-------- Original-Nachricht --------
> Datum: Thu, 23 Jul 2009 14:41:07 -0400
> Von: Roman Gelfand <[email protected]>
> An: Steve <[email protected]>
> CC: [email protected]
> Betreff: Re: [Dspam-user] Recipient address rejected: User unknown in virtual
> mailbox table when Forwarding to Retrain
> I guess in general, you know what I am trying to accomplish here. If you
> have working postfix/dspam configuration files, could you share them with
> me. I just wanted to see the approach.
>
I think my configuration would scare and confuse you. I have way to much things
inside and outside Postfix (milters, policy delegation, restriction classes,
load balancing with failover, automatic blocking of bad hosts, throttling,
graylisting, dkim, sender-id, spf, etc...).
I could help better if you would post:
- If you are using a tool to manage users?
- What tool is that?
- Does it store data in a DBMS? (I assume yes)
- What DBMS is that? (I assume it's MySQL)
- What version of the DBMS do you use?
- Is the DBMS local or remote (from the viewpoint of the MTA)?
- How does the schema look like?
- Do you use anything for Anti-Virus scanning?
- What would that be? (Amavis? MailScanner? Some Milter? Other?)
- What version of Postfix do you use?
- What additional components are you planing to integrate with Postfix?
- Do you run Postfix in a chroot?
- What mail delivery do you use? (virtual? local? pipe? DSPAM? LMTP? Cyrus?
Maildrop? Procmail? Dovecot? Other?)
- What is the protocol the user are going to use to access mail? (POP3? IMAPv4?
Both? Other?)
- What storage backend are you using for DSPAM?
Answering some of those questions could help guiding you. Just taking the
configuration from someone else is not going to help you. It's true that you
could easy get a working setup but it's better if you understand your setup and
nothing beats that better then when you setup all of the things by yourself.
Trust me. Right now you would kill for getting everything working by just
mirroring the setup from some how-to but as soon as you run later in production
into issues you will hate it that you don't know what you are running. Every
minute you spend now doing the setup pays multiple time later in production.
> Thanks in advance
>
// Steve
> On Thu, Jul 23, 2009 at 12:24 PM, Steve <[email protected]> wrote:
>
> >
> > -------- Original-Nachricht --------
> > > Datum: Thu, 23 Jul 2009 10:33:07 -0400
> > > Von: Roman Gelfand <[email protected]>
> > > An: [email protected]
> > > Betreff: [Dspam-user] Recipient address rejected: User unknown in
> virtual
> > mailbox table when Forwarding to Retrain
> >
> > > My dspam version is 3.68
> > >
> > > I am at a loss. I am forwarding an email I consider spam to
> > [email protected].
> > > The orginal email came to [email protected]. The mail client used to
> > > forward
> > > the email is on mynetwork and outgoing stmp points to dspam server. My
> > >
> > > mysql> select * from dspam_virtual_uids;
> > > +-----+---------------------+
> > > | uid | username |
> > > +-----+---------------------+
> > > | 2 | [email protected] |
> > > +-----+---------------------+
> > > Do I need to add this entry ( 2, [email protected]) ,to this table?
> > >
> > No. You don't need to add [email protected] to that table.
> >
> >
> > > main.cf
> > >
> > > local_recipient_maps =
> > > local_transport = error:local mail delivery is disabled
> > > myhostname = mail.abc.com
> > > mynetworks = 127.0.0.0/8 192.168.3.0/24 192.168.1.0/24
> > > dspam_destination_recipient_limit = 1
> > > parent_domain_matches_subdomains =
> > > debug_peer_list,
> > > smtpd_access_maps
> > > smtpd_recipient_restrictions =
> > > permit_mynetworks,
> > > reject_unauth_destination,
> > > check_recipient_access pcre:/etc/postfix/dspam_check_aliases,
> > > check_sender_access pcre:/etc/postfix/dspam_check_aliases
> > >
> > What is the point checking here for "^.*(spam|ham)@.*$" in recipient and
> > sender? What are you trying to prevent with that?
> >
> >
> > > smtpd_client_restrictions =
> > > check_client_access pcre:/etc/postfix/dspam_filter_access
> > >
> > You probably want to set permit_mynetworks and/or
> permit_sasl_authenticated
> > here else everything is going to be filtered by DSPAM and I assume you
> are
> > trying to just filter inbound mail. Right?
> >
> >
> > > nested_header_checks=
> > > transport_maps = pcre:/etc/postfix/dspam-retrain.pcre
> > > hash:/etc/postfix/transport
> > > virtual_transport = lmtp:unix:/tmp/dspam.sock
> > > virtual_mailbox_domains = abc.com def.com
> > > virtual_mailbox_maps = mysql:/etc/postfix/vmailbox.cf
> > > :/etc/postfix/dspam-retrain.pcre
> > >
> > > /^(spam|junk)\...@.*$/ dspam-retrain:spam
> > > /^(notspam|ham)\...@.*$/ dspam-retrain:innocent
> > >
> > > :/etc/postfix/transport
> > >
> > > abc.com smtp:mail2.abc.com def.com smtp:
> > > mail2.def.com
> > >
> > I don't get it. You say in virtual_mailbox_domains that you take mails
> for
> > abc.com and def.com but here you transport any mail to
> abc.com/def.comover smtp to the MX record of
> > mail2.abc.com or mail2.def.com.
> >
> >
> > > /etc/postfix/dspam_check_aliases
> > >
> > > /^.*(spam|ham)@.*$/ REJECT
> > >
> > That regexp is going to reject legal senders/recipients and should be
> > changed IMHO (the regexp would match a recipient/sender with the email
> > "[email protected]" or "[email protected]"). And the
> @
> > needs an escaping when used in PCRE.
> >
> >
> > > /etc/postfix/dspam_filter_access
> > >
> > > /^(spam|ham)@.*$/ OK
> > > # The rest is redirected to be filtered
> > > /./ FILTER dspam:dspam
> > >
> > The way you use dspam_filter_access wont work for the first line
> > "/^(spam|ham)@.*$/ OK" because you use it for "check_client_access". So
> > email addresses are not working here.
> >
> >
> > > master.cf
> > >
> > > smtp inet n - n - - smtpd
> > > -o content_filter=lmtp:unix:/tmp/dspam.sock
> > >
> > That content_filter part is useless (+/-) since you use FILTER actions
> in
> > /etc/postfix/dspam_filter_access.
> >
> >
> > > localhost:10026 inet n - n - - smtpd
> > > -o content_filter=
> > > -o
> > >
> >
> receive_override_options=no_unknown_recipient_checks,no_header_body_checks
> > > -o smtpd_helo_restrictions=
> > > -o smtpd_client_restrictions=
> > > -o smtpd_sender_restrictions=
> > > -o smtpd_recipient_restrictions=permit_mynetworks,reject
> > > -o mynetworks=127.0.0.0/8
> > > -o smtpd_authorized_xforward_hosts=127.0.0.0/8
> > > pickup fifo n - - 60 1 pickup
> > > cleanup unix n - - - 0 cleanup
> > > qmgr fifo n - n 300 1 qmgr
> > > #qmgr fifo n - - 300 1 oqmgr
> > > tlsmgr unix - - - 1000? 1 tlsmgr
> > > rewrite unix - - - - -
> trivial-rewrite
> > > bounce unix - - - - 0 bounce
> > > defer unix - - - - 0 bounce
> > > trace unix - - - - 0 bounce
> > > verify unix - - - - 1 verify
> > > flush unix n - - 1000? 0 flush
> > > proxymap unix - - n - - proxymap
> > > proxywrite unix - - n - 1 proxymap
> > > smtp unix - - - - - smtp
> > > relay unix - - - - - smtp
> > > -o smtp_fallback_relay=
> > > showq unix n - - - - showq
> > > error unix - - - - - error
> > > retry unix - - - - - error
> > > discard unix - - - - - discard
> > > #local unix - n n - - local
> > > virtual unix - n n - - virtual
> > > lmtp unix - - - - - lmtp
> > > anvil unix - - - - 1 anvil
> > > scache unix - - - - 1 scache
> > > maildrop unix - n n - - pipe
> > > flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
> > > uucp unix - n n - - pipe
> > > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> > > ($recipient)
> > > ifmail unix - n n - - pipe
> > > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
> ($recipient)
> > > bsmtp unix - n n - - pipe
> > > flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
> > > $recipient
> > > scalemail-backend unix - n n - 2 pipe
> > > flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> > > ${nexthop} ${user} ${extension}
> > > mailman unix - n n - - pipe
> > > flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
> > > ${nexthop} ${user}
> > > dspam unix - n n - -
> pipe
> > > flags=Ru user=dspam argv=/usr/bin/dspam --client
> > --deliver=innocent,spam
> > > --user ${recipient} --mail-from=${sender}
> > > dspam-retrain unix - n n - -
> pipe
> > > flags=Rhq user=dspam argv=/usr/bin/dspam --class=${nexthop}
> > > --source=error
> > > --deliver=spam,innocent --stdout
> >
> >
> > I have my hard time following the setup you have here. Have you made
> this
> > all yourself or are you following a howto? To me it looks like you are
> > trying to follow multiple howtos and munge all together into one
> > configuration. The reason I think that is because I see so many
> different
> > concepts in your configuration all mixed up together. For example: You
> use
> > lookups in MySQL (for the users) but the domain transport is hard coded.
> > Why? Is that data not available in the MySQL table? The same goes for
> the
> > transport. Why having one part in MySQL and the other locally in
> PCRE/hash
> > tables? Then the "smtpd_recipient_restrictions" which is to simple. Most
> > setups have there a bunch of permit_*, reject_* and check_* commands.
> You
> > just have one. Not that this is bad but I have never seen a setup with
> one
> > single command in smtpd_recipient_restrictions.
> >
> > btw: All this has in the first place nothing to do with DSPAM. It's more
> > Postfix related then DSPAM related.
> >
> >
> > // Steve
> >
> > --
> > Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3
> -
> > sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser
> >
> >
> >
> ------------------------------------------------------------------------------
> > _______________________________________________
> > Dspam-user mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/dspam-user
> >
--
Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3 -
sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser
------------------------------------------------------------------------------
_______________________________________________
Dspam-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspam-user
