[postfix-es] SPF en Postfix con RHEL3 o derivados]

Salman ® informaciones en salman.es
Mar Ene 31 11:21:43 CET 2006 

Si estamos hablando siempre del mismo guion pero no me funciona :-(

El script en si mismo si esta correcto, ya lo he verificado:

=====================================================
4x4:/usr/libexec/postfix# perl smtpd-policy.cgi
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
helo_name=terrano.es
queue_id=8045F2AB23
sender=salva en terrano.es
recipient=correo en salman.es
client_address=1.2.3.4
client_name=salman.es
action=REJECT Please see http://www.openspf.org/why.html?sender=salva%40terrano.es&ip=1.2.3.4&receiver=4x4.info.tt


4x4:/usr/libexec/postfix# perl smtpd-policy.cgi
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
helo_name=terrano.es
queue_id=8045F2AB23
sender=salva en terrano.es
recipient=correo en salman.es
client_address=207.150.165.52
client_name=salman.es
action=DUNNO
=====================================================

Donde creo que esta el problema es en el master.cf
=====================================================
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
#qmgr fifo n - n 300 1 qmgr
qmgr fifo n - n 300 1 nqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
policy unix - n n - - spawn
user=nobody argv=/usr/bin/perl /usr/libexec/postfix/smtpd-policy.cgi

=====================================================
El mensaje de error que recibo en maillog es:

=====================================================
Jan 31 11:10:10 4x4 postfix/smtpd[12519]: fatal: dict_unix_open: unknown map name: private/policy
Jan 31 11:10:11 4x4 postfix/master[11497]: warning: process /usr/libexec/postfix/smtpd pid 12519 exit status 1
Jan 31 11:10:11 4x4 postfix/master[11497]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
=====================================================

----------
Salvador Guzmán
Salman PSL
Vigo, Galicia, España
+34 986-21.30.27
Móvil  679-Salman
Correo @Salman.ES
www.Salman.ES


----- Mensaje original ----- 
De: Cesar Rodriguez 
Para: informaciones en salman.es 
Enviado: martes, 31 de enero de 2006 10:22
Asunto: [Fwd: [postfix-es] SPF en Postfix con RHEL3 o derivados]


A ver si te refieres a este correo. En principio, el CentOS que creo que usas sería compatible. Ya me contaras.


Un saludo

-------- Mensaje original -------- From: - Mon Jan 1 00:00:00 1965
X-Persona: <Soporte>
Return-Path: <owner-postfix-es-outgoing en wl0.org>
Received: from mail.b2bi.es (mail.b2bi.es [194.149.216.59]) by mail1.b2bi.es (8.11.6/8.11.6) with ESMTP id i6T8M5B01904; Thu, 29 Jul 2004 10:22:05 +0200
Received: from localhost (unknown [127.0.0.1]) by mail.b2bi.es (Postfix) with ESMTP id 2CE303B770; Thu, 29 Jul 2004 08:22:06 +0000 (UTC)
Received: from mail.b2bi.es ([127.0.0.1]) by localhost (mail.b2bi.es [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22538-10; Thu, 29 Jul 2004 10:22:05 +0200 (CEST)
Received: from 156.Red-80-35-166.pooles.rima-tde.net (156.Red-80-35-166.pooles.rima-tde.net [80.35.166.156]) by mail.b2bi.es (Postfix) with ESMTP id 6EEF93B51F; Thu, 29 Jul 2004 10:22:02 +0200 (CEST)
Received: by unicorn.wl0.org (Postfix) id 6CF6F5511D; Thu, 29 Jul 2004 10:21:46 +0200 (CEST)
Delivered-To: postfix-es-outgoing en unicorn.wl0.org
Received: from localhost (localhost.WL0.org [127.0.0.1]) by unicorn.wl0.org (Postfix) with ESMTP id CE99D5511B for <postfix-es-outgoing en wl0.org>; Thu, 29 Jul 2004 10:21:45 +0200 (CEST)
Received: from 156.Red-80-35-166.pooles.rima-tde.net ([127.0.0.1]) by localhost (unicorn.wl0.org [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 74863-03 for <postfix-es-outgoing en wl0.org>; Thu, 29 Jul 2004 10:21:44 +0200 (CEST)
Received: by unicorn.wl0.org (Postfix, from userid 54) id 356FD315C; Thu, 29 Jul 2004 10:21:44 +0200 (CEST)
X-Original-To: postfix-es en wl0.org
Delivered-To: postfix-es en unicorn.wl0.org
Received: from localhost (localhost.WL0.org [127.0.0.1]) by unicorn.wl0.org (Postfix) with ESMTP id DC3585511A for <postfix-es en wl0.org>; Thu, 29 Jul 2004 10:21:41 +0200 (CEST)
Received: from 156.Red-80-35-166.pooles.rima-tde.net ([127.0.0.1]) by localhost (unicorn.wl0.org [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 72912-10 for <postfix-es en wl0.org>; Thu, 29 Jul 2004 10:21:40 +0200 (CEST)
Received: from mail.navegants.com (168.Red-213-96-90.pooles.rima-tde.net [213.96.90.168]) by unicorn.wl0.org (Postfix) with ESMTP id 4F61655118 for <postfix-es en wl0.org>; Thu, 29 Jul 2004 10:21:38 +0200 (CEST)
Received: from 172.26.0.2 (localhost.localdomain [127.0.0.1]) by mail.navegants.com (Postfix) with SMTP id 9E6811C4441 for <postfix-es en wl0.org>; Thu, 29 Jul 2004 10:31:34 +0200 (CEST)
Received: from 172.26.0.22 (SquirrelMail authenticated user josepm) by 172.26.0.2 with HTTP; Thu, 29 Jul 2004 10:31:34 +0200 (CEST)
Message-ID: <2231.172.26.0.22.1091089894.squirrel en 172.26.0.2>
Date: Thu, 29 Jul 2004 10:31:34 +0200 (CEST)
Subject: [postfix-es] SPF en Postfix con RHEL3 o derivados
From: Josep M. <websurfer en navegants.com>
To: postfix-es en wl0.org
Reply-To: websurfer en navegants.com
User-Agent: SquirrelMail/1.4.2-1
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
X-Priority: 3
Importance: Normal
X-Virus-Scanned: by amavisd-new at WL0.org
Sender: owner-postfix-es en wl0.org
Precedence: bulk
X-Virus-Scanned: by amavisd-new at WL0.org
X-Escaneado-Antivirus-B2BIntegral: Ok
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by mail1.b2bi.es id i6T8M5B01904



Espero que sirva a alguien.
Saludos
Josep



Como añadir SPF a Postfix 2.1 A Redhat Enterprise Linux 3 y Derivados.
Josep M. <websurfer en navegants.com>

- URLs Relacionadas.

http://spf.pobox.com/postfix-policyd.txt
http://spf.pobox.com/downloads.html
http://www.city-fan.org/ftp/contrib/perl-modules/



- Bajar e instalar estos paquetes  de
http://www.city-fan.org/ftp/contrib/perl-modules/


http://www.city-fan.org/ftp/contrib/perl-modules/SRPMS/perl-Mail-SPF-Query-1.997-3.src.rpm
http://www.city-fan.org/ftp/contrib/perl-modules/SRPMS/perl-Mail-SRS-0.30-3.src.rpm
http://www.city-fan.org/ftp/contrib/perl-modules/SRPMS/perl-Net-CIDR-Lite-0.15-3.src.rpm
http://www.city-fan.org/ftp/contrib/perl-modules/SRPMS/perl-Net-DNS-0.47-1.src.rpm

- Bajar http://spf.pobox.com/postfix-policyd.txt
- Quitarle la cabecera a ese script,la primera linea debe ser #!/usr/bin/perl
<%attr>
autohandler_skip => 1
</%attr>

- Copiarlo en /usr/libexec/postfix/smtpd-policy.pl con chmod 755

- Ir a /etc/postfix/master.cf y añadir al final (todo en una lina y con TABS)

policy  unix -          n       n       -       -       spawn  
user=nobody     argv=/usr/bin/perl /usr/libexec
/postfix/smtpd-policy.pl

- Ir a /etc/postfix/main.cf y añadir la siguiente linea:
smtpd_policy_service_endpoint = unix:private/policy

- Ir a /etc/postfix/main.cf y en smtpd_recipient_restrictions =
 Despues de reject_unauth_destination,

 Añadiremos la siguiente linea:  check_policy_service unix:private/policy ,


Despues reseteamos Postfix y ya está.


-
Para ENVIAR mensajes a esta lista tienes que estar SUSCRITO a ella.
.
Envía la linea "unsubscribe postfix-es" en el cuerpo de un mensaje
a majordomo en WL0.org para quitarte de la lista.

Más información sobre la lista de distribución Postfix-es