[Postfixbuch-users] Evtl falsche smtpd_recipient_restrictions oder Reihenfolge ?

Achim Altmann aa at com-gate.com
Sa Sep 20 12:49:18 CEST 2003 

Hallo,

Erstmal sorry für dieses grossse posting zum beantworten der Fragen ist 
es aber evtl ganz hilfreich!

seitdem ich einen Virenscanner installiert habe diesem mit amavisd 
verwende und diesen am anfang so eingestellt hatte das er den absender 
benachrichtigt (sie früheres posting hier), erhalte ich eine Flut von 
Virenmails und anworten von mailserver das user nicht vorhanden sein usw.

Siehe
24531   received
14036   delivered
0   forwarded
826   deferred  (19879  deferrals)
17293   bounced
2169   rejected (13%)
0   reject warnings
0   held
0   discarded (0%)

das ist ein auszug meiner nichganz 4 tage alten maillog

dann erhalte ich immernoch mails von absender dern mailheader eigentlich 
falsch sind und die ich eigentlich abfrage durch meine restrictions

hier mal ein Beispiel

Return-Path: <pgreer at homeloancorp.com>
Received: from imap.com-gate.com ([unix socket])
	by imap.com-gate.com (Cyrus v2.1.10) with LMTP; Sat, 20 Sep 2003 
12:23:03 +0200
X-Sieve: CMU Sieve 2.2
X-Original-To: aa.com-gate.com at smtp.com-gate.com
Received: from localhost (localhost [127.0.0.1])
	by smtp.com-gate.com (Postfix) with ESMTP id 5EE101C00082
	for <aa.com-gate.com at smtp.com-gate.com>; Sat, 20 Sep 2003 12:23:03 
+0200 (CEST)
Received: from smtp.com-gate.com ([127.0.0.1])
  by localhost (alpha1.com-gate.com [127.0.0.1]) (amavisd-new, port 10024)
  with ESMTP id 28357-01 for <aa.com-gate.com at smtp.com-gate.com>;
  Sat, 20 Sep 2003 12:23:02 +0200 (CEST)
Received: from lori.logixcom.net (lori.logixcom.net [209.49.5.9])
	by smtp.com-gate.com (Postfix) with ESMTP id C52741C00081
	for <aa at com-gate.com>; Sat, 20 Sep 2003 12:22:59 +0200 (CEST)
Received: from ajcabuff (unknown [216.201.162.226])
	by lori.logixcom.net (SMTPD) with SMTP
	id DB0B95DFD7; Sat, 20 Sep 2003 05:20:22 -0500 (CDT)
From: "MS Corporation Program Security Center" <>
To: "Partner" <partner.ubyiuylz at news_msdn.com>
SUBJECT: Current Internet Pack
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="ueprebrtrvkrzirn"
Message-Id: <20030920102022.DB0B95DFD7 at lori.logixcom.net>
Date: Sat, 20 Sep 2003 05:20:22 -0500 (CDT)
X-Virus-Scanned: by Kaspersky

dann erhalte ich mails  mit folgendem Inhalt

Hi.
I'm sorry the message returned below could not be delivered to the 
following addresses:

Undeliverable message to skbdht at bigfoot.com

Message follows:


Ich kann dabei nirgends in meinem log ein adresse namens 
skbdht at bigfoot.com  finden als was will der von mir?

Da ich amavisd-new verwende verwende ich spamassasin was aber evtl noch 
nicht richtig konfiguriert ist
siehe hier
Return-Path:      <larmar at webbworks.com>
Received:      from imap.com-gate.com ([unix socket])
       by imap.com-gate.com (Cyrus v2.1.10) with LMTP; Sat, 20 Sep 2003 
11:54:36 +0200
X-Sieve:      CMU Sieve 2.2
X-Original-To:      aa.com-gate.com at smtp.com-gate.com
Received:      from localhost (localhost [127.0.0.1])
       by smtp.com-gate.com (Postfix) with ESMTP id 73ABF1C00082
       for <aa.com-gate.com at smtp.com-gate.com>; Sat, 20 Sep 2003 
11:54:36 +0200 (CEST)
Received:      from smtp.com-gate.com ([127.0.0.1])
       by localhost (alpha1.com-gate.com [127.0.0.1]) (amavisd-new, port 
10024)
       with ESMTP id 27267-02 for <aa.com-gate.com at smtp.com-gate.com>;
       Sat, 20 Sep 2003 11:54:35 +0200 (CEST)
Received:      from webbworks.com (unknown [209.120.35.9])
       by smtp.com-gate.com (Postfix) with ESMTP id 335B71C00081
       for <aa at com-gate.com>; Sat, 20 Sep 2003 11:54:33 +0200 (CEST)
Received:      by webbworks.com from localhost
       (router,SLmail V5.1); Sat, 20 Sep 2003 00:08:10 -0700
Received:      from owkwt [209.120.35.159]
       by webbworks.com [209.120.35.9] (SLmail 5.5.0.4433) with SMTP
       id 60A83023C9A641369A955C2F8CE4A2D8
       for <zbyszek at evot.org> plus 78 more; Sat, 20 Sep 2003 00:08:05 
-0700
From:      "Internet Storage Service" <smailservice at bigfoot.com>
To:      "Inet Client" <client at mxserver.com>
SUBJECT:      Undelivered Message: Returned To Sender
Mime-Version:      1.0
Content-Type:      multipart/alternative;
       boundary="svlkhcopap"
Date:      Sat, 20 Sep 2003 00:08:10 -0700
Message-id: 
<20030920000810.60a83023c9a641369a955c2f8ce4a2d8.in at webbworks.com>
X-SLUIDL:      0B201157-A92F462C-B8EA1279-16716556
X-Virus-Scanned:      by Kaspersky
X-Spam-Status:      No, hits=3.0 tagged_above=3.0 required=6.3 
tests=HTML_40_50,
       HTML_MESSAGE, HTML_RELAYING_FRAME, MIME_HTML_NO_CHARSET, 
MIME_HTML_ONLY,
       MIME_SUSPECT_NAME
X-Spam-Level:      ***

Beim X-Spam-Level: sollte doch ***SPAM*** stehn oder
bzw. sollte der subject umgeschrieben werden bzw. SPAM hinzugefügt werden
dann könnte ich besser durch sieve filtern


da ich header-checks mache und nach den RFC's abfrage usw glaube ich das 
meine reihenfolge in der main.cf nicht stimmt

Kann sich die bitte hier mal einer ansehen

#soft_bounce = yes
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = smtp.com-gate.com
mydomain = com-gate.com
mydestination = $myhostname, localhost.localdomain, localhost.$mydomain, 
mysql:/etc/postfix/mysql-mydestination.cf
relay_domains = $mydestination
local_recipient_maps = $alias_maps unix:passwd.byname
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mailbox_transport = cyrus
smtpd_banner = $myhostname ESMTP
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
         echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
         >$config_directory/$process_name.$process_id.log & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /etc/postfix/sample
smtpd_sender_restrictions = hash:/etc/postfix/sender_checks
readme_directory = no
virtual_maps = hash:/etc/postfix/virtual, 
mysql:/etc/postfix/mysql-virtual.cf
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
canonical_maps =hash:/etc/postfix/canonical
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, 
permit_mynetworks, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/smtp.com-gate.com_key.pem
smtpd_tls_cert_file = /etc/postfix/smtp.com-gate.com_cert.pem
smtpd_tls_CAfile = /etc/postfix/RootCert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
mailbox_size_limit = 110240000
message_size_limit = 102400000
qmgr_message_active_limit = 70000000
qmgr_message_recipient_limit = 70000000
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions = hash:/etc/postfix/sender_checks
smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    permit_mynetworks,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unauth_destination,
    check_recipient_access hash:/etc/postfix/spamscripts/recipient_checks,
check_sender_access    hash:/etc/postfix/spamscripts/sender_checks,
    check_client_access    hash:/etc/postfix/spamscripts/client_checks,
    check_helo_access 
hash:/etc/postfix/spamscripts/kunden_helo_specials
    check_sender_access    hash:/etc/postfix/spamscripts/sender_checks, 
hash:/etc/postfix/spamscripts/kunden_sender_specials,
   check_client_access    hash:/etc/postfix/spamscripts/client_checks, 
hash:/etc/postfix/spamscripts/kunden_client_specials,
   check_helo_access 
hash:/etc/postfix/spamscripts/kunden_helo_specials,
   reject_unauth_pipelining,
   reject_invalid_hostname,
   reject_non_fqdn_hostname,
   reject_rbl_client        list.dsbl.org,
   reject_rbl_client        relays.ordb.org,
   reject_rbl_client        proxies.relays.monkeys.com,
   reject_rbl_client        proxies.blackholes.easynet.nl,
   reject_rbl_client        zombie.dnsbl.sorbs.net,
   reject_rbl_client        cbl.abuseat.org,
   reject_rbl_client        dynablock.easynet.nl,
   reject_rbl_client        blackholes.easynet.nl,
   reject_rbl_client        sbl.spamhaus.org,
   reject_rbl_client        formmail.relays.monkeys.com,
   reject_rbl_client        korea.services.net,
   reject_rbl_client        opm.blitzed.org,
   reject_rbl_client        bl.spamcop.net,
   reject_rbl_client        relays.visi.com,
   reject_rbl_client        ipwhois.rfc-ignorant.org
   check_sender_access    hash:/etc/postfix/rhsbl_sender_domain_exceptions,
   reject_rhsbl_sender    dsn.rfc-ignorant.org
   permit

header_checks =
    regexp:/etc/postfix/spamscripts/header_checks.regexp
body_checks =
    regexp:/etc/postfix/spamscripts/body_checks.regexp
smtpd_helo_required     = yes
strict_rfc821_envelopes = yes
strict_8bitmime = no
strict_8bitmime_body = no
strict_mime_encoding_domain = yes
strict_7bit_header = no
content_filter = smtp-amavis:[127.0.0.1]:10024


Vielen Dank schonmal

Gruss Achim

Mehr Informationen über die Mailingliste Postfixbuch-users