On 2/22/2011 8:10 AM, sunhux G wrote:
We need to see all the smtpd logging.
Noel, so do I append "-v" or "-D" on the smtpd line in master.cf ?
Or are you referring to "strace -p postfix_process_pid" ?
In your earlier posts, you removed potentially interesting
postfix/smtpd entries. Don't do that.
DO NOT enable verbose logging unless specifically requested.
provide complete NON VERBOSE postfix logging
So do I remove "-v"& use "-D" in master.cf, restart postfix&
send test emails ?
Yes.
"ps -ef | grep -i postfix" only showed one process. sendmail is also not
running on this box. If I do "/etc/init.d/postfix stop", "telnet localhost 25"
would not respond, so doesn't look like there's another MTA process
Output of your "mailq" command didn't look like postfix
output. Maybe your OS is confused about which MTA it's
supposed to use.
===================================================
# postconf -n
inet_interfaces = all
Good.
mydomain = myportaltech.com
myhostname = hostname
Is this what postconf really returns or did you redact this?
myhostname should be a fully qualified name such as
smtp.example.com
mynetworks = 172.18.x.y/24, 127.0.0.0/8, 202.6.163.0/24
Do you really own 202.6.163.0/24? Even if you do, do you
really want to give relay access to all those hosts?
smtpd_recipient_restrictions = reject_invalid_hostname,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
Probably best to list (permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination) first,
then check for valid hostname and pipelining.
reject_unauth_destination,
check_client_access
hash:/etc/postfix/rbl_override,
reject_rbl_client multi.uribl.com,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client combined.rbl.msrbl.net,
reject_rbl_client rabl.nuclearelephant.com,
permit
You need to carefully review your RBL list. Some of them are
dead, some of them should be used with reject_rhsbl_client,
some are duplicates (same data included in multiple lists).
No glaring errors in your postconf -n.
===================================================
# ./postfinger.sh --nowarn
postfinger - postfix configuration on Thu Feb 17 10:12:16 SGT 2011
version: 1.30
--System Parameters--
mail_version = 2.5.6
hostname = xxxxxxxx
uname = Linux xxxxxxxx 2.6.12.6-xen0 #1 Tue Jan 31 16:03:21 GMT 2006
i686 i686 i386 GNU/Linux
--Packaging information--
looks like this postfix comes from RPM package: postfix-2.5.6-1.rhel4
--main.cf non-default parameters--
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
html_directory = /usr/share/doc/postfix-2.5.6-documentation/html
mailq_path = /usr/bin/mailq.postfix
mail_spool_directory = /pop3/spool/mail
manpage_directory = /usr/share/man
mydomain = myportaltech.com
myhostname = smtp.myportaltech.com
Ah, OK.
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /pop3/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.6-documentation/readme
sendmail_path = /usr/sbin/sendmail.postfix
smtpd_sasl_auth_enable = yes
I'm wondering why smtpd_recipient_restrictions didn't show
here, and if it matters.
--master.cf--
Nothing particularly interesting here, thanks for supplying it.
There are no glaring errors in your config.
We really need to see logging.
-- Noel Jones
