In the @lookup_sql_dsn I have the following which works with no problem:
@lookup_sql_dsn = (
['DBI:mysql:database=dbase;host=127.0.0.1;port=3306',
'sqluser',
'somepassword']);
I’m not exactly sure what you are attempting to do with the $sql_select_policy
statement, maybe you can elaborate?
From: amavis-users
[mailto:[email protected]] On
Behalf Of Robert Moskowitz
Sent: Wednesday, April 19, 2017 4:49 PM
To: [email protected]
Subject: Open relay from localhost and other questions
This is my new test setup.
I end amavis.conf with:
1; # insure a defined return value
$mydomain = 'test.htt-consult.com';
$helpers_home = "$MYHOME/var"; # working directory for
SpamAssassin, -S
$myhostname = 'z9m9z.test.htt-consult.com'; # must be a
fully-qualified domain name!
$log_level = 1; # set the log level to one
$sa_tag_level_deflt = -99; # I want to see the headers so change to -99
$sa_tag2_level_deflt = 5.0; # start with 5
$sa_kill_level_deflt = 9;
$sa_dsn_cutoff_level = 9;
$sa_quarantine_cutoff_level = 50;
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 [2607:f4b8:3::]/48
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 50.253.254.0/28);
@lookup_sql_dsn =
(
['DBI:mysql:database=postfix;host=localhost;mysql_socket=/var/lib/mysql/mysql.sock',
'postfix','postfixpassword] );
$sql_select_white_black_list = undef;
$sql_select_policy = 'SELECT "Y" as local, 1 as id FROM domain WHERE
CONCAT("@",domain) IN (%k)';
1; # insure a defined return value
This was done by appending my specific options after the 1; line then adding my
own 1; line.
[email protected]<mailto:[email protected]>
is NOT in the postfix database
In postfix/mail.cf I have:
postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
and in master.cf I have:
smtpd pass - - n - - smtpd
pickup unix n - n 60 1 pickup
-o content_filter=
amavis unix - - y - 2 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
I am seeing the following in maillog from logwatch:
Lots of questions. The 4th line has a amavis SQL failure.
Then concern that it is coming from an open relay?
Amavis gets called a 2nd then 3rd time? Should I put content_filter= with gmgr
so it does not call amavis?
thanks
Apr 10 03:34:36 z9m9z postfix/pickup[1501]: C735BB25B: uid=0 from=<root>
Apr 10 03:34:37 z9m9z postfix/cleanup[2077]: C735BB25B:
message-id=<[email protected]><mailto:[email protected]>
Apr 10 03:34:37 z9m9z postfix/qmgr[3107]: C735BB25B:
from=<[email protected]><mailto:[email protected]>,
size=5300, nrcpt=1 (queue active)
Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) NOTICE: reconnecting in response
to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away
at (eval 129) line 172.
Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) LMTP [127.0.0.1]:10024
/var/spool/amavisd/tmp/amavis-20170409T010521-02045-SZAIGFN5:
<[email protected]><mailto:[email protected]> ->
<[email protected]><mailto:[email protected]>
SIZE=5300 Received: from z9m9z.test.htt-consult.com ([127.0.0.1]) by localhost
(z9m9z.test.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP
for <[email protected]><mailto:[email protected]>;
Mon, 10 Apr 2017 03:34:38 -0400 (EDT)
Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) Checking: SGMxb1MYeOCZ
[127.0.0.1]
<[email protected]><mailto:[email protected]> ->
<[email protected]><mailto:[email protected]>
Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) Open relay? Nonlocal recips but
not originating:
[email protected]<mailto:[email protected]>
Apr 10 03:34:51 z9m9z postfix/smtpd[2120]: connect from localhost[127.0.0.1]
Apr 10 03:34:52 z9m9z postfix/smtpd[2120]: 9D31F6B28:
client=localhost[127.0.0.1]
Apr 10 03:34:52 z9m9z postfix/cleanup[2077]: 9D31F6B28:
message-id=<[email protected]><mailto:[email protected]>
Apr 10 03:34:52 z9m9z postfix/smtpd[2120]: disconnect from localhost[127.0.0.1]
Apr 10 03:34:52 z9m9z amavis[2045]: (02045-11) SGMxb1MYeOCZ FWD from
<[email protected]><mailto:[email protected]> ->
<[email protected]><mailto:[email protected]>,
BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
9D31F6B28
Apr 10 03:34:52 z9m9z postfix/qmgr[3107]: 9D31F6B28:
from=<[email protected]><mailto:[email protected]>,
size=5795, nrcpt=1 (queue active)
Apr 10 03:34:52 z9m9z amavis[2045]: (02045-11) Passed CLEAN {RelayedOpenRelay},
[127.0.0.1]
<[email protected]><mailto:[email protected]> ->
<[email protected]><mailto:[email protected]>,
Message-ID:
<[email protected]><mailto:[email protected]>,
mail_id: SGMxb1MYeOCZ, Hits: -0.001, size: 5294, queued_as: 9D31F6B28, 14698 ms
Apr 10 03:34:52 z9m9z postfix/lmtp[2099]: C735BB25B:
to=<[email protected]><mailto:[email protected]>,
orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=30,
delays=15/0.18/0.14/15, dsn=2.0.0, status=sent (250 2.0.0 from
MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9D31F6B28)
Apr 10 03:34:52 z9m9z postfix/qmgr[3107]: C735BB25B: removed
Apr 10 03:34:52 z9m9z postfix/cleanup[2077]: E8ABF4F8A:
message-id=<[email protected]><mailto:[email protected]>
Apr 10 03:34:53 z9m9z postfix/local[2126]: 9D31F6B28:
to=<[email protected]><mailto:[email protected]>,
relay=local, delay=0.38, delays=0.09/0.2/0/0.09, dsn=2.0.0, status=sent
(forwarded as E8ABF4F8A)
Apr 10 03:34:53 z9m9z postfix/qmgr[3107]: E8ABF4F8A:
from=<[email protected]><mailto:[email protected]>,
size=5947, nrcpt=1 (queue active)
Apr 10 03:34:53 z9m9z postfix/qmgr[3107]: 9D31F6B28: removed
Apr 10 03:34:55 z9m9z postfix/smtp[2128]: Untrusted TLS connection established
to z9m9z.htt-consult.com[50.253.254.3]:25: TLSv1.2 with cipher
DHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Apr 10 03:34:57 z9m9z postfix/smtp[2128]: E8ABF4F8A:
to=<[email protected]><mailto:[email protected]>,
orig_to=<[email protected]><mailto:[email protected]>,
relay=z9m9z.htt-consult.com[50.253.254.3]:25, delay=4.3,
delays=0.05/0.11/1.9/2.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as
2B51E6212F)
Apr 10 03:34:57 z9m9z postfix/qmgr[3107]: E8ABF4F8A: removed
