On Wed, October 23, 2013 7:47 am, Michiel van Es wrote: > On Wed, October 23, 2013 7:42 am, Michiel van Es wrote: >> On Tue, October 22, 2013 3:41 pm, Gilles Chehade wrote: >>> On Tue, Oct 22, 2013 at 01:53:55PM -0000, Michiel van Es wrote: >>>> Hello, >>>> >>> >>> Ohai, >>> >>> >>>> I am using OpenSMTPD 5.3.3p1 portable release on Ubuntu 64 bit. >>>> >>>> I am trying to set up Clamav with OpenSMTPD following: >>>> https://poolp.org/0x765d/OpenSMTPD:-LDAP-support-selectable-source--DKIM-and-Goodies >>>> >>>> But I am stuck with my own setup. >>>> The setup is as follows: >>>> >>>> [...] >>>> >>>> Now all mail is catched by the 'accept from any for domain <vdomains> >>>> virtual <vusers> deliver to mda "procmail -f -"' rule. >>>> >>> >>> Yup, since we perform first match, then if a mail comes for a domain >>> part >>> of your vdomains table, it will necessarily match that rule. >>> >>> >>>> How can I ensure that all incoming and TLS+AUTH smtp sessions are >>>> setup >>>> via the proxy (smtp://127.0.0.1:10026 => ClamSMTP) ? >>>> >>> >>> Wouldn't the following do the job ? >>> >>> accept for local alias <aliases> deliver to mda "procmail -f -" >>> accept tagged CLAM from any for domain <vdomains> virtual <vusers> >>> deliver >>> to mda "procmail -f -" >>> accept tagged CLAM for any relay >>> accept for any relay via smtp://127.0.0.1:10026 >> >> The config would be like this then right? >> >> listen on lo >> listen on eth0 tls certificate mail.pragmasec.nl auth-optional hostname >> mail.pragmasec.nl >> listen on eth0 port 587 tls certificate mail.pragmasec.nl auth hostname >> mail.pragmasec.nl >> expire 7d >> table vdomains "/usr/local/etc/vdomains" >> table vusers "/usr/local/etc/users" >> table aliases db:/usr/local/etc/aliases.db >> # the works >> listen on lo port 10025 tag CLAM >> accept for local alias <aliases> deliver to mda "procmail -f -" >> accept tagged CLAM from any for domain <vdomains> virtual <vusers> >> deliver >> to mda "procmail -f -" >> accept tagged CLAM for any relay >> accept for any relay via smtp://127.0.0.1:10026 >> >> >> I get the following message: >> >> debug: session_start_ssl: switching to SSL >> smtp-in: Started TLS on session 00000000ef04b129: version=TLSv1/SSLv3, >> cipher=AES128-SHA, bits=128 >> smtp-in: Client certificate verification succeeded on session >> 00000000ef04b129 >> smtp-in: Failed command on session 00000000ef04b129: "RCPT >> TO:<******>" => 550 Invalid recipient >> smtp-in: Closing session 00000000ef04b129 >> debug: smtp: 0x1874310: deleting session: done > >
is it possible that clamsmtp (a clam proxy for smtp - mostly used by Postfix) is not working accepting the connection? I see it should be possible with clamav when reading http://comments.gmane.org/gmane.mail.opensmtpd.general/279 but I am interested if this statement is really true and if so with which setup? Clamav directly? Clamsmtp or clamav-milter or such? Clamsmtp would be the most obvious as it uses an input and output address to pass all the mails through. Any tips would be much appreciated :) >> >> Somehow the vusers lookup goes wrong and my config is not working. >> Do you know what I might be missing? >> >> Regards, >> >> Michiel >> >>> >>> >>> -- >>> Gilles Chehade >>> >>> https://www.poolp.org >>> @poolpOrg >>> >>> -- >>> You received this mail because you are subscribed to [email protected] >>> To unsubscribe, send a mail to: [email protected] >>> >>> >> >> >> >> -- >> You received this mail because you are subscribed to [email protected] >> To unsubscribe, send a mail to: [email protected] >> >> > > > > -- > You received this mail because you are subscribed to [email protected] > To unsubscribe, send a mail to: [email protected] > > -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
