RE: Postfix - altermime - amavis - Too many hops
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-postfix-
[EMAIL PROTECTED] On Behalf Of Mark Martinec
Sent: Thursday, October 23, 2008 6:24 PM
To: postfix-users@postfix.org
Subject: Re: Postfix - altermime - amavis - Too many hops
Peter,
disclaimer unix- n n - -
pipe
flags=Rq user=altermime
argv=/etc/postfix/filter/disclaimer
-f
${sender} -- ${recipient}
It leads to error: Too many hops , in the log there is loop.
so your filter is passing mail back to an smtpd that passes it
to
the same filter, and so on.
So the question is where can I put the
content_filter=disclaimer:
work only for outgoing emails , into which smtpd process?
Amavisd can call altermime directly for adding disclaimers,
it already knows how to distinguish inbound vs. outbound mail
(by matching recipients to @local_domains_maps, and mail source
to @mynetworks or 'originating' attribute). As you are already
using it, it would probably simplify setup to call altermime
from there.
Search RELEASE_NOTES for:
- provided interface code to allow mangling/defanging/sanitation
to be performed by an external utility, either by [...]
If I understood it correctly I have created:
cat /etc/postfix/filter_outbound
/./ FILTER altermime:[127.0.0.1]:10587
cat /etc/postfix/filter_inbound
/./ FILTER smtp-amavis:[127.0.0.1]:10024
I have adjusted smtpd_sender_restrictions as you adviced and removed
content_filter = smtp-amavis:[127.0.0.1]:10024 from main.cf
Now I have in my master.cf:
smtp-amavis unix - - n - 5 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
...
And where I can put the syntax for filter_outbound smtpd daemon in the
master.cf?
I know that postfix cannot distinguished inbound or outbound traffic ,
but I'm still using only one eth card. I've found some examples with 2
smtpd instances but i'm not sure if it's right solution for me.
I just want to use altermime only for outgoing traffic
Thanks for your answe Mark, you're kind
I know about this opttion but the problem is that I'm using maia
mailguread and it uses amavisd-new 2.3 and your features come from 2.5.x
version
Therefore I decided to do it on the postfix side through the filters.
But I cannot understand how cannot distinguished the incoming and
outcoming email oin the postfix if I kno that incoming emails must comes
from the public address range while outgoing comes from 10.0.0.0/8
address range
Thanks
Br
peter
Re: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit : I know about this opttion but the problem is that I'm using maia mailguread and it uses amavisd-new 2.3 and your features come from 2.5.x version Therefore I decided to do it on the postfix side through the filters. But I cannot understand how cannot distinguished the incoming and outcoming email oin the postfix if I kno that incoming emails must comes from the public address range while outgoing comes from 10.0.0.0/8 address range an example here: http://www.netoyen.net/postfix/filtoutin.txt the example uses clamsmtpd but you can use another filter. in your case, replace: /./ FILTER filter:[127.0.0.1]:10586 with /./ FILTER disclaimer:
RE: Postfix - altermime - amavis - Too many hops
I know about this opttion but the problem is that I'm using maia mailguread and it uses amavisd-new 2.3 and your features come from 2.5.x version Therefore I decided to do it on the postfix side through the filters. But I cannot understand how cannot distinguished the incoming and outcoming email oin the postfix if I kno that incoming emails must comes from the public address range while outgoing comes from 10.0.0.0/8 address range an example here: http://www.netoyen.net/postfix/filtoutin.txt the example uses clamsmtpd but you can use another filter. in your case, replace: /./ FILTER filter:[127.0.0.1]:10586 with /./ FILTER disclaimer: Thanks, I think it works now as I wished. Can you please check my log if it's ok and correct please This is inbound traffic , mainly the first part with client host triggers: Oct 25 00:37:57 testmonit postfix/smtpd[5609]: NOQUEUE: filter: RCPT from monit[10.1.100.1]: monit[10.1.100.1]: Client host trigger s FILTER altermime:[127.0.0.1]:10587; from=[EMAIL PROTECTED] to=[EMAIL PROTECTED] proto=SMTP helo=test Oct 25 00:37:57 testmonit postfix/smtpd[5609]: NOQUEUE: filter: RCPT from monit[10.1.100.1]: monit[10.1.100.1]: Client host trigger s FILTER smtp-amavis:[127.0.0.1]:10024; from=[EMAIL PROTECTED] to=[EMAIL PROTECTED] proto=SMTP helo=test Oct 25 00:37:58 testmonit postfix/smtpd[5609]: 2169165B4F: client=monit[10.1.100.1] Oct 25 00:38:02 testmonit postfix/cleanup[5621]: 2169165B4F: message-id=[EMAIL PROTECTED] Oct 25 00:38:02 testmonit postfix/qmgr[5596]: 2169165B4F: from=[EMAIL PROTECTED], size=345, nrcpt=1 (queue active) Oct 25 00:38:04 testmonit postfix/smtpd[5653]: connect from localhost[127.0.0.1] Oct 25 00:38:04 testmonit postfix/smtpd[5653]: 92E8E65B56: client=localhost[127.0.0.1] Oct 25 00:38:04 testmonit postfix/cleanup[5621]: 92E8E65B56: message-id=[EMAIL PROTECTED] Oct 25 00:38:04 testmonit postfix/smtpd[5653]: disconnect from localhost[127.0.0.1] Oct 25 00:38:04 testmonit postfix/qmgr[5596]: 92E8E65B56: from=[EMAIL PROTECTED], size=765, nrcpt=1 (queue active) Oct 25 00:38:04 testmonit amavis[14560]: (14560-05) Passed CLEAN, MYNETS LOCAL [10.1.100.1] [10.1.100.1] [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], mail_id: TADAgZUVA4wW, Hits: -, 2410 ms Oct 25 00:38:04 testmonit postfix/smtp[5651]: 2169165B4F: to=[EMAIL PROTECTED], relay=127.0.0.1[127.0.0.1], delay=18, s tatus=sent (250 2.6.0 Ok, id=14560-05, from MTA([127.0.0.1]:10025): 250 Ok: queued as 92E8E65B56) . Outbound is clear Thanks peter
Postfix - altermime - amavis - Too many hops
Dear all
I'd like to ask you a question.
In my master.cf is:
smtp inet n - n - - smtpd
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=disclaimer:
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks
##disclaimer
disclaimer unix- n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f
${sender} -- ${recipient}
It leads to error: Too many hops , in the log there is loop.
When I change it to:
smtp inet n - n - - smtpd
-o content_filter=disclaimer:
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks
##disclaimer
disclaimer unix- n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f
${sender} -- ${recipient}
It works fine but also for incoming emails too, which is clear
So the question is where can I put the content_filter=disclaimer: to
work only for outgoing emails , into which smtpd process?
Thanks
Br
peter
Re: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit :
Dear all
I'd like to ask you a question.
In my master.cf is:
[snip]
##disclaimer
disclaimer unix- n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f
${sender} -- ${recipient}
It leads to error: Too many hops , in the log there is loop.
so your filter is passing mail back to an smtpd that passes it to the
same filter, and so on.
if your filter resubmits mail via the sendmail command and if you don't
want to filter mail submitted via the sendmail command, then add
-o content_filter=
to the pickup service (in master.cf).
[snip]
So the question is where can I put the content_filter=disclaimer: to
work only for outgoing emails , into which smtpd process?
you can use the FILTER statement in smtpd restrictions.
RE: Postfix - altermime - amavis - Too many hops
-Original Message-
From: mouss [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 3:01 PM
To: Jevos, Peter
Cc: Postfix users
Subject: Re: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit :
Dear all
I'd like to ask you a question.
In my master.cf is:
[snip]
##disclaimer
disclaimer unix- n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f
${sender} -- ${recipient}
It leads to error: Too many hops , in the log there is loop.
so your filter is passing mail back to an smtpd that passes it to the
same filter, and so on.
if your filter resubmits mail via the sendmail command and if you don't
want to filter mail submitted via the sendmail command, then add
-o content_filter=
to the pickup service (in master.cf).
[snip]
So the question is where can I put the content_filter=disclaimer: to
work only for outgoing emails , into which smtpd process?
you can use the FILTER statement in smtpd restrictions.
Thank you for your answer. When I added o content_filter= into the pickup line
it works. No more loops.
But still I'm recieving the disclaimer also for incoming mail, which is clear
cause filter is located in the amavis filter:
...
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=disclaimer:
-o local_recipient_maps=
So I have to take it away and put somewhere else.
Can you please describe more FILTER statement or better put some example for me
?
Thank you
Br
peter
RE: Postfix - altermime - amavis - Too many hops
Jevos, Peter a écrit :
Dear all
I'd like to ask you a question.
In my master.cf is:
[snip]
##disclaimer
disclaimer unix- n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f
${sender} -- ${recipient}
It leads to error: Too many hops , in the log there is loop.
so your filter is passing mail back to an smtpd that passes it to
the
same filter, and so on.
if your filter resubmits mail via the sendmail command and if you
don't
want to filter mail submitted via the sendmail command, then add
-o content_filter=
to the pickup service (in master.cf).
[snip]
So the question is where can I put the content_filter=disclaimer:
to
work only for outgoing emails , into which smtpd process?
you can use the FILTER statement in smtpd restrictions.
Thank you for your answer. When I added o content_filter= into the
pickup line it works. No more loops.
But still I'm recieving the disclaimer also for incoming mail, which
is clear cause filter is located in the amavis filter:
...
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=disclaimer:
-o local_recipient_maps=
So I have to take it away and put somewhere else.
Can you please describe more FILTER statement or better put some
example for me ?
smtpd_sender_restrictions =
check_client_access pcre:/etc/postfix/filter_outbound
permit_mynetworks
permit_sasl_authenticated
check_client_access pcre:/etc/postfix/filter_inbound
== filter_outbound
# filter for outbound mail
/./ FILTER yourfilter:[127.0.0.1]:10587
= filter_inbound
# filter for inbound mail
/./ FILTER yourfilter:[127.0.0.1]:10030
of course, you can't do this after amavisd-new, since at this time you
don't know if mail is inbound or outbound.
you need to think your mail path carefully.
Thank you for your example, I already read FILTER_README and also Book of
Postfix but I'm missing more examples.
If I understood it correctly I have created:
cat /etc/postfix/filter_outbound
/./ FILTER altermime:[127.0.0.1]:10587
cat /etc/postfix/filter_inbound
/./ FILTER smtp-amavis:[127.0.0.1]:10024
I have adjusted smtpd_sender_restrictions as you adviced and removed
content_filter = smtp-amavis:[127.0.0.1]:10024 from main.cf
Now I have in my master.cf:
smtp-amavis unix - - n - 5 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
...
And where I can put the syntax for filter_outbound smtpd daemon in the
master.cf?
I know that postfix cannot distinguished inbound or outbound traffic , but I'm
still using only one eth card. I've found some examples with 2 smtpd instances
but i'm not sure if it's right solution for me.
I just want to use altermime only for outgoing traffic
Thank you
BR
PEter
Re: Postfix - altermime - amavis - Too many hops
Peter,
disclaimer unix- n n - - pipe
flags=Rq user=altermime argv=/etc/postfix/filter/disclaimer -f
${sender} -- ${recipient}
It leads to error: Too many hops , in the log there is loop.
so your filter is passing mail back to an smtpd that passes it to
the same filter, and so on.
So the question is where can I put the content_filter=disclaimer:
work only for outgoing emails , into which smtpd process?
Amavisd can call altermime directly for adding disclaimers,
it already knows how to distinguish inbound vs. outbound mail
(by matching recipients to @local_domains_maps, and mail source
to @mynetworks or 'originating' attribute). As you are already
using it, it would probably simplify setup to call altermime
from there.
Search RELEASE_NOTES for:
- provided interface code to allow mangling/defanging/sanitation
to be performed by an external utility, either by [...]
Mark
