[Postfix-es] Conflicto entre Postgrey y Pop-Before-smtp
Alberto Rial Suarez
aillate en gmail.com
Mar Feb 20 18:07:07 CET 2007
Buenas tardes,
Tengo varios servidores de correo clásicos basados en postfix + courier
+ sasl + mysql + greylisting que siempre y esta configuración siempre me ha
funcionado como la seda. El problema lo tengo con un firewall que no deja
pasar nada por el puerto 25 que no cumpla la RFC del SMTP, por lo tanto
tengo problemas con clientes outlook que no realizan la autentificación SMTP
(esto es el parametro broken_sasl_auth_clients ). Bien como solucion se me
ha ocurrido implementar pop-before-smtp en el servidor (a pesar de que sea
menos seguro) y en principio todo me funciona bien salvo un pequeño detalle,
si en las restricciones habilito al mismo tiempo el greylisting y el
pop-before-smtp entonces solo el que ponga primero funciona, y el otro no...
Os adjunto los parametros que tengo en el main.cf ...
Gracias de antemano
smtpd_banner = $myhostname ESMTP
soft_bounce = no
queue_directory = /var/spool/postfix
#daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
default_privs = nobody
myhostname = mail.ejemplo.net
mydomain = ejemplo.net
myorigin = $mydomain
mail_name = $myhostname SMTP
smtpd_delay_reject = yes
disable_vrfy_command = yes
smtpd_helo_required = yes
maximal_queue_lifetime = 2d
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.1/8 192.168.0.0/24 192.168.1.0/24
recipient_delimiter = +
mail_spool_directory = /var/spool/mail
luser_relay = serpe
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
#virtual
virtual_alias_maps=mysql:/etc/postfix/conf/virtual_alias_maps.cnf
virtual_mailbox_base =/home/correo
virtual_mailbox_maps =mysql:/etc/postfix/conf/virtual_mailbox_maps.cnf
virtual_mailbox_domains=mysql:/etc/postfix/conf/virtual_mailbox_domains.cf
virtual_uid_maps=static:107
virtual_gid_maps=static:107
transport_maps =mysql:/etc/postfix/conf/transport_maps.cnf
local_transport = virtual
local_recipient_maps =
#virtual_mailbox_limit_inbox = no
virtual_mailbox_limit_maps=mysql:/etc/postfix/conf/virtual_mailbox_limit_maps.cnf
virtual_mailbox_limit_override = yes
virtual_maildir_extended = yes
virtual_create_maildirsize=yes
message_size_limit = 52428800
virtual_mailbox_limit = 1073741824000
virtual_maildir_limit_message = Mensaje ha sobrepasado la cuota de
disco de esa cuenta
virtual_overquota_bounce=yes
#sasl
smtpd_sasl_auth_enable=yes
smtpd_sasl2_auth_enable=yes
broken_sasl_auth_clients=yes
smtpd_sasl_local_domain=
smtpd_sasl_security_options=noanonymous
smtpd_recipient_restrictions
=permit_mynetworks,permit_sasl_authenticated,reject_non_fqdn_recipient,check_client_access
hash:/etc/postfix/hosts,check_policy_service
inet:127.0.0.1:60000,reject_non_fqdn_sender,reject_unknown_sender_domain,reject_rhsbl_client
blackhole.securitysage.com,reject_rhsbl_sender
blackhole.securitysage.com,reject_rbl_client list.dsbl.org,reject_rbl_client
blackholes.wirehub.net,reject_rbl_client
proxies.blackholes.wirehub.net,reject_rbl_client
sbl.spamhaus.org,reject_rbl_client
opm.blitzed.org,reject_rbl_client dynablock.wirehub.net,
reject_unauth_destination
smtpd_client_restrictions=
permit_sasl_authenticated,
permit_mynetworks,
check_client_access hash:/etc/postfix/hosts,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client opm.blitzed.org
#amavis
content_filter=smtp-amavis:[127.0.0.1]:10024
#tls
smtp_use_tls = yes
smtpd_use_tls = yes
#smtp_tls_note_starttls_offer = yes
stpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
owner_request_special=no
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: http://lists.wl0.org/pipermail/postfix-es/attachments/20070220/bdd00a3c/attachment.html
Más información sobre la lista de distribución Postfix-es