[postfix-users] Mailqueue läuft voll
Hans Rembeck
hrembec at fh-landshut.de
Di Dez 15 15:07:20 CET 2009
Uwe Driessen schrieb:
> On Behalf Of Hans Rembeck
>
>> Ralf Hildebrandt schrieb:
>>
>>> * Hans Rembeck <hrembec at fh-landshut.de>:
>>>
>>>
>>>
>>>> mydestination = $myhostname
>>>> mydomain = xxx
>>>> myhostname = xxx
>>>> mynetworks = 127.0.0.0/8, xxx
>>>> myorigin = $myhostname
>>>>
>>>>
>>>
>>>> relay_domains = $mydestination
>>>> relay_recipient_maps = hash:/etc/postfix/relay_recipients
>>>>
>>>>
>>> Also ich weiss nicht. Ist die Domain nun in mydestination oder eine
>>> relay_domain?
>>>
>>>
>>>
>>>> smtpd_recipient_restrictions =
>>>> check_recipient_access hash:/etc/postfix/x-employees
>>>> check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions
>>>> reject_non_fqdn_recipient
>>>> reject_non_fqdn_sender
>>>> reject_unknown_recipient_domain
>>>> reject_unknown_sender_domain
>>>> permit_mynetworks
>>>> check_client_access hash:/var/lib/pop-before-smtp/hosts
>>>> check_sender_access hash:/etc/postfix/access
>>>> permit_sasl_authenticated
>>>> reject_unauth_destination
>>>> check_recipient_access hash:/etc/postfix/roleaccount_exeptions
>>>> reject_invalid_hostname
>>>> check_helo_access pcre:/etc/postfix/helo_checks
>>>> check_sender_mx_access cidr:/etc/postfix/bogus_mx
>>>> reject_unverified_sender c
>>>> heck_policy_service inet:127.0.0.1:60000
>>>> reject_rbl_client zen.spamhaus.org
>>>> reject_rbl_client bl.spamcop.net
>>>> reject_rbl_client bogons.cymru.com
>>>> permit
>>>>
>>>>
>>> Würde ich umstellen zu:
>>>
>>> smtpd_recipient_restrictions =
>>> check_recipient_access hash:/etc/postfix/x-employees
>>> reject_non_fqdn_recipient
>>> reject_non_fqdn_sender
>>> reject_unknown_recipient_domain
>>> reject_unknown_sender_domain
>>> permit_mynetworks
>>> check_client_access hash:/var/lib/pop-before-smtp/hosts
>>> permit_sasl_authenticated
>>> reject_unauth_destination
>>> check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions
>>> check_sender_access hash:/etc/postfix/access
>>> check_recipient_access hash:/etc/postfix/roleaccount_exeptions
>>> reject_invalid_hostname
>>> check_helo_access pcre:/etc/postfix/helo_checks
>>> check_sender_mx_access cidr:/etc/postfix/bogus_mx
>>> reject_rbl_client zen.spamhaus.org
>>> reject_rbl_client bl.spamcop.net
>>> reject_rbl_client bogons.cymru.com
>>> check_policy_service inet:127.0.0.1:60000
>>> reject_unverified_sender
>>>
>>> Wobei mir die beiden check_sender_access nicht geheuer sind.
>>>
>>>
>>>
>>>> smtpd_sasl_auth_enable = yes
>>>>
>>>>
>>>
>>>
>>>> smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access
>>>>
>>>>
>>> Weg damit, ist doppelt, höchstens das
>>> reject_unauthenticated_sender_login_mismatch
>>> und das kann auch in smtpd_recipient_restrictions
>>>
>>>
>>>
>> Hab mich doch zu früh gefreut;
>>
>> habe jetzt die
>>
>> check_sender_access
>>
>> entfernt und es kommen immer noch unbekannte Mails welche über mich dann
>> versandt werden.
>>
>> Der muss doch dann über einen gültigen Account reinkommen oder?
>>
>> Wo kann man noch ansetzen?
>>
>>
>
> Hast du mal die Änderungen von Ralf übernommen ?
>
Ja
> Wo ist das log dazu evtl. kannst du auch mal in der Master.cf
>
> In der smtp Zeile -v oder -vv dahinter hängen dann kannst du den Weg den solch eine Mail
> nimmt genau verfolgen und welche Restriktion das ok gibt.
>
> mynetworks = 127.0.0.0/8, xxx wofür steht das xxxx ist das genau ein Host oder ist das ein
> ganzes Netzwerk?
>
xxx ist meine IP
> Du musst deine Mühle erstmal dicht machen.
>
> Pop3 bevor SMTP ist eigentlich nicht mehr aktuell. Wer senden möchte muß sich anmelden.
>
brauch ich noch für alten outlook Express Anwender
> Nimm mal die > > check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions
>
>>> check_sender_access hash:/etc/postfix/access raus und schau ob es immer noch
>>>
> passiert.
>
>
> Mit freundlichen Grüßen
>
> Drießen
>
>
>>> START Recipient address RESTRICTIONS <<<
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=check_recipient_access
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_mail_access:
shabazz76 at hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: leave
existing entry key shabazz76 at hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access:
shabazz76 at hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access:
hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: shabazz76@
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=check_recipient_access status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=check_sender_access
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_mail_access:
sender at online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move
existing entry key sender at online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access:
sender at online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access:
online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: sender@
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=check_sender_access status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_non_fqdn_recipient
Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_non_fqdn_address:
shabazz76 at hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_non_fqdn_recipient status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_non_fqdn_sender
Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_non_fqdn_address:
sender at online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_non_fqdn_sender status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_unknown_recipient_domain
Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_address:
shabazz76 at hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move
existing entry key shabazz76 at hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_mailhost:
hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: lookup hotmail.com type
1 flags 0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_query: hotmail.com
(A): OK
Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A
for hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A
for hotmail.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_unknown_recipient_domain status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_unknown_sender_domain
Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_address:
sender at online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move
existing entry key sender at online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_mailhost:
online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: lookup online.com type 1
flags 0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_query: online.com
(A): OK
Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A
for online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A
for online.com
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=reject_unknown_sender_domain status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=permit_mynetworks
Dec 15 14:48:45 localhost postfix/smtpd[13060]: permit_mynetworks:
unknown 41.217.65.4
Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostname: unknown
~? 127.0.0.0/8
Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostaddr:
41.217.65.4 ~? 127.0.0.0/8
Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostname: unknown
~? x.x.x.x
Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostaddr:
41.217.65.4 ~? x.x.x.x
Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_list_match:
unknown: no match
Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_list_match:
41.217.65.4: no match
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=permit_mynetworks status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=check_client_access
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_namadr_access:
name unknown addr 41.217.65.4
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: unknown
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_addr_access:
41.217.65.4
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=check_client_access status=0
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=permit_sasl_authenticated
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks:
name=permit_sasl_authenticated status=1
Dec 15 14:48:45 localhost postfix/smtpd[13060]: >>> CHECKING RECIPIENT
MAPS <<<
x.x.x.x meine IP
ist
permit_sasl_authenticated status=1
das es durchgelassen wird?
--
Mit freundlichen Grüßen
Hans Rembeck
Mehr Informationen über die Mailingliste postfix-users