Re: upgrade broke postfix

Wed, 19 Aug 2015 10:32:20 -0700

--On August 19, 2015 at 5:16:03 PM +0000 Viktor Dukhovni <[email protected]> wrote: 


On Wed, Aug 19, 2015 at 11:42:36AM -0500, Paul Schmehl wrote:


Well, with the complete log entry (provided in *this* message), we
see that the "filter" transport is the one that's missing.


>># cat master.cf | grep -v '#'
>> smtps    inet  n       -       n       -       -       smtpd
>> -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
>
> You should have more overrides above, to only accept mail from
> authenticated users, and otherwise apply fewer restrictions.
>

I'm not sure what you mean here.


The port 465 wrapper-mode service is for mail submission, and so
should allow only authenticated users, and let them send outbound
mail.  Or perhaps you don't need it at all, if you don't know
what it is for.
No need to be unkind, Victor. I do this on a volunteer basis, and I'm not an email expert.
I thought that -o smtpd_sasl_auth_enable=yes meant that only authenticated users could send mail from outside the domain. Is that not true? 



No, that line is needed.  Because you've configured Postfix to
use the "filter" transport.


>    filter     unix  -       n       n       -       -       pipe
>      flags=Rq user=filter
>      argv=/usr/local/bin/filter.sh -f ${sender} -- ${recipient}


Why would you proceed to fully comment it out, when informed to do
the opposite?
I commented out filter, because it wasn't working. You then complained about the argv line, because I used grep -v "#" to show what was in the master.cf file, and that apparently confused you. So I commented it out was well. 



Do you want that "filter.sh" script to scan all inbound mail or not?


Of course I do, but it wasn't working, which is why I removed it.

I'm testing now.
Apparently you need either this entry: smtp inet n - n - - smtpd -o content_filter=filter:dummyr and this entry: smtpd pass - - n - - smtpd -o content_filter=filter:dummyr
Or you need this entry: filter unix - n n - 10 pipe flags=Rq user=filter argv=/usr/local/bin/filter.sh -f ${sender} -- ${recipient} and this entry: smtpd pass - - n - - smtpd -o content_filter=filter:dummyr 

Is that correct?

Paul Schmehl ([email protected])
Independent Researcher

Reply via email to