Re: [postfix-users] Mailqueue läuft voll

Tue, 15 Dec 2009 06:07:38 -0800 

Uwe Driessen schrieb:

On Behalf Of Hans Rembeck

Ralf Hildebrandt schrieb:

* Hans Rembeck <[email protected]>:



mydestination = $myhostname
mydomain = xxx
myhostname = xxx
mynetworks = 127.0.0.0/8, xxx
myorigin = $myhostname


relay_domains = $mydestination
relay_recipient_maps = hash:/etc/postfix/relay_recipients


Also ich weiss nicht. Ist die Domain nun in mydestination oder eine
relay_domain?



smtpd_recipient_restrictions =
check_recipient_access hash:/etc/postfix/x-employees
check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions
reject_non_fqdn_recipient
reject_non_fqdn_sender
reject_unknown_recipient_domain
reject_unknown_sender_domain
permit_mynetworks
check_client_access hash:/var/lib/pop-before-smtp/hosts
check_sender_access hash:/etc/postfix/access
permit_sasl_authenticated
reject_unauth_destination
check_recipient_access hash:/etc/postfix/roleaccount_exeptions
reject_invalid_hostname
check_helo_access pcre:/etc/postfix/helo_checks
check_sender_mx_access cidr:/etc/postfix/bogus_mx
reject_unverified_sender c
heck_policy_service inet:127.0.0.1:60000
reject_rbl_client zen.spamhaus.org
reject_rbl_client bl.spamcop.net
reject_rbl_client bogons.cymru.com
permit


Würde ich umstellen zu:

smtpd_recipient_restrictions =
   check_recipient_access hash:/etc/postfix/x-employees
   reject_non_fqdn_recipient
   reject_non_fqdn_sender
   reject_unknown_recipient_domain
   reject_unknown_sender_domain
   permit_mynetworks
   check_client_access hash:/var/lib/pop-before-smtp/hosts
   permit_sasl_authenticated
   reject_unauth_destination
   check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions
   check_sender_access hash:/etc/postfix/access
   check_recipient_access hash:/etc/postfix/roleaccount_exeptions
   reject_invalid_hostname
   check_helo_access pcre:/etc/postfix/helo_checks
   check_sender_mx_access cidr:/etc/postfix/bogus_mx
   reject_rbl_client zen.spamhaus.org
   reject_rbl_client bl.spamcop.net
   reject_rbl_client bogons.cymru.com
   check_policy_service inet:127.0.0.1:60000
   reject_unverified_sender

Wobei mir die beiden check_sender_access nicht geheuer sind.



smtpd_sasl_auth_enable = yes




smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access


Weg damit, ist doppelt, höchstens das
reject_unauthenticated_sender_login_mismatch
und das kann auch in smtpd_recipient_restrictions



Hab mich doch zu früh gefreut;

habe jetzt die

check_sender_access

entfernt und es kommen immer noch unbekannte Mails welche über mich dann
versandt werden.

Der muss doch dann über einen gültigen Account reinkommen oder?

Wo kann man noch ansetzen?



Hast du mal die Änderungen von Ralf übernommen ?

Ja
Wo ist das log dazu evtl. kannst du auch mal in der Master.cf 
In der smtp Zeile -v oder -vv dahinter hängen dann kannst du den Weg den solch 
eine Mail
nimmt genau verfolgen und welche Restriktion das ok gibt.

mynetworks = 127.0.0.0/8, xxx wofür steht das xxxx ist das genau ein Host oder 
ist das ein
ganzes Netzwerk? 

xxx ist meine IP

Du musst deine Mühle erstmal dicht machen.
Pop3 bevor SMTP ist eigentlich nicht mehr aktuell. Wer senden möchte muß sich anmelden. 
brauch ich noch für alten outlook Express Anwender

Nimm mal die > >    check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions

   check_sender_access hash:/etc/postfix/access raus und schau ob es immer noch
passiert. 

Mit freundlichen Grüßen

Drießen


>>> START Recipient address RESTRICTIONS <<<
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_recipient_access Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_mail_access: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: leave existing entry key [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: hotmail.com 
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: shabazz76@
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_recipient_access status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_sender_access Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_mail_access: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move existing entry key [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: online.com 
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: sender@
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_sender_access status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_recipient Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_non_fqdn_address: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_recipient status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_sender Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_non_fqdn_address: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_sender status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_recipient_domain Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_address: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move existing entry key [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_mailhost: hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: lookup hotmail.com type 1 flags 0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_query: hotmail.com (A): OK Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_recipient_domain status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_sender_domain Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_address: [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move existing entry key [email protected] Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_mailhost: online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: lookup online.com type 1 flags 0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_query: online.com (A): OK Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_sender_domain status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_mynetworks Dec 15 14:48:45 localhost postfix/smtpd[13060]: permit_mynetworks: unknown 41.217.65.4 Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostname: unknown ~? 127.0.0.0/8 Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostaddr: 41.217.65.4 ~? 127.0.0.0/8 Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostname: unknown ~? x.x.x.x Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostaddr: 41.217.65.4 ~? x.x.x.x Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_list_match: unknown: no match Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_list_match: 41.217.65.4: no match Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_mynetworks status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_client_access Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_namadr_access: name unknown addr 41.217.65.4 
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: unknown
Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_addr_access: 41.217.65.4 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_client_access status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_sasl_authenticated Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_sasl_authenticated status=1 Dec 15 14:48:45 localhost postfix/smtpd[13060]: >>> CHECKING RECIPIENT MAPS <<< 

x.x.x.x meine IP

ist
permit_sasl_authenticated status=1
das es durchgelassen wird?

--
Mit freundlichen Grüßen

Hans Rembeck


_______________________________________________
postfix-users mailing list
[email protected]
http://de.postfix.org/cgi-bin/mailman/listinfo/postfix-users

Antwort per Email an