Salut,
J'ai essay� les combinaisons suivantes pour
Postfix+Amavis-ng/ClamAV+Spamassassin(spamproxyd):
1.
Content filter envoyant le mail � SA sur localhost:10025, qui lui
le retourne � un 2nd postfix �coutant sur localhost:10026 et qui ex�cute
le pipe vers amavis (fork...), qui retourne le
mail scann� � postfix apr�s analyse via la m�thode postfix dans amavis-ng
(sendmail): smtp->postfix(25)->smtp|spamproxyd(10025)->smtp|2nd
postfix(10026)->pipe|amavis-ng(clam)->postfix via "sendmail"
== ->smtp|postfix(25), vous devinez la suite...
*master.cf:
vscan unix - n n - 10 pipe flags=q
user=amavis argv=/usr/bin/amavis ${sender} ${recipient}
localhost:10027 inet n - n - 10 smtpd -o
content_filter=vscan:D -o local_recipient_maps= -o myhostname=nabiki.rsvj
*main.cf:
content_filter = smtp:localhost:10025
*amavis.conf:
...
mail-transfer-agent = Postfix
...
virus-scanner = CLAM
...
[Postfix]
;; Location and arguments of the binary
postfix = /usr/sbin/sendmail
args = -i -f
*Probl�me: le message se retrouve pris dans une boucle jusqu'au bounce
(too many hops). De plus, ce n'est pas efficient de lancer amavis pour
chaque mail � scanner...
2.
Content filter envoyant le mail � amavis-ng via la m�thode SMTP sur le
localhost port 10025, qui le scanne et le retourne sur localhost:10026 ou
�coute spamproxyd qui le tag et retourne le contenu � une 2nd instance
postfix en �coute sur localhost:10027 (plus clean que 1. je trouve):
smtp->postfix(25)->smtp|amavis-ng(10025)(clam)->smtp|spamproxyd(10026)->smtp2nd
postfix(10027)
*master.cf:
amavis unix - - n - 2 smtp
localhost:10027 inet n - n - 10 smtpd -o
content_filter= -o local_recipient_maps= -o myhostname=nabiki.rsvj
*main.cf:
content_filter = amavis:[127.0.0.1]:10025
*amavis.conf:
...
mail-transfer-agent = SMTP
...
virus-scanner = CLAM
...
[SMTP]
input address = localhost
input port = 10025
output address = localhost
output port = 10026
session timeout = 240
pidfile = /var/run/amavis-ng/amavisd.pid
*Probl�me: le message n'est pas re�u par postfix en retour et semble
bloquer lors du passage � Amavis-NG via smtp:localhost:10025, comme
constat� dans les logs de postfix:
Oct 1 11:40:11 nabiki postfix/smtp[29302]: 1C5E724916:
to=<[EMAIL PROTECTED]>, relay=loopback.rsvj[127.0.0.1], delay=1882,
status=deferred (lost connection with loopback.rsvj[127.0
.0.1] while sending MAIL FROM)
Oct 1 11:40:12 nabiki postfix/smtp[29303]: 4E6951F907:
to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1], delay=1248,
status=deferred (lost connection with 127.0.0.1[127.0.0.1
] while sending MAIL FROM)
En effet, lorsque je regarde ce qui se passe lorsque j'envoie un mail
depuis internet vers une mbox sur ce server:
[EMAIL PROTECTED]:/etc# tcpdump -i lo
tcpdump: listening on lo
11:33:41.582028 nabiki.rsvj.4243 > nabiki.rsvj.domain: 15032+ PTR?
71.60.64.158.in-addr.arpa. (43) (DF)
11:33:46.720358 nabiki.rsvj.4244 > nabiki.rsvj.domain: 15033+ A?
gilmore.ael.be. (32) (DF)
11:33:52.271452 nabiki.rsvj.domain > nabiki.rsvj.4241: 64011 ServFail
0/0/0 (28) (DF)
11:33:52.271546 nabiki.rsvj > nabiki.rsvj: icmp: nabiki.rsvj udp port 4241
unreachable [tos 0xc0]
11:33:52.273038 nabiki.rsvj.domain > nabiki.rsvj.4242: 42097 ServFail
0/0/0 (28) (DF)
11:33:52.273096 nabiki.rsvj > nabiki.rsvj: icmp: nabiki.rsvj udp port 4242
unreachable [tos 0xc0]
11:33:52.273466 nabiki.rsvj.domain > nabiki.rsvj.4243: 15032 ServFail
0/0/0 (43) (DF)
11:33:52.273510 nabiki.rsvj > nabiki.rsvj: icmp: nabiki.rsvj udp port 4243
unreachable [tos 0xc0]
11:33:52.273877 nabiki.rsvj.domain > nabiki.rsvj.4244: 15033 ServFail
0/0/0 (32) (DF)
11:33:52.273925 nabiki.rsvj > nabiki.rsvj: icmp: nabiki.rsvj udp port 4244
unreachable [tos 0xc0]
11:33:52.416435 localhost.1628 > localhost.10025: S 115491730:115491730(0)
win 32767 <mss 16396,sackOK,timestamp 479809693 0,nop,wscale 0> (DF)
11:33:52.416551 localhost.10025 > localhost.1628: S 108587839:108587839(0)
ack 115491731 win 32767 <mss 16396,sackOK,timestamp 479809693
479809693,nop,wscale 0> (DF)
11:33:52.416630 localhost.1628 > localhost.10025: . ack 1 win 32767
<nop,nop,timestamp 479809693 479809693> (DF)
11:33:52.455727 localhost.10025 > localhost.1628: P 1:25(24) ack 1 win
32767 <nop,nop,timestamp 479809697 479809693> (DF)
11:33:52.455832 localhost.1628 > localhost.10025: . ack 25 win 32767
<nop,nop,timestamp 479809697 479809697> (DF)
11:33:52.458551 localhost.1628 > localhost.10025: P 1:19(18) ack 25 win
32767 <nop,nop,timestamp 479809697 479809697> (DF)
11:33:52.458614 localhost.10025 > localhost.1628: . ack 19 win 32767
<nop,nop,timestamp 479809697 479809697> (DF)
11:33:52.462260 localhost.10025 > localhost.1628: P 25:49(24) ack 19 win
32767 <nop,nop,timestamp 479809698 479809697> (DF)
11:33:52.463134 localhost.1628 > localhost.10025: P 19:37(18) ack 49 win
32767 <nop,nop,timestamp 479809698 479809698> (DF)
11:33:52.464283 localhost.10025 > localhost.1628: P 49:85(36) ack 37 win
32767 <nop,nop,timestamp 479809698 479809698> (DF)
11:33:52.466472 nabiki.rsvj.4245 > nabiki.rsvj.domain: 62572+ MX? ael.be.
(24) (DF)
11:33:52.468843 nabiki.rsvj.domain > nabiki.rsvj.4245: 62572 ServFail
0/0/0 (24) (DF)
11:33:52.500462 localhost.1628 > localhost.10025: . ack 85 win 32767
<nop,nop,timestamp 479809702 479809698> (DF)
11:33:52.594902 nabiki.rsvj.4245 > nabiki.rsvj.domain: 62573+ MX?
rsvj.ath.cx. (29) (DF)
11:33:52.596882 nabiki.rsvj.domain > nabiki.rsvj.4245: 62573 ServFail
0/0/0 (29) (DF)
11:33:52.706925 nabiki.rsvj.4245 > nabiki.rsvj.domain: 62574+ A?
rsvj.ath.cx. (29) (DF)
11:33:52.708848 nabiki.rsvj.domain > nabiki.rsvj.4245: 62574 ServFail
0/0/0 (29) (DF)
11:33:52.812495 localhost.1628 > localhost.10025: P 37:64(27) ack 85 win
32767 <nop,nop,timestamp 479809733 479809698> (DF)
11:33:52.827780 localhost.10025 > localhost.1628: F 85:85(0) ack 64 win
32767 <nop,nop,timestamp 479809734 479809733> (DF)
11:33:52.860477 localhost.1628 > localhost.10025: . ack 86 win 32767
<nop,nop,timestamp 479809738 479809734> (DF)
11:33:53.005994 localhost.1628 > localhost.10025: F 64:64(0) ack 86 win
32767 <nop,nop,timestamp 479809752 479809734> (DF)
11:33:53.006078 localhost.10025 > localhost.1628: . ack 65 win 32767
<nop,nop,timestamp 479809752 479809752> (DF)
A noter: si j'utilise un seul content filter avec soit:
-SA via spamproxyd sur localhost:10025 et retour vers 2nd postfix:10026,
aucun probl�me.
-amavis-ng via le pipe vscan et retour m�thode postfix, il scanne les
viruses.
C'est coupler les deux qui me pose probl�me, puisque je ne peux pas non
plus faire fonctionner la m�thode suivante (peu performante aussi):
SMTP->postfix(25)->pipe|amavis-ng(clam)->postfix(25)->smtp|spamproxyd(10025)->2nd
postfix(10026)
Je ne vois pas le probl�me directement puisque:
ps ax:
29868 ? S 0:08 amavisd
30019 pts/2 S 0:09 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30140 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30141 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30142 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30143 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30144 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30145 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30146 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30148 pts/2 S 0:00 perl /etc/spamassassin/spamproxyd
127.0.0.1:10026 127.0.0.1:10027
30104 ? S 0:00 /usr/lib/postfix/master
30107 ? S 0:00 pickup -l -t fifo -u -c
30108 ? S 0:01 qmgr -l -t fifo -u -c
30109 ? S 0:00 trivial-rewrite -n rewrite -t unix -u -c
30111 ? S 0:00 smtp -t unix -u -c
30114 ? S 0:00 smtp -t unix -u -c
30115 ? S 0:00 smtp -t unix -u -c
30117 ? S 0:00 bounce -n defer -t unix -u -c
30118 ? S 0:00 smtp -t unix -u -c
30122 ? S 0:00 smtp -t unix -u -c
30129 ? S 0:00 bounce -n defer -t unix -u -c
30131 ? S 0:00 bounce -n defer -t unix -u -c
30132 ? S 0:00 bounce -n defer -t unix -u -c
30139 ? S 0:00 smtp -t unix -u -c
30163 ? S 0:00 smtp -t unix -u -c
30173 ? S 0:00 smtpd -n localhost:10027 -t inet -u -o
content_filter -o local_recipient_maps -o myhostname nabiki.rsvj
30184 ? S 0:00 smtpd -n smtp -t inet -u -c
30203 ? S 0:00 cleanup -t unix -u -c
30223 ? S 0:00 local -t unix
30324 ? S 0:00 flush -t unix -u -c
30330 ? S 0:00 flush -t unix -u -c
et:
[EMAIL PROTECTED]:/var/log# telnet localhost 10025
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 AMaViS SMTP Ready.
quit
221 See you later
Connection closed by foreign host.
[EMAIL PROTECTED]:/var/log# telnet localhost 10026
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 MacGyver SMTP Ready.
quit
221 Good.
Connection closed by foreign host.
[EMAIL PROTECTED]:/var/log# telnet localhost 10027
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 nabiki.rsvj ESMTP Postfix (Debian/GNU/RSVJ)
quit
221 Bye
Connection closed by foreign host.
[EMAIL PROTECTED]:/var/log# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 nabiki.rsvj ESMTP Postfix (Debian/GNU/RSVJ)
quit
221 Bye
Connection closed by foreign host.
Les daemons sont tous disponibles...
D�sol� pour la tartine, mais que faire de plus pour que ca marche???
PS:Par la suite, une fois ce probl�me r�solu, je changerai clam par
clamd...
et je ferai le test sur exim (SA-exim/clamd + spamd) mais c'est une autre
histoire
PS2 pour spamproxyd: nohup perl /etc/spamassassin/spamproxyd
127.0.0.1:10026
127.0.0.1:10027 &
--
Vincent Jamart
DBA/UNIX system engineer
_______________________________________________________
Linux Mailing List - http://www.unixtech.be
Subscribe/Unsubscribe: http://www.unixtech.be/mailman/listinfo/linux
Archives: http://www.mail-archive.com/[EMAIL PROTECTED]
IRC: efnet.unixtech.be:6667 - #unixtech
