connect to transport spamassassin:
>Connection refused
>
>Mail wird zwar angenommen, aber nicht ausgeliefert.
>
>Die Versionen sind:
>Postfix 2.5.4
>Amavisd-New 2.5.1
>Spamassassin 3.2.3
>
>Das alles unter Opensuse 10.3.
bei mir läuft zwar ein Mäc, das sollte aber nicht viel anders sein ....
Lief denn Deine Konfiguration schon mal oder noch gar nicht?
laufen den Amavisd und Spamassassin überhaupt?
Ich hatte mal einen ähnlichen Fall, da wurde der Prozess beim Startup
erst gar nicht gestartet.
Was mir unten hier aufgefallen ist:
In meiner Postfix-Konfig steht die IP des localhost, statt localhost,
wie bei Dir:
127.0.0.1:10025 inet n - y - - smtpd
in meiner amavisd Konfig steht:
@inet_acl = qw( 127.0.0.1 );
statt
>@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
> 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
bei den domains sieht das bei mir so aus:
@local_domains_acl = ( ".$mydomain", ....
alternativ, wenn alles gescannt werden soll:
@local_domains_acl = (1);
Du hast:
>@local_domains_maps = ( [".$mydomain"] ); # list of all local domains
>
vielleicht hilft's ja was
schönes Wochenende
Matthias
>
>Hier meine Konfigurationsdaten:
>
>--------- master.cf ----------------
>
>smtp inet n - n - - smtpd
>smtpd_tls_wrappermode=yes
>pickup fifo n - n 60 1 pickup
>cleanup unix n - n - 0 cleanup
>qmgr fifo n - n 300 1 qmgr
>rewrite unix - - n - - trivial-rewrite
>bounce unix - - n - 0 bounce
>defer unix - - n - 0 bounce
>trace unix - - n - 0 bounce
>verify unix - - n - 1 verify
>flush unix n - n 1000? 0 flush
>proxymap unix - - n - - proxymap
>smtp unix - - n - - smtp
>loops
>relay unix - - n - - smtp
> -o fallback_relay=
>showq unix n - n - - showq
>error unix - - n - - error
>discard unix - - n - - discard
>local unix - n n - - local
>virtual unix - n n - - virtual
>lmtp unix - - n - - lmtp
>anvil unix - - n - 1 anvil
>localhost:10025 inet n - n - - smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o mynetworks=127.0.0.0/8
> -o strict_rfc821_envelopes=yes
>scache unix - - n - 1 scache
>
>
>maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m $
>{extension} ${user}
>uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>($recipient)
>ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
>procmail unix - n n - - pipe
> flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc $
>{sender} ${recipient}
>retry unix - - n - - error
>smtp-amavis unix - - y - 2 smtp
> -o smtp_data_done_timeout=1200
> -o disable_dns_lookups=yes
>tlsmgr unix - - n 1000? 1 tlsmgr
>
>------------- main.cf ---------------------
>
>queue_directory = /var/spool/postfix
>command_directory = /usr/sbin
>daemon_directory = /usr/lib/postfix
>mail_owner = postfix
>mydomain = xxxxxxxxxxxxxxxxxxxxxxxxxxxx
>mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
>unknown_local_recipient_reject_code = 550
>alias_database = hash:/etc/aliases
>debug_peer_level = 2
>debugger_command =
> PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
> xxgdb $daemon_directory/$process_name $process_id & sleep 5
>sendmail_path = /usr/sbin/sendmail
>newaliases_path = /usr/bin/newaliases
>mailq_path = /usr/bin/mailq
>setgid_group = maildrop
>html_directory = /usr/share/doc/packages/postfix/html
>manpage_directory = /usr/share/man
>sample_directory = /usr/share/doc/packages/postfix/samples
>readme_directory = /usr/share/doc/packages/postfix/README_FILES
>inet_protocols = all
>biff = no
>mail_spool_directory = /var/mail
>canonical_maps = hash:/etc/postfix/canonical
>virtual_alias_maps = regexp:/etc/postfix/user-virtual hash:/etc/postfix/
>virtual
>relocated_maps = hash:/etc/postfix/relocated
>transport_maps = hash:/etc/postfix/transport
>sender_canonical_maps = hash:/etc/postfix/sender_canonical
>masquerade_exceptions = root
>masquerade_classes = envelope_sender, header_sender, header_recipient
>myhostname = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>program_directory = /usr/lib/postfix
>inet_interfaces = all
>masquerade_domains =
>mydestination = xxxxxxxxxxxxxxxxxxxxxxxxxxx
>virtual_alias_domains = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>defer_transports =
>disable_dns_lookups = no
>relayhost =
>mailbox_command = /usr/bin/procmail -f- -a "$USER"
>mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
>smtpd_sender_restrictions = hash:/etc/postfix/access
>smtpd_client_restrictions = permit_sasl_authenticated,
>smtpd_helo_required = no
>smtpd_helo_restrictions =
>strict_rfc821_envelopes = no
>smtpd_recipient_restrictions = permit_sasl_authenticated,
>permit_mynetworks,reject_unauth_destination
>smtp_sasl_auth_enable = no
>smtpd_sasl_auth_enable = yes
>smtpd_use_tls = no
>smtp_use_tls = no
>alias_maps = hash:/etc/aliases
>mailbox_size_limit = 0
>message_size_limit = 102400000
>content_filter = smtp-amavis:[127.0.0.1]:10024
>
>---------------- amavisd.conf -----------------------------
>
>use strict;
>
># COMMONLY ADJUSTED SETTINGS:
>
>$max_servers = 2; # num of pre-forked children (2..15 is
>common), -m
>$daemon_user = 'vscan'; # (no default; customary: vscan or amavis), -u
>$daemon_group = 'vscan'; # (no default; customary: vscan or amavis), -g
>
># postfix-specific
># $smtp_port = '10025';
># $localhost_name = "localhost";
># $localhost_ip = "127.0.0.1";
>
>$mydomain = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; # a convenient default
>for other settings
>
>$MYHOME = '/var/spool/amavis'; # a convenient default for other
settings, -H
>$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T
>$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc.
>$QUARANTINEDIR = '/var/spool/amavis/virusmails'; # -Q
>$log_level = 0; # verbosity 0..5, -d
>$log_recip_templ = undef; # disable by-recipient level-0 log entries
>$DO_SYSLOG = 1; # log via syslogd (preferred)
>$syslog_facility = 'mail'; # Syslog facility as a string
> # e.g.: mail, daemon, user, local0, ... local7
>$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
> # choose from: emerg, alert, crit, err, warning, notice,
>info, debug
>
>$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and
nanny)
>$enable_global_cache = 1; # enable use of libdb-based cache if
$enable_db=1
>$nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed
>
>@local_domains_maps = ( [".$mydomain"] ); # list of all local domains
>
>@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
> 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
>
>$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-
milter
> # option(s) -p overrides $inet_socket_port and
$unix_socketname
>
>$inet_socket_port = 10024; # listen on this local TCP port(s)
>$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
> originating => 1, # is true in MYNETS by default, but let's make it
>explicit
> os_fingerprint_method => undef, # don't query p0f for internal clients
>};
>
>filtering
>$interface_policy{'10026'} = 'ORIGINATING';
>
>$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users
> originating => 1, # declare that mail was submitted by our smtp client
> allow_disclaimers => 1, # enables disclaimer insertion if available
> # notify administrator of locally originating malware
> virus_admin_maps => ["virusalert\@$mydomain"],
> spam_admin_maps => ["virusalert\@$mydomain"],
> warnbadhsender => 1,
> forward_method => 'smtp:[127.0.0.1]:10027',
> smtpd_discard_ehlo_keywords => ['8BITMIME'],
> bypass_banned_checks_maps => [1], # allow sending any file names and types
> terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS
option
>};
>
>$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with
>$unix_socketname
>
>$policy_bank{'AM.PDP-SOCK'} = {
> protocol => 'AM.PDP',
> auth_required_release => 0, # do not require secret_id for amavisd-release
>};
>
>$sa_tag_level_deflt = -999; # add spam info headers if at, or above
>that level
>$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
>$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
>$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
>
>$sa_spam_subject_tag = '***SPAM***';
>
>$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is
>larger
>$sa_local_tests_only = 0; # only tests which do not require internet
>access?
>
>['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'],
>$virus_admin = "virusalert\@$mydomain"; # notifications recip.
>
>$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
>$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
>$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
>$mailfrom_to_quarantine = ''; # null return path; uses original sender
>if undef
>
>@addr_extension_virus_maps = ('virus');
>@addr_extension_banned_maps = ('banned');
>@addr_extension_spam_maps = ('spam');
>@addr_extension_bad_header_maps = ('badh');
>
>$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
># $dspam = 'dspam';
>
>$MAXLEVELS = 14;
>$MAXFILES = 1500;
>$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
>$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
>
>$sa_spam_subject_tag = '***SPAM*** ';
>$defang_virus = 1; # MIME-wrap passed infected mail
>$defang_banned = 1; # MIME-wrap passed mail containing banned name
>$defang_by_ccat{+CC_BADH.",3"} = 1; # NUL or CR character in header
>$defang_by_ccat{+CC_BADH.",5"} = 1; # header line longer than 998 characters
>$defang_by_ccat{+CC_BADH.",6"} = 1; # header field syntax error
>
>
>
>$myhostname = 'xxxxxxxxxxxxxxxxxxxxxxxxxx';
>
># SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all)
>
>@keep_decoded_original_maps = (new_RE(
> qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains
>undecipherables
> qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
>$banned_filename_re = new_RE(
>
> qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary
> qr'.\.(pif|scr)$'i, # banned extensions - rudimentary
> qr'^application/x-msdownload$'i, # block these MIME types
> qr'^application/x-msdos-program$'i,
> qr'^application/hta$'i,
>
> qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.
>\s]*$'i,
>
>
> qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic
>
>);
>
>@score_sender_maps = ({ # a by-recipient hash lookup table,
> # results from all matching recipient tables are
>summed
>
> '.' => [ # the _first_ matching sender determines the score boost
>
> new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
> [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
> [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
> [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
> [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
> [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
> [qr'^(your_friend|greatoffers)@'i => 5.0],
> [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
> ),
>
>
> { # a hash-type lookup table (associative array)
> 'nobody at cert.org' => -3.0,
> 'cert-advisory at us-cert.gov' => -3.0,
> 'owner-alert at iss.net' => -3.0,
> 'slashdot at slashdot.org' => -3.0,
> 'securityfocus.com' => -3.0,
> 'ntbugtraq at listserv.ntbugtraq.com' => -3.0,
> 'security-alerts at linuxsecurity.com' => -3.0,
> 'mailman-announce-admin at python.org' => -3.0,
> 'amavis-user-admin at lists.sourceforge.net'=> -3.0,
> 'amavis-user-bounces at lists.sourceforge.net' => -3.0,
> 'spamassassin.apache.org' => -3.0,
> 'notification-return at lists.sophos.com' => -3.0,
> 'owner-postfix-users at postfix.org' => -3.0,
> 'owner-postfix-announce at postfix.org' => -3.0,
> 'owner-sendmail-announce at lists.sendmail.org' => -3.0,
> 'sendmail-announce-request at lists.sendmail.org' => -3.0,
> 'donotreply at sendmail.org' => -3.0,
> 'ca+envelope at sendmail.org' => -3.0,
> 'noreply at freshmeat.net' => -3.0,
> 'owner-technews at postel.acm.org' => -3.0,
> 'ietf-123-owner at loki.ietf.org' => -3.0,
> 'cvs-commits-list-admin at gnome.org' => -3.0,
> 'rt-users-admin at lists.fsck.com' => -3.0,
> 'clp-request at comp.nus.edu.sg' => -3.0,
> 'surveys-errors at lists.nua.ie' => -3.0,
> 'emailnews at genomeweb.com' => -5.0,
> 'yahoo-dev-null at yahoo-inc.com' => -3.0,
> 'returns.groups.yahoo.com' => -3.0,
> 'clusternews at linuxnetworx.com' => -3.0,
> lc('lvs-users-admin at LinuxVirtualServer.org') => -3.0,
> lc('owner-textbreakingnews at CNNIMAIL12.CNN.COM') => -5.0,
>
> # soft-blacklisting (positive score)
> 'sender at example.net' => 3.0,
> '.example.net' => 1.0,
>
> },
> ], # end of site-wide tables
>});
>
>
>@decoders = (
> ['mail', \&do_mime_decode],
> ['asc', \&do_ascii],
> ['uue', \&do_ascii],
> ['hqx', \&do_ascii],
> ['ync', \&do_ascii],
> ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
> ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
> ['gz', \&do_uncompress, 'gzip -d'],
> ['gz', \&do_gunzip],
> ['bz2', \&do_uncompress, 'bzip2 -d'],
> ['lzo', \&do_uncompress, 'lzop -d'],
> ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
> ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
> ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
> ['deb', \&do_ar, 'ar'],
># ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill
> ['zip', \&do_unzip],
> ['7z', \&do_7zip, ['7zr','7za','7z'] ],
> ['rar', \&do_unrar, ['rar','unrar'] ],
> ['arj', \&do_unarj, ['arj','unarj'] ],
> ['arc', \&do_arc, ['nomarch','arc'] ],
> ['zoo', \&do_zoo, ['zoo','unzoo'] ],
> ['lha', \&do_lha, 'lha'],
># ['doc', \&do_ole, 'ripole'],
> ['cab', \&do_cabextract, 'cabextract'],
> ['tnef', \&do_tnef_ext, 'tnef'],
> ['tnef', \&do_tnef],
># ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder
> ['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
>);
>
>
>@av_scanners = (
>
>@av_scanners_backup = (
>
> ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
> ['ClamAV-clamscan', 'clamscan',
> "--stdout --no-summary -r --tempdir=$TEMPBASE {}",
> [0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
>
>);
>
>
>1; # insure a defined return
>
>----------------------------------------------------
>
>Wo hängt es?
>
>__________________________________________________
>Do You Yahoo!?
>Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz
>gegen Massenmails.
>http://mail.yahoo.com
>_______________________________________________
>postfix-users mailing list
>postfix-users at de.postfix.org
>http://de.postfix.org/cgi-bin/mailman/listinfo/postfix-users
>
Thanks and all the best
Matthias
More information about the postfix-users
mailing list