RE: Postfix - altermime - amavis - Too many hops
-Original Message- From: [EMAIL PROTECTED] [mailto:owner-postfix- [EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Thursday, October 23, 2008 6:24 PM To: postfix-users@postfix.org Subject: Re: Postfix - altermime - amavis - Too many hops Peter, disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It leads to error: Too many hops , in the log there is loop. so your filter is passing mail back to an smtpd that passes it to the same filter, and so on. So the question is where can I put the content_filter=disclaimer: work only for outgoing emails , into which smtpd process? Amavisd can call altermime directly for adding disclaimers, it already knows how to distinguish inbound vs. outbound mail (by matching recipients to @local_domains_maps, and mail source to @mynetworks or 'originating' attribute). As you are already using it, it would probably simplify setup to call altermime from there. Search RELEASE_NOTES for: - provided interface code to allow mangling/defanging/sanitation to be performed by an external utility, either by [...] If I understood it correctly I have created: cat /etc/postfix/filter_outbound /./ FILTER altermime:[127.0.0.1]:10587 cat /etc/postfix/filter_inbound /./ FILTER smtp-amavis:[127.0.0.1]:10024 I have adjusted smtpd_sender_restrictions as you adviced and removed content_filter = smtp-amavis:[127.0.0.1]:10024 from main.cf Now I have in my master.cf: smtp-amavis unix - - n - 5 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= ... And where I can put the syntax for filter_outbound smtpd daemon in the master.cf? I know that postfix cannot distinguished inbound or outbound traffic , but I'm still using only one eth card. I've found some examples with 2 smtpd instances but i'm not sure if it's right solution for me. I just want to use altermime only for outgoing traffic Thanks for your answe Mark, you're kind I know about this opttion but the problem is that I'm using maia mailguread and it uses amavisd-new 2.3 and your features come from 2.5.x version Therefore I decided to do it on the postfix side through the filters. But I cannot understand how cannot distinguished the incoming and outcoming email oin the postfix if I kno that incoming emails must comes from the public address range while outgoing comes from 10.0.0.0/8 address range Thanks Br peter
Re: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit : I know about this opttion but the problem is that I'm using maia mailguread and it uses amavisd-new 2.3 and your features come from 2.5.x version Therefore I decided to do it on the postfix side through the filters. But I cannot understand how cannot distinguished the incoming and outcoming email oin the postfix if I kno that incoming emails must comes from the public address range while outgoing comes from 10.0.0.0/8 address range an example here: http://www.netoyen.net/postfix/filtoutin.txt the example uses clamsmtpd but you can use another filter. in your case, replace: /./ FILTER filter:[127.0.0.1]:10586 with /./ FILTER disclaimer:
RE: Postfix - altermime - amavis - Too many hops
I know about this opttion but the problem is that I'm using maia mailguread and it uses amavisd-new 2.3 and your features come from 2.5.x version Therefore I decided to do it on the postfix side through the filters. But I cannot understand how cannot distinguished the incoming and outcoming email oin the postfix if I kno that incoming emails must comes from the public address range while outgoing comes from 10.0.0.0/8 address range an example here: http://www.netoyen.net/postfix/filtoutin.txt the example uses clamsmtpd but you can use another filter. in your case, replace: /./ FILTER filter:[127.0.0.1]:10586 with /./ FILTER disclaimer: Thanks, I think it works now as I wished. Can you please check my log if it's ok and correct please This is inbound traffic , mainly the first part with client host triggers: Oct 25 00:37:57 testmonit postfix/smtpd[5609]: NOQUEUE: filter: RCPT from monit[10.1.100.1]: monit[10.1.100.1]: Client host trigger s FILTER altermime:[127.0.0.1]:10587; from=[EMAIL PROTECTED] to=[EMAIL PROTECTED] proto=SMTP helo=test Oct 25 00:37:57 testmonit postfix/smtpd[5609]: NOQUEUE: filter: RCPT from monit[10.1.100.1]: monit[10.1.100.1]: Client host trigger s FILTER smtp-amavis:[127.0.0.1]:10024; from=[EMAIL PROTECTED] to=[EMAIL PROTECTED] proto=SMTP helo=test Oct 25 00:37:58 testmonit postfix/smtpd[5609]: 2169165B4F: client=monit[10.1.100.1] Oct 25 00:38:02 testmonit postfix/cleanup[5621]: 2169165B4F: message-id=[EMAIL PROTECTED] Oct 25 00:38:02 testmonit postfix/qmgr[5596]: 2169165B4F: from=[EMAIL PROTECTED], size=345, nrcpt=1 (queue active) Oct 25 00:38:04 testmonit postfix/smtpd[5653]: connect from localhost[127.0.0.1] Oct 25 00:38:04 testmonit postfix/smtpd[5653]: 92E8E65B56: client=localhost[127.0.0.1] Oct 25 00:38:04 testmonit postfix/cleanup[5621]: 92E8E65B56: message-id=[EMAIL PROTECTED] Oct 25 00:38:04 testmonit postfix/smtpd[5653]: disconnect from localhost[127.0.0.1] Oct 25 00:38:04 testmonit postfix/qmgr[5596]: 92E8E65B56: from=[EMAIL PROTECTED], size=765, nrcpt=1 (queue active) Oct 25 00:38:04 testmonit amavis[14560]: (14560-05) Passed CLEAN, MYNETS LOCAL [10.1.100.1] [10.1.100.1] [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], mail_id: TADAgZUVA4wW, Hits: -, 2410 ms Oct 25 00:38:04 testmonit postfix/smtp[5651]: 2169165B4F: to=[EMAIL PROTECTED], relay=127.0.0.1[127.0.0.1], delay=18, s tatus=sent (250 2.6.0 Ok, id=14560-05, from MTA([127.0.0.1]:10025): 250 Ok: queued as 92E8E65B56) . Outbound is clear Thanks peter
Postfix - altermime - amavis - Too many hops
Dear all I'd like to ask you a question. In my master.cf is: smtp inet n - n - - smtpd 127.0.0.1:10025 inet n - n - - smtpd -o content_filter=disclaimer: -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks ##disclaimer disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It leads to error: Too many hops , in the log there is loop. When I change it to: smtp inet n - n - - smtpd -o content_filter=disclaimer: 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks ##disclaimer disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It works fine but also for incoming emails too, which is clear So the question is where can I put the content_filter=disclaimer: to work only for outgoing emails , into which smtpd process? Thanks Br peter
Re: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit : Dear all I'd like to ask you a question. In my master.cf is: [snip] ##disclaimer disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It leads to error: Too many hops , in the log there is loop. so your filter is passing mail back to an smtpd that passes it to the same filter, and so on. if your filter resubmits mail via the sendmail command and if you don't want to filter mail submitted via the sendmail command, then add -o content_filter= to the pickup service (in master.cf). [snip] So the question is where can I put the content_filter=disclaimer: to work only for outgoing emails , into which smtpd process? you can use the FILTER statement in smtpd restrictions.
RE: Postfix - altermime - amavis - Too many hops
-Original Message- From: mouss [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 3:01 PM To: Jevos, Peter Cc: Postfix users Subject: Re: Postfix - altermime - amavis - Too many hops Jevos, Peter a écrit : Dear all I'd like to ask you a question. In my master.cf is: [snip] ##disclaimer disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It leads to error: Too many hops , in the log there is loop. so your filter is passing mail back to an smtpd that passes it to the same filter, and so on. if your filter resubmits mail via the sendmail command and if you don't want to filter mail submitted via the sendmail command, then add -o content_filter= to the pickup service (in master.cf). [snip] So the question is where can I put the content_filter=disclaimer: to work only for outgoing emails , into which smtpd process? you can use the FILTER statement in smtpd restrictions. Thank you for your answer. When I added o content_filter= into the pickup line it works. No more loops. But still I'm recieving the disclaimer also for incoming mail, which is clear cause filter is located in the amavis filter: ... 127.0.0.1:10025 inet n - n - - smtpd -o content_filter=disclaimer: -o local_recipient_maps= So I have to take it away and put somewhere else. Can you please describe more FILTER statement or better put some example for me ? Thank you Br peter
RE: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit : Dear all I'd like to ask you a question. In my master.cf is: [snip] ##disclaimer disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It leads to error: Too many hops , in the log there is loop. so your filter is passing mail back to an smtpd that passes it to the same filter, and so on. if your filter resubmits mail via the sendmail command and if you don't want to filter mail submitted via the sendmail command, then add -o content_filter= to the pickup service (in master.cf). [snip] So the question is where can I put the content_filter=disclaimer: to work only for outgoing emails , into which smtpd process? you can use the FILTER statement in smtpd restrictions. Thank you for your answer. When I added o content_filter= into the pickup line it works. No more loops. But still I'm recieving the disclaimer also for incoming mail, which is clear cause filter is located in the amavis filter: ... 127.0.0.1:10025 inet n - n - - smtpd -o content_filter=disclaimer: -o local_recipient_maps= So I have to take it away and put somewhere else. Can you please describe more FILTER statement or better put some example for me ? smtpd_sender_restrictions = check_client_access pcre:/etc/postfix/filter_outbound permit_mynetworks permit_sasl_authenticated check_client_access pcre:/etc/postfix/filter_inbound == filter_outbound # filter for outbound mail /./ FILTER yourfilter:[127.0.0.1]:10587 = filter_inbound # filter for inbound mail /./ FILTER yourfilter:[127.0.0.1]:10030 of course, you can't do this after amavisd-new, since at this time you don't know if mail is inbound or outbound. you need to think your mail path carefully. Thank you for your example, I already read FILTER_README and also Book of Postfix but I'm missing more examples. If I understood it correctly I have created: cat /etc/postfix/filter_outbound /./ FILTER altermime:[127.0.0.1]:10587 cat /etc/postfix/filter_inbound /./ FILTER smtp-amavis:[127.0.0.1]:10024 I have adjusted smtpd_sender_restrictions as you adviced and removed content_filter = smtp-amavis:[127.0.0.1]:10024 from main.cf Now I have in my master.cf: smtp-amavis unix - - n - 5 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= ... And where I can put the syntax for filter_outbound smtpd daemon in the master.cf? I know that postfix cannot distinguished inbound or outbound traffic , but I'm still using only one eth card. I've found some examples with 2 smtpd instances but i'm not sure if it's right solution for me. I just want to use altermime only for outgoing traffic Thank you BR PEter
Re: Postfix - altermime - amavis - Too many hops
Peter, disclaimer unix- n n - - pipe flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f ${sender} -- ${recipient} It leads to error: Too many hops , in the log there is loop. so your filter is passing mail back to an smtpd that passes it to the same filter, and so on. So the question is where can I put the content_filter=disclaimer: work only for outgoing emails , into which smtpd process? Amavisd can call altermime directly for adding disclaimers, it already knows how to distinguish inbound vs. outbound mail (by matching recipients to @local_domains_maps, and mail source to @mynetworks or 'originating' attribute). As you are already using it, it would probably simplify setup to call altermime from there. Search RELEASE_NOTES for: - provided interface code to allow mangling/defanging/sanitation to be performed by an external utility, either by [...] Mark