In the @lookup_sql_dsn I have the following which works with no problem:

@lookup_sql_dsn = (
    ['DBI:mysql:database=dbase;host=127.0.0.1;port=3306',
     'sqluser',
     'somepassword']);

I’m not exactly sure what you are attempting to do with the $sql_select_policy 
statement, maybe you can elaborate?



From: amavis-users 
[mailto:amavis-users-bounces+dino.edwards=mydirectmail....@amavis.org] On 
Behalf Of Robert Moskowitz
Sent: Wednesday, April 19, 2017 4:49 PM
To: amavis-users@amavis.org
Subject: Open relay from localhost and other questions

This is my new test setup.

I end amavis.conf with:


1;  # insure a defined return value
$mydomain = 'test.htt-consult.com';
$helpers_home = "$MYHOME/var";              # working directory for 
SpamAssassin, -S
$myhostname = 'z9m9z.test.htt-consult.com';           #  must be a 
fully-qualified domain name!
$log_level = 1; # set the log level to one
$sa_tag_level_deflt = -99; # I want to see the headers so change to -99
$sa_tag2_level_deflt = 5.0; # start with 5
$sa_kill_level_deflt = 9;
$sa_dsn_cutoff_level = 9;
$sa_quarantine_cutoff_level = 50;
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 [2607:f4b8:3::]/48
                  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 50.253.254.0/28);
@lookup_sql_dsn =
   ( 
['DBI:mysql:database=postfix;host=localhost;mysql_socket=/var/lib/mysql/mysql.sock',
 'postfix','postfixpassword] );
$sql_select_white_black_list = undef;
$sql_select_policy = 'SELECT "Y" as local, 1 as id FROM domain WHERE 
CONCAT("@",domain) IN (%k)';
1;  # insure a defined return value

This was done by appending my specific options after the 1; line then adding my 
own 1; line.

r...@z9m9z.test.htt-consult.com<mailto:r...@z9m9z.test.htt-consult.com>

is NOT in the postfix database

In postfix/mail.cf I have:

postconf -e 'content_filter = amavis:[127.0.0.1]:10024'

and in master.cf I have:

smtpd     pass  -       -       n       -       -       smtpd

pickup    unix  n       -       n       60      1       pickup

      -o content_filter=

amavis unix -     -     y     -     2     lmtp

      -o lmtp_data_done_timeout=1200

      -o lmtp_send_xforward_command=yes

      -o disable_dns_lookups=yes

      -o max_use=20



I am seeing the following in maillog from logwatch:

Lots of questions.  The 4th line has a amavis SQL failure.
Then concern that it is coming from an open relay?
Amavis gets called a 2nd then 3rd time?  Should I put content_filter= with gmgr 
so it does not call amavis?

thanks

Apr 10 03:34:36 z9m9z postfix/pickup[1501]: C735BB25B: uid=0 from=<root>

Apr 10 03:34:37 z9m9z postfix/cleanup[2077]: C735BB25B: 
message-id=<20170410073436.c735bb...@z9m9z.test.htt-consult.com><mailto:20170410073436.c735bb...@z9m9z.test.htt-consult.com>

Apr 10 03:34:37 z9m9z postfix/qmgr[3107]: C735BB25B: 
from=<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
size=5300, nrcpt=1 (queue active)

Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) NOTICE: reconnecting in response 
to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away 
at (eval 129) line 172.

Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) LMTP [127.0.0.1]:10024 
/var/spool/amavisd/tmp/amavis-20170409T010521-02045-SZAIGFN5: 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com> -> 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com> 
SIZE=5300 Received: from z9m9z.test.htt-consult.com ([127.0.0.1]) by localhost 
(z9m9z.test.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP 
for <r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>; 
Mon, 10 Apr 2017 03:34:38 -0400 (EDT)

Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) Checking: SGMxb1MYeOCZ 
[127.0.0.1] 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com> -> 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>

Apr 10 03:34:38 z9m9z amavis[2045]: (02045-11) Open relay? Nonlocal recips but 
not originating: 
r...@z9m9z.test.htt-consult.com<mailto:r...@z9m9z.test.htt-consult.com>

Apr 10 03:34:51 z9m9z postfix/smtpd[2120]: connect from localhost[127.0.0.1]

Apr 10 03:34:52 z9m9z postfix/smtpd[2120]: 9D31F6B28: 
client=localhost[127.0.0.1]

Apr 10 03:34:52 z9m9z postfix/cleanup[2077]: 9D31F6B28: 
message-id=<20170410073436.c735bb...@z9m9z.test.htt-consult.com><mailto:20170410073436.c735bb...@z9m9z.test.htt-consult.com>

Apr 10 03:34:52 z9m9z postfix/smtpd[2120]: disconnect from localhost[127.0.0.1]

Apr 10 03:34:52 z9m9z amavis[2045]: (02045-11) SGMxb1MYeOCZ FWD from 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com> -> 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 
9D31F6B28

Apr 10 03:34:52 z9m9z postfix/qmgr[3107]: 9D31F6B28: 
from=<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
size=5795, nrcpt=1 (queue active)

Apr 10 03:34:52 z9m9z amavis[2045]: (02045-11) Passed CLEAN {RelayedOpenRelay}, 
[127.0.0.1] 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com> -> 
<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
Message-ID: 
<20170410073436.c735bb...@z9m9z.test.htt-consult.com><mailto:20170410073436.c735bb...@z9m9z.test.htt-consult.com>,
 mail_id: SGMxb1MYeOCZ, Hits: -0.001, size: 5294, queued_as: 9D31F6B28, 14698 ms

Apr 10 03:34:52 z9m9z postfix/lmtp[2099]: C735BB25B: 
to=<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=30, 
delays=15/0.18/0.14/15, dsn=2.0.0, status=sent (250 2.0.0 from 
MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9D31F6B28)

Apr 10 03:34:52 z9m9z postfix/qmgr[3107]: C735BB25B: removed

Apr 10 03:34:52 z9m9z postfix/cleanup[2077]: E8ABF4F8A: 
message-id=<20170410073436.c735bb...@z9m9z.test.htt-consult.com><mailto:20170410073436.c735bb...@z9m9z.test.htt-consult.com>

Apr 10 03:34:53 z9m9z postfix/local[2126]: 9D31F6B28: 
to=<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
relay=local, delay=0.38, delays=0.09/0.2/0/0.09, dsn=2.0.0, status=sent 
(forwarded as E8ABF4F8A)

Apr 10 03:34:53 z9m9z postfix/qmgr[3107]: E8ABF4F8A: 
from=<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>, 
size=5947, nrcpt=1 (queue active)

Apr 10 03:34:53 z9m9z postfix/qmgr[3107]: 9D31F6B28: removed

Apr 10 03:34:55 z9m9z postfix/smtp[2128]: Untrusted TLS connection established 
to z9m9z.htt-consult.com[50.253.254.3]:25: TLSv1.2 with cipher 
DHE-RSA-AES256-GCM-SHA384 (256/256 bits)

Apr 10 03:34:57 z9m9z postfix/smtp[2128]: E8ABF4F8A: 
to=<r...@htt-consult.com><mailto:r...@htt-consult.com>, 
orig_to=<r...@z9m9z.test.htt-consult.com><mailto:r...@z9m9z.test.htt-consult.com>,
 relay=z9m9z.htt-consult.com[50.253.254.3]:25, delay=4.3,
delays=0.05/0.11/1.9/2.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 
2B51E6212F)

Apr 10 03:34:57 z9m9z postfix/qmgr[3107]: E8ABF4F8A: removed

Reply via email to