[Postfixbuch-users] Problem mit Spamassasin

niels_kalle niels_kalle at web.de
Mo Mai 29 08:53:48 CEST 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andreas Winkelmann wrote:
> Am Monday 29 May 2006 05:04 schrieb Niels Kalle:
> 
> 
>>Ich habe das Problem, das Spamassasin auf meinem neuen Server
>>anscheinend in einen Loop laeuft...
>>ich habe mich endlich getraut meinen Mailserver mit mysql und
>>gechrootet zu bauen was an sich schon eine Reihe von Problemen mit
>>sich brachte aber beim SA komm ich jetzt garnicht mehr weiter:
>>
>>May 29 04:46:37 schnake spamd[5187]: spamd: connection from localhost
>>[127.0.0.1] at port 40562
>>May 29 04:46:37 schnake spamd[5187]: spamd: setuid to nobody succeeded
>>May 29 04:46:37 schnake spamd[5187]: spamd: creating default_prefs:
>>//.spamassassin/user_prefs
>>May 29 04:46:37 schnake spamd[5187]: mkdir /.spamassassin: Permission
>>denied at /usr/lib/perl5/vendor_perl/5.8.7/Mail/SpamAssassin.pm line 1467
>>May 29 04:46:37 schnake spamd[5187]: config: cannot write to
>>//.spamassassin/user_prefs: No such file or directory
>>May 29 04:46:37 schnake spamd[5187]: spamd: failed to create readable
>>default_prefs: //.spamassassin/user_prefs
> 
> 
> Du solltest es ausschalten, dass spamd user_prefs-Directories anlegt. Wenn ich 
> mir die man-page so ansehe, denke ich, dass Du es sogar explizit 
> eingeschaltet hast. Das ist natürlich unter gleichzeitiger Verwendung des 
> Users nobody äusserst sinnfrei.
> 
> 
>>und so geht das weiter und weiter bis er dann endgueltig mit folgender
>>Meldung stirbt:
>>
>>May 29 04:46:41 schnake sSMTP[25970]: 554 Error: too many hops
> 
> 
> Das ist ein Loop, da hast Du irgendeinen Ring konfiguriert. Postfix nimmt die 
> Mail nicht mehr an, weil sie schon durch 50 MTAs gelaufen ist.
> 
> 
>>May 29 02:46:41 schnake postfix/smtpd[25959]: disconnect from
>>unknown[217.11.52.12]
>>May 29 04:46:41 schnake postfix/pipe[25917]: 066772008AE1:
>>to=<nkalle at humbug.org>, relay=spamassassin, delay=0, status=bounced
>>(Command died with status 1: "/usr/bin/spamc". Command output:
>>sendmail: 554 Error: too many hops )
>>May 29 04:46:41 schnake postfix/cleanup[25961]: 40C0C2008B7A:
>>message-id=<20060529024641.40C0C2008B7A at mail.humbug.org>
>>May 29 04:46:41 schnake postfix/qmgr[25835]: 40C0C2008B7A: from=<>,
>>size=9283, nrcpt=1 (queue active)
>>May 29 04:46:41 schnake postfix/qmgr[25835]: 066772008AE1: removed
>>May 29 04:46:41 schnake postfix/smtp[25974]: 40C0C2008B7A:
>>to=<nobody at schnake.humbug.org>, relay=none, delay=0, status=bounced
>>(mail for schnake.humbug.org loops back to myself)
>>
>>Hier mal ein Teil meiner master.cf:
>>
>>[...]
>>discard   unix  -       -       n       -       -       discard
>>anvil     unix  -       -       n       -       1       anvil
>>scache    unix  -       -       n       -       1       scache
>>trace     unix  -       -       n       -       0       bounce
>>verify    unix  -       -       n       -       1       verify
>>smtp      inet  n       -       -       -       -       smtpd
>>          -o content_filter=spamassassin
>>## AvMailGate
>>127.0.0.1:10025 inet n  -       n       -       -       smtpd -o
>>content_filter=
>>
>># Interfaces to non-Postfix software. Be sure to examine the manual
>># pages of the non-Postfix software to find out what options it wants.
>>spamassassin unix -     n       n       -       -       pipe
>>        user=nobody argv=/usr/bin/spamc -f -e
>>        /usr/sbin/sendmail -oi -f ${sender} ${recipient}
> 
> 
> Zeig doch mal "postconf -n". Wie ist denn so content_filter in der main.cf 
> eingestellt?

Hier der Output von postconf -n (das ist einiges...):

2bounce_notice_recipient = postmaster
access_map_reject_code = 554
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
allow_percent_hack = yes
append_at_myorigin = yes
append_dot_mydomain = yes
biff = no
body_checks = pcre:/etc/postfix/body_checks.pcre
bounce_notice_recipient = postmaster
bounce_size_limit = 65536
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
command_time_limit = 600s
config_directory = /etc/postfix
content_filter = smtp:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
debug_peer_list = mail.humbug.org, nikster.humbug.org, localhost
default_destination_concurrency_limit = 5
default_destination_recipient_limit = 1000
default_process_limit = 150
default_rbl_reply = $rbl_code Service unavailable; $rbl_class
[$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} -
contact postmaster at humbug.org for details
delay_notice_recipient = postmaster
delay_warning_time = 1h
disable_dns_lookups = no
disable_vrfy_command = yes
double_bounce_sender = double-bounce
duplicate_filter_limit = 1000
empty_address_recipient = postmaster
error_notice_recipient = postmaster
header_checks = pcre:/etc/postfix/header_checks.pcre
header_size_limit = 204800
home_mailbox = .maildir/
hopcount_limit = 50
html_directory = /usr/share/doc/postfix-2.2.5/html
ignore_mx_lookup_error = yes
in_flow_delay = 1s
inet_interfaces = all
initial_destination_concurrency = 2
invalid_hostname_reject_code = 501
line_length_limit = 4096
local_destination_concurrency_limit = 10
local_destination_recipient_limit = 1000
local_transport = local
mail_name = humbug Mailservices
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_reject_code = 554
max_idle = 10s
max_use = 20
maximal_backoff_time = 3600s
maximal_queue_lifetime = 1d
message_size_limit = 10240000
minimal_backoff_time = 60s
mydestination = $myhostname, localhost.$mydomain, $mydomain, mail.$mydomain
mydomain = humbug.org
myhostname = mail.humbug.org
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
non_fqdn_reject_code = 504
notify_classes = resource, software
prepend_delivered_header = forward
qmgr_message_active_limit = 10000
qmgr_message_recipient_limit = 10000
queue_directory = /var/spool/postfix
queue_minfree = 603979776
queue_run_delay = 1h
readme_directory = /usr/share/doc/postfix-2.2.5/readme
reject_code = 554
relay_domains_reject_code = 554
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
require_home_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtpd_banner = mail.humbug.org ESMTP $mail_name
smtpd_client_restrictions = permit_mynetworks        check_client_access
$default_database_type:/etc/postfix/rbl_checks_client_whitelist
check_sender_access
$default_database_type:/etc/postfix/rbl_checks_sender_whitelist
check_recipient_access
$default_database_type:/etc/postfix/rbl_checks_recipient_whitelist
  rbl_checks        permit
smtpd_data_restrictions = reject_unauth_pipelining        permit
smtpd_delay_reject = yes
smtpd_error_sleep_time = 1s
smtpd_etrn_restrictions = reject
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
permit_sasl_authenticated        reject_invalid_hostname        permit
smtpd_recipient_limit = 10000
smtpd_recipient_restrictions = permit_mynetworks
reject_unknown_recipient_domain        reject_non_fqdn_recipient
permit_auth_destination        permit_sasl_authenticated
check_sender_access regexp:/etc/postfix/nice_reject        reject
smtpd_restriction_classes = rbl_checks
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks
permit_sasl_authenticated        permit
smtpd_timeout = 300s
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem
smtpd_tls_cert_file = /etc/postfix/tls/newcert.pem
smtpd_tls_key_file = /etc/postfix/tls/newreq.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
strict_rfc821_envelopes = yes
swap_bangpath = yes
tls_random_source = dev:/dev/urandom
transport_retry_time = 30s
undisclosed_recipients_header = To: undisclosed-recipients:;
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
virtual_transport = virtual  virtual_minimum_uid = 1000
virtual_gid_maps = static:1000  virtual_mailbox_maps =
mysql:/etc/postfix/mysql-virtual-maps.cf  virtual_alias_maps =
mysql:/etc/postfix/mysql-virtual.cf  virtual_uid_maps = static:100
virtual_mailbox_base = /home/vmail

> 
> 
>>#
>># maildrop. See the Postfix MAILDROP_README file for details.
>>#
>>maildrop  unix  -       n       n       -       -       pipe
>>  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>#
>># The Cyrus deliver program has changed incompatibly, multiple times.
>>#
>>#old-cyrus unix  -       n       n       -       -       pipe
>>#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
>># Cyrus 2.1.5 (Amos Gouaux)
>>#cyrus     unix  -       n       n       -       -       pipe
>>#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension}
>>${user}
>>uucp      unix  -       n       n       -       -       pipe
>>  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>($recipient)
>>ifmail    unix  -       n       n       -       -       pipe
>>  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>>bsmtp     unix  -       n       n       -       -       pipe
>>  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>$recipient
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEepp858f/63U87UsRAkUPAJ0Q8BkjzYd4y8LXpjBFkiOeWhs3/QCfRcbU
nSNgHyacSngu/BDKAGpiDS0=
=sKhJ
-----END PGP SIGNATURE-----

Mehr Informationen über die Mailingliste Postfixbuch-users